last executing test programs:

9m35.074947519s ago: executing program 1 (id=222):
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x2, 0x0, @empty}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000240)="c4", 0x1, 0x20000845, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$BLKPG(r2, 0x1269, &(0x7f0000000000)={0x2, 0x0, 0x98, &(0x7f0000000400)={0x3b, 0x4, 0x10}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd9000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9m34.708643345s ago: executing program 1 (id=227):
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
fcntl$setstatus(r1, 0x4, 0x42000)
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000340)=""/127, 0x7f}], 0x1)

9m31.885416151s ago: executing program 1 (id=239):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff6e, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r1], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, r3, 0x1, 0x7}, 0x14)

9m31.700433528s ago: executing program 1 (id=240):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00444, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbbb, &(0x7f0000001800)="$eJzs3M9rHOUbAPBnJpvf+TbpF1FbBANSFcVt2pQKPbWeRQU9eGxMNiVk+8Mkggk9pPWuHkQ8FKR/guDdXjwJHupB619QxCJFL20PK7M/0jWb3cR0s2PTzwfezPvOO9nneTLZzDuwkwCeWJPZlzTiUEScTSLG6/vTiBio9oYi1mvH3b97eTZrSVQq7/6RRBIR9+5enm28VlLfjtYHQxFx840k/v9Ja9zl1bXFmXK5tFQfH105f+no8uraawvnZ86VzpUunJh+/cT0yenpLtZ6+9IHXz3301svXr3+6dTbXx74IYnTMVafa66jWyZjcuNn0qwQETPdDpaTvno9zXUmhRwTAgCgo7RpDfd0jEdfPFy8jcf3P+eaHAAAANAVlb6ICgAAALDPJe7/AQAAYJ9rfA7g3t3Ls42W7ycSeuvOmYiYqNXfeL65NlOI9ep2KPojYuTPJJofa01q3/bIJrNI3/5Yylps9xzycBcCbrJ+JSKe3er8J9X6J6pPcbfWn0bEVBfiT24a9/r371HqP92F+HnXD8CT6caZ2oWs9fqX1tY/g7XR5utfYYtr127kff1rrP/ut6z/0o31X1+b9d87O4xx+MErN9vNNa//3v/s17ksfrZ9pKL+hTtXIg4Xtqo/2ag/aVP/2R3GGJ29fa3dXFZ/Vm+j9br+yvWII9XVXGv9DUmn/090dH6hXJqqfd3i9VdPdo7ffP6zlsVv3Av0Qnb+R2J35//SDmNMPPP7oXZz29ef/jaQvFftDdT3fDyzsrJ0LGIgebN1//HOuTSOabxGVv/LL3R+/29Vf/Y3Yb3+c8h+e67Ut9n46qaYo0eOf7P7+vdWVv/cLs//5zuM8fV31z7ctGvjzZV3/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HtKIGIskLW7007RYjBiNiKdiJC1fXF55df7iRxfmsrmIiehP5xfKpamIGK+Nk2x8rNp/OD6+aTwdEQcj4ovx4eq4OHuxPJd38QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwYjYixSNJiRKQR8dd4mhaLeWcFAAAAdN1E3gkAAAAAe879PwAAAOx/Lff/hX+MhnqZCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPvSwedv3EoiYv3UcLVlBupz/blmBuy1dGeHjex1HkDv9eWdAJCbQlO/UqlUckwF6DH3+ECyzfxQ25nBrucCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/XS4du3EoiYv3UcLVlBupz/blmBuy1NO8EgNz0dZpMtt0BPMYKeScA5MY9PlBb2T+o1LTOD7X9zsGH3fXdRQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg8TFWbUlajIi02k/TYjHifxExEf3J/ELEVEQciIhfxvsH5xfKpWN5Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDXLa+uLc6Uy6UlHR2dLnaGo2exhutv5jbHDLaf6tDJ+Q8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5WF5dW5wpl0tLy3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORteXVtcaZcLi3tYSfvGgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyM/fAQAA///+hAlq")
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000380)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x1, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a409080000d1ce5d29c2ee0000070000000fc6ea110ff4118039c2eb4b87c660d577df701905b9aafab4afaaf755e376a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f78359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000004900)='./file1\x00', 0x4042, 0xf8)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)

9m30.3364879s ago: executing program 1 (id=250):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x5599, &(0x7f0000005680)="$eJzs3X1oVecdB/BzTaKhFpPV1alY6RSqdGVTW5DNUeNLZjvfkhq0NTXGaWudrViZW9qJCwliOi2NSh2jrjhkRVtWApO+iFPXoUM2psikszLnim44ahZ1gh2Tjdx7n+u955rk1nVNXz6fknvuc3/nec5zD+eP+731OTcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAKIoSm289OevImvqxM8fNeeA/j7y669ljk5aNPnL25/N3TCuqWv1U3fSGlrq5UzqaKxfPP3p1/aEoSqT6pfsvnHzfA4/OWTizNAxYX53alpd3ecjk4+lUo2/Oi539cv8WRVFUEhugKL2tLMpqJ+IHiFblD9it6k1X3lxWM/XtxssXJg6vHbU3/63TqbS3J9Bb0tfVmWvXUkXysU9sj0w769JL5Fyiqf7xC+4jeRMAwAcypiq5yXwcTX/EzbQb4/VYuyLWbo21wyeE1uzGjUiN27ered4er/fSPCtSUaFfl/OM1dPnP9OuivePtWNR4wPMM3fXdKQp7WqeK2P13ponAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMfJu5PmXZgy/cXLfSfV7hiy4a+z+mxcv+9UbfVLd+2sPrHujf61ddMbWurmTulorlw8/+jV9YeiqDzZL5Hqnnhj08Kn+tbNfHDzQ2srZ0w49FpRetywLc7aOfpjePLVsij6VlblTBj23IAoqsotJJvRj/MLy5JP7g8FAAAAPk2GJB/7ZNqpOFiS004k02Qi+V+QCovVm668uaxm6tuNly9MHF47au+Nj1fVxXgV1x0v0y6/9pfICsYh/sbHu1YPu67KG6d78RHjef7YtHdmnBlRf27rlfNNTWsv7h534K73tkw93/zNd/av6Hf/cyPy8n959/k/nDn5HwAAgP+F/B8fp3s95f+3ZlfOaPvDvT/6/biv/31o9cZ3m/YmVg09vmLkd+ZNPPXa869fzcv/t+ccMi//hxmH/N8nurH8DwAAAB9n/+/8X5E3Tvd6yv/PHDwxdM+ogzWN0furyv6VOLhk36nnvtZ8ec29216oPDvrsf55+X9MYfm/OHva4cXfhQkvL4uiMYWfVAAAACBH+P/u175aCHk99c1BPK+/PP7FnRdLZxYvKf7yrl3bnl5TevcdA5fWLn5l9EtDnjg8/9nVefm/orD8X/LRvF0AAACgAIs23L100D/mjd+2pH32rVePVg66Z/vRO25un7G6Zv2kFbec/kpe/q8qLP/36523AwAAAFzHsfmPLFrxt9071v16xOQxpe9PGTn7e3WX9hwe++9RNR0vjP/GW3n5v76w/H9Tepte+ZDqdCj8K4QtZVFU2vlkZarwm6h1YqYAAAAAfEhCTm/44eylDZuf2fbPizV3vtJ8y8utf374C+V3bpz2s+9vOT63adO+vPy/svv7/4c7HYT1/zn3/8tb/59VSN31b4IbAwAAAPBZlL+eP9weP/XLBV39/n6h6/8fe3r4o1u/+5Olv7itfHfitpNPfumJ5ocrfzpwYHvL6JHNRYNL8vJ/Y2H5vyh7+2H+/h8AAADcgE/a7/89lDdO93q6//+0BesOL2gf+/kDLe3Pjxn02znFDy7Y+af2m/c/Oax9/7nzLcPy8n9rYfk/bPtnv70D4fw0l0XR4M4n6bsJ7grTXR4rtJVkFVInPtZjTuiRLrT1yyokrYz1GFcWRV/sfNIYK3wuFFpjhY4B6cL2WOFIKKSvh0zh1VjhQLjStg5ITzdeeD0U0gss2sIKiv6ZJRGxHpe66tFZuG6Pk5mDAwAAfKaE8JzOsiW5zSgeZdsSPe1wU0879Olph6KediiO7RDfsavXo/rcQnj9L6dXv/f48l/WTmi4Z+7kPcOOP37f2bE/+PbaX83uv6XxxKUpTXn5f3th+T+cir6pTVfr/6Ow/j/9u4aZ9f/1oVAeK7SFQlX8jgFV4RipsLshHKO8Kt2jY3CmAAAAAJ9q4XuBol6eBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBf9u49Sq6qThTw7nd30uk0OI6AykSdJEZMdydBlICLPERUjHQYZFTGPEg65NEkIQ8kwYWBsBwUdQLBxDvDXQS4WYCixDgEERgSlcC9RHnNMAzyFLiBUSFc3nCZ3NV9aleqzulKV0wa0tzv+6NrV/3289Sja59zah8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj/w+BDv7LgilOeuWnkC3936imNC59+bsxlB3/kiPqb5h48/PUtd8+6fcrxZ10w5eSJO1YeO+Mrd7/591tDaO8uV5EUr/j5RVOX1U6Z9KWLv3zOsZ8/auum2ly9uXgY2PWnMnfn/Njqk4NCuKEihOp0YGRjEqjJ3W+M9b2vMYQDwq5AvkTHgKREuuFwW0MI68KuQL6qGxtCaCwInHTvL2/9blfikoYQhoYQ6tJtPFyXtNGQDgyrTQID0oEF1UnglZ2JfODnlUkA9lp8M+Rf9BvaizM091yuxOuvZp917O2VHl5VTDSXzven8X3cqQK16Qfa9+ppy1RHn8i8PTZ7t/WDd1tmO6/ytBV+kcp9Q9m5K1QXKmd2zJq+tHNJfKQytLRUlaqpj57nh5//+ow9Sfeb12HsQPM+eR1W7dh+59mNn7pu9aD1r64ce+WWve3mQwWbtDDd1+pC7jXXb57HaJzPk37w9st8SxriS1cI4V9vqNv26hcuf/nTa7ZcPem8v13zzIjTW9veuO+F6yctWLXg+v/+i8z8v3n38//4co63lUW5Y6tvNCVz8/hIY0w815TMzQEAAKDf6A97Tac+NOvF4b/5xD9PvvHR7YOO/5tFqw/+de2Wdz34VOX4Z285ecT81zLz/yHlHf+Ph/wbC0e7OYRx3YmVg0M4qPvxJHBN7M6pg0P4QHeqvTgwPhXYHMLB3YkR+apSJepjiSGpwPamXGBcKrA1BtpTgfUxsCoVOD8GNqQCM2JgcyowIQbCnOJxfKQpN46yAw0xMC3ZiBviWQgvNMXWUtvqd/mqAAAA9pHc7LCm+G7BuQ57myFOLzc09JYhnoFdMkNdqob0DDY/rSpZQ3VvNVT2VkN+3Ct2P/xMzRW91Zw5DaOiOMPSb/7h/rFfXDW3euj22sNemnfczN8d8/41O1s++uPanT8cd9fahsz8v2338/+6HjpSkTn+H8Lk7r8xd2Uu0pmPT2svygAAAADshdETP/ZPl733l9fdcuLnfzv4jiOv2PjDqbVjv/XK0nt+uGLCudt+dEFm/j+uvPP/4z6RqoLMYVvcDTFvcAhtxYGk2qOygeSo98BcAAAAAPqD/PH4/LHwObnb5BTt9Hw6m799D/PHA//jesw//pC/fmzDf8z99k8nTjli7TmPzd9+1+EfrWn7m+cf/tIF86Z947JvZub/7eWd/z+g+DbpxNbYi9WDQ6gvCNwee9kV6DYkBh47pjiQG//WuAEujFXlTkzIV3VhLDEtBtpSgXWlStydL3FQcSD3ZOUbX5kfx5xciYIAAAAAvOXi7oB4XD6e/3/fgg/PPmpb3aG3rKr46V/uuKZz4vVtNc+M/VXT61/4whNff63xzMz8f9qenf/fPQ/OnN7fOTCE1uoQqtI/DNg2IFkYMAYaK3KJWwYkdVWlqzp3QAhHdw0sXdXjufX/q9NrDN7bkFQVAwd98Ornh3UlrmwIobUwcP8pl3+sK7EkFcg3/sWGEP6qa7Tpxq+vTxqvSTe+tj6EQwsC+apOrQ+hq7HadFW/rMtdxyBd1XV1IbyrIJCv6oi6EJYFAPqp+K90ZuGDi5ctnze9s7NjUR8m4j78hjBrTmdHy4wFnTPrSvRpZqrPRcsYnZsdU8nlkFLiEkWr7lk7tJx0/neCbYV9ye3Hz5w4mLsfvwvVdI9zdE3R3THpIX/4Q9kmQsE3qbdryAMKK9n1JGbqj/lrw8BQv3Rxx6KWs6YvWbJoVPK33Oyjk79xUMm2GpXeVgN66tt+8PIYXlhJ65LTF7YuXrZ85JzTp5/WcVrH/NFtYw5vO3LMqCM+3to1qrbkby9DHd5T1amh7rz8rR/qIdUFlbwVnxoSEhL9LfE/zjj95DuOnPOpE+5d+oGj1oybcPaNh89qXXPb9ZPWT3ts8I9GXZKZ/y/c/fw/furET/7c+gyljv83x8P8yeO7DvNPi4F15R7/by51ND9/YsCQVGBFDKxwmB8AAIB3hrg7Mu52jHutH6q74qrDL3329C2jJn7tzOaRv57wwXEHfvqML99x3H/+3/d/7xN//N+Z+f+K8n7/v4/W/88vXf+5Usv8j4gl2kqt/59e5j+//v+KUuv/p5f5z6//v+5tWP9/aT6Q2iQvWP8fAAB4J3jr1v/vdXn/9AUCMhl6Xd4/fYGATIZel/Ev9wIBe7z+/5PHXPv0B97/TPvPrr/j8ekXn3HOx9fUD9uxrL7l9m//+y9u/MqpgzLz/1Xlzf8t3A8AAAD7j2uPffLfjr3q+7ec3Pjsj2sWzT7/5vNuahz2WsWsjfMnDJh8zez/ysz/15U3/3/r1/8Lpc7/H1Iq0F5qYUDr/wEAANBPlVr/b/tP6i+9sHHHuk0bXv/ske9+/Tt3fOdrry34wQ8+89H3zV48adyEmzPz/w3lzf/jaReVRbljb95oSta0C+k17Z5ryv9kAAAAAPqHytDSUlNm3qKVUcf/+W3GpUB3ly504nE//WT70HffPufaKa3/cN99Ha2H3NnUsH7+zi+d8PTyp05YeWVm/r+5vPl/0e8yqnZsv/Psxk9d98bqQetfXTn2yi27jv8DAAAAfafc/RIAAAAAAAAAAAAAAMDb770Lxoy/t+Xxd1+0evn5zdddcfmbm1q3fPUfL6na/uHZf7hg7uiGzO//w+TucqV+/x+v+xd/X/AXRbljq72v/5e7f9LxP1nWvWThtqYQPlQYmHfevANC7tr8wwsDt351xHu6EuelS9z8yISnuhJT04HPjDzw5a7E0anAtLhI4sHpQLyq4suDUoG4vOJ96UDcHhvSgdpc4FuDknFUpLfVM43JtqpIb6sHG0MYXBDIb6sbGpM2KtIDvCQVyA/wjHQgDvALuUBlulc/GZj0KgYaY9HLBia9AgBgvxW/BdaEWXM6O9riV/h4e0h18W1UtGTZudlqq8psPi5NtuqetUPLSVelv4vuutZ4TajrGsKozNfVwiwV3aPcN7X0sun+osSQe1vtra82XW3pETUkI2qZsaBzZk2vAx/Te5bR1b1mGZWZ7BRmqezepGXUUkZfyhhRmdumjC7H+5WhpaUqlWtsDDaHIr29Isr9vX5Pa/6VekV0+cSXb/rD41ubPn3Ye9pPO/+eyvff+6sDr3jxQ688dN1hm/7bR9b++urM/L+5vPl/XeG4Xs5dDGBFvLLeUYNDmFbmiAAAAOCdb/b8Ry6+4FcXbX+sfdhTC1ovuvWBZT9YXt10zfnHPnjzmS+d8r2pexu/9skTfvvAb3+0cdj4WxaOGfDEWVdedtw9d92xetvxb95w2P8ZOePRzPx/SHnz/7hjLHcoONnbsTle/3/l4BC6L63fnASuicM9dXAIH+hOtccSyQX1PxdLtCWBa+IOkxGxxLT24qrqY2BDKrC9KRfYnApsjYHcXoqrQ25XzkVNIXysOzW5uMTCWKI5FTghBoakAi0x0JYKDIqBcanAHwflAu2pwJ0xEOYUb6ufDcptKwAAgD2Rm2fVFN8N6XnehureMlT0lmFAbxkqe8tQ11uGUqOI9zfGDDWFx+NzGeJDNelaG1K1ZDLEi+Hvcb8yGcLdxTnTBTNN588kaS7OGTN8+x8f/OT0lx6+YemP3hh+4rmf/PH3tm16be4Tp40cPO3VsfNGfPuPmfl/W3nz/wHFt0nrW+P8f9f1/5LA7bF7q+Op40Ni4LFjigO5HQNb42T3wnxV7bkSuUn7hbHEuBgYkgosjIFxqcC0ybnAuvcUB3Iz7XzjK/ONz8mVKAgAAADAWy7uIIi7aeL8/9K/mz353O+0dqyc9dWnps0Y+ukDL33fpcfcNOk3c9cedOCpd14zLzP/H1fe/D+2N7CwsfNjb54cFMINFbt6kw+MbEwCcT9GY/x5/PsaQzigYAdHvkTHgKREbarhcFtD8gv12nRVNzYkawzE+yfd+8tbv9uVuKQhhKEFe1/ybTxcl7TRkA4Mq00CA9KBBdVJIO75yQd+XpkEYK/l9wrGF1TuVJe85p7LlXj9vVOuCZoeXmYfaA/5evrNVV+pSz+Q26eat2dPW6Y6+kTm7bHZu60/vtuavdsKv0jlvqHs3BWqC5UzO2ZNX9q5JD5S+EvWjD56nnv6Jevu0vvgdbjiz+9t7+rSHWhLfXy09Vyu59dhRayuasf2O89u/NR1qwetf3Xl2Cu3lN2NEuIm/cuvjR/2UMHm7Wt1Ifea63efJ+0+T/rjv4EhnrYQwqbnvlF/5okn/tsB/7Rw0/cf/a/mV7/1zTs2blzW1HJz1ZpJF3722sz8v728+X916rbba3FjLh4cwocLNu62uPknDk4+BwsCyafku7KB5JD7E00lPzkBAABgX8vv7sjvL5iTu01OCE/Pk7P52/cwf9xfMa7H/OX2+4TP3/0vf7vid6u/uGX9AxW/+f3GK04YM3XhYwvvu3jiP/+v31/16I2Z+f+03c//61PddPzf8X/6iOP/Pdrfd0XXpx9YsVe7ojPV0Scc/+/R/v5uc/y/R47/O/7fE8f/e+H4f4/296ct8y1poS9dIYSnn/2XC//hgmUnPfTqu4+4+IE/PTjx7IobOv9j+kPPdLzx0Vdm3XpoZv6/sLz5v/X/el60L7/+37RS6/8tLLX+3wrr/wEAAH2qxEJz6XleZvW+TIb06n2ZDL0uENjrEoPW/9vj9f82nFz9+1/P/ffvf+6+pw+vnHr/f46eP++m4UcdM+KqNU+t+NcX2lsy8/8V5c3/48thYGHr/WX9vyGTS1S1KgYWWhgQAACA/VGpHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8vcaceedL33lh+2G3Lrlt5cnj/3r1qV//7NEH/+zKnZ/YHL7x4vKX7ply/FkXTDl54o6Vx874yt1v/v3WEOZ0l6tIilf8/KKpy2qnTPrSxV8+59jPH7V1U12u3prc7XuLcsdW32gKYV3BI40x8VxT151dgZOO/8my6q7EtqYQPlQYmHfevAO6EuubQhheGLj1qyPe05U4L13i5kcmPNWVmJoOfGbkgS93JY7OBSrS3b10UNLdinR3vzsohMEFgXx35w4qrirfxnG5QGW6jasakzZioDEW/UFj0kYMdMYSc+pDaK0OoSpd1f+sS6qqSlf1i7qkqqp0VefUhXB0CKE6XdUjtUlV1emR31WbVBUDB33w6ueHdSXW1YbQWhi4/5TLP9aVOCMVyDd+Ym0If9X1kkk3vrEmabwm3fglNSEcGkKoTZd4sTopUZsu8Xh1CO8qCOQbn10dwrLAO0L88JlZ+ODiZcvnTe/s7FjUh4naXFsNYdaczo6WGQs6Z9al+lRKRUF657nZeGWZY3/4+a/P6Lpddc/aoeWkq3Plarq7PLqm6O6YfdX7ij7qfezXgMJKdj0fmfpj/towMNQvXdyxqOWs6UuWLBqV/C03++jkb1UummyrUftqW5Xrz91WwwsraV1y+sLWxcuWj5xz+vTTOk7rmD+6bczhbUeOGXXEx1u7RtWW/N0XQ708G6/q46EeUl1QyVvxASAhIdHfEpVFn25t+/u/7MwX/V0drQl13R/QmWlFYZaK7lHui0GP3318Xw46MyXJjGhUZuKQyTK69yxjMpOJXVkakizd3+syk8PCmiq7N2m8XxlaWkr+p2suvlu4+f7Uw+YtV9x05aYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuBQAAP//CAsM0g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x6440, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./bus\x00', 0x12000, 0x0, 0x0, 0x0, 0x0)
capset(0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

9m29.748642407s ago: executing program 1 (id=255):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100bd0300000800034000000001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

9m29.345934096s ago: executing program 32 (id=255):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100bd0300000800034000000001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

9m8.415110082s ago: executing program 3 (id=357):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff9})
close(0x3)

9m8.00663571s ago: executing program 3 (id=361):
unshare(0x22020600)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x200000000000000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x3, 0x4, 0x2}, 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018010000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

9m7.643647137s ago: executing program 3 (id=363):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(0x3)
r1 = userfaultfd(0x80801)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00')
r2 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)={0x80002002})

9m6.57647421s ago: executing program 3 (id=371):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000380)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x2, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000048000), 0x24ffffff)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a409080000d1ce5d29c2ee0000070000000fc6ea110ff4118039c2eb4b87c660d577df701905b9aafab4afaaf755e376a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f78359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0)

9m5.273333992s ago: executing program 3 (id=377):
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x0, r0}, 0x50)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000015c0)=@base={0x1, 0xb, 0xbe, 0x1, 0x0, 0x1}, 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r1], 0x24}}, 0x0)

9m3.552819401s ago: executing program 3 (id=384):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xca7, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r5, {0x4, 0x5}, {}, {0x1}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xfff3, 0x6}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040001}, 0x0)

9m3.20359846s ago: executing program 33 (id=384):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xca7, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r5, {0x4, 0x5}, {}, {0x1}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xfff3, 0x6}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040001}, 0x0)

8m9.819798905s ago: executing program 6 (id=700):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, 0x0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @timestamp_reply={0xe, 0x0, 0x0, 0x2, 0xf, 0x5, 0x2, 0x16}}}}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe0000000000000008000f00fd000000", 0x24)

8m8.153578884s ago: executing program 6 (id=709):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000005c0)={r1, 0x0}, 0x20)

8m7.432436697s ago: executing program 6 (id=716):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000f00)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff1, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_u32={{0x8}, {0x30, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0xfff2}}, @TCA_U32_SEL={0x24, 0x5, {0xa, 0x8, 0x1, 0x8, 0x12, 0x1, 0x4, 0x8369, [{0x9, 0x400, 0x6, 0xec6}]}}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8849}, 0x20004804)

8m7.207575728s ago: executing program 6 (id=719):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x4, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x219d88b, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000080)='./file0/file0\x00', 0x1)

8m6.944755112s ago: executing program 6 (id=722):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x2)
dup3(r0, r4, 0x80000)

8m6.430702822s ago: executing program 6 (id=729):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)

8m6.030408742s ago: executing program 34 (id=729):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)

7m40.276791744s ago: executing program 5 (id=957):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './file1'}, 0xb)
mount_setattr(0xffffffffffffffff, 0x0, 0x9800, &(0x7f0000000040)={0x0, 0x0, 0x120000}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0x600, 0x50bd2a, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x40e1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
epoll_pwait2(r0, &(0x7f0000000180)=[{}, {}], 0x2, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000200)={[0x401]}, 0x8)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000130001002dbd7000fbdbdf2500000000", @ANYRES32=r2, @ANYBLOB="8c280000288000000c001a8008000280040001ee140003006970"], 0x40}, 0x1, 0x0, 0x0, 0x4090}, 0x10)

7m39.542522755s ago: executing program 5 (id=962):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x11d04b8, 0x0, 0x85, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chdir(&(0x7f0000000240)='./file0\x00')
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)

7m39.253483524s ago: executing program 5 (id=966):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000340)=0x1022038, 0x4)

7m38.758921948s ago: executing program 5 (id=971):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0}, 0x64)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x5, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

7m37.728633838s ago: executing program 5 (id=979):
mkdir(&(0x7f0000000380)='./file1\x00', 0xa)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x28800, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0xb8, r0}, './file0\x00'})

7m37.444568108s ago: executing program 5 (id=982):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x30000d0, 0x0, 0x2, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x0, 0x1d2, &(0x7f0000000a80)="$eJzsmD/r00AYx793yS/9gwguDjooWLBCmyapiotDfQVC67/NYmOppq20GdqCQ3Fx8WX4Fhw6Obi5ueqgguBgRyeHk0uuydl/UiQo/p4P9PK93HOX53kavkNAEMSx5fOn7x9f3LjWqgA4gRJy6v5XI43hWvyHvBLvX74ZnHy6WD+PHfh8E8DrhoFQzYUQQl8vqWsLPNG3wHFJ6TtgsJW+D47bSvtguBfLs49SjWFBicC3HwyDzsNe4DtycOXgyaG+nt9yztABIEsXxq/5j6ezx+0g8Efr4kisnrOxdKj4Tf/MZYPjutY/+X/dff5sLuer3jha/9xCur8OhmYyz8G27bQlWv1nzPR8Y1f9+IMisxCnqvtiKvu3//g7OVuqsf9KD/9DwbQ7BSmkaSV3Ti8Xbzd3fckysfPZlgzl2RtL74oZvqupf0p7uaj5kwkz8Y9a2H9SG09n1V6/3fW7/sDz6ledy45zxatFRhSPe/wvH/lTUTv/aEesxSxM2mE4cidAOHItC/Hci0fNcZuvht+iPTzyP47yhfgM+apYsVVuhakfj65SlY2dyRMEQRAEQRAEQRAEQRAEQRzEObDoK6gQgqkPotvwbkbRPwMAAP//gvlcPw==")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x40, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000100), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f00000004c0)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

7m22.337207943s ago: executing program 35 (id=982):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x30000d0, 0x0, 0x2, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x0, 0x1d2, &(0x7f0000000a80)="$eJzsmD/r00AYx793yS/9gwguDjooWLBCmyapiotDfQVC67/NYmOppq20GdqCQ3Fx8WX4Fhw6Obi5ueqgguBgRyeHk0uuydl/UiQo/p4P9PK93HOX53kavkNAEMSx5fOn7x9f3LjWqgA4gRJy6v5XI43hWvyHvBLvX74ZnHy6WD+PHfh8E8DrhoFQzYUQQl8vqWsLPNG3wHFJ6TtgsJW+D47bSvtguBfLs49SjWFBicC3HwyDzsNe4DtycOXgyaG+nt9yztABIEsXxq/5j6ezx+0g8Efr4kisnrOxdKj4Tf/MZYPjutY/+X/dff5sLuer3jha/9xCur8OhmYyz8G27bQlWv1nzPR8Y1f9+IMisxCnqvtiKvu3//g7OVuqsf9KD/9DwbQ7BSmkaSV3Ti8Xbzd3fckysfPZlgzl2RtL74oZvqupf0p7uaj5kwkz8Y9a2H9SG09n1V6/3fW7/sDz6ledy45zxatFRhSPe/wvH/lTUTv/aEesxSxM2mE4cidAOHItC/Hci0fNcZuvht+iPTzyP47yhfgM+apYsVVuhakfj65SlY2dyRMEQRAEQRAEQRAEQRAEQRzEObDoK6gQgqkPotvwbkbRPwMAAP//gvlcPw==")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x40, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000100), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f00000004c0)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

34.710690095s ago: executing program 7 (id=3053):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001})
epoll_pwait(r4, &(0x7f0000000400)=[{}], 0x1, 0x80, 0x0, 0x0)

32.008933932s ago: executing program 7 (id=3057):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0xf5ff, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a24000000020a01080000000000000000050000060800024000000003080002400000000014000000110001"], 0x4c}}, 0xc050)

29.03815943s ago: executing program 7 (id=3067):
r0 = inotify_init()
r1 = dup(0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x3}], 0x1c)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
setsockopt$sock_int(r3, 0x1, 0x8, 0x0, 0x0)
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x1b}, 0x9c)
close_range(r0, 0xffffffffffffffff, 0x0)

19.029685113s ago: executing program 0 (id=3086):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='\\', 0x1}], 0x1)
shutdown(r0, 0x1)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x2000000, &(0x7f00000002c0)=ANY=[@ANYBLOB="757466383d000000000000000000c49190277095cd6b810f50ff3f40e803787cc14be8ab54c4c53186d77b465e627296ac3faf9cfaf70719b9bffbc384e181de30c9fec1fec5f25cda8b20f835dd592f98ed6d176563e1df5138a7661b7905977915f916d25e4c9ecf35a889adf3e1cd26018f9904821ed23af6d299c92ba2123d8f250c6c8a08b4f0dfa8c17506793c013b99e4982da3981643b0a88d3b4444c91a082bd9979c9be044cd3fd035bf62d19ed3753a43c13e74892ad359a3c99c45622adbc7ca2a566226e5f5d60c91a0f9f7", @ANYRESHEX=0xee01, @ANYBLOB=',errors=continue,zero_size_dir,umask=00000000000000000000002,errors=remount-ro,dmask=00000000000000000000003,iocharset=iso8859-15,gid=', @ANYRESHEX=0xee00, @ANYBLOB=',\x00'], 0x1, 0x152b, &(0x7f0000001240)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r1, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x9, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0x0, 0x0, 0x0)

17.483797381s ago: executing program 0 (id=3091):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c40a, &(0x7f00000003c0)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c757466383d302c696f636861727365743d63703836362c726f6469722c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c636f6465706167653d3835322c756e695f786c6174653d312c726f6469722c756e695f786c6174653d302c726f6469722c696f636861727365743d6b6f69382d722c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c636865636b3d7374726963742c007dda7c45d5aad78cccfdc2ffc29d6a3b6e1b129f9d0266d865d85fd2bfa2ccc210c0dcd127a25f0d6c6d96a9a07afc56b8e1aba9cc2ada1d083e28a51159b7c76a012ba863bd2b72ca09635af17887064bb040ed8e5244d0f8d2cf2a0964bc96503d78291d"], 0x6, 0x2d5, &(0x7f0000000680)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x3ea, 0xffffffff, 0x40})
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x2000000)
mount(0x0, &(0x7f0000000140)='.\x00', 0x0, 0xc01a2, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, 0x0)

16.201871657s ago: executing program 0 (id=3094):
socket(0x10, 0x803, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = creat(&(0x7f0000000140)='./file0\x00', 0x18a)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r2, @ANYRES64=r0], 0x0)

14.783036088s ago: executing program 7 (id=3100):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x2b, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0)

14.544544434s ago: executing program 0 (id=3102):
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000140)=0x4000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x31c000, 0x1000, 0x101, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000340)=0x10, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r2, 0x0, r3}, 0x60)

11.440388168s ago: executing program 0 (id=3108):
socket$inet_tcp(0x2, 0x1, 0x0)
fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x1, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x19, 0x4, 0x4, 0x5}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000380), &(0x7f0000000580)=r3}, 0x20)
syz_emit_ethernet(0x2e, &(0x7f0000000380)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x40, 0x100, @void}}}}}}}, 0x0)

10.831063206s ago: executing program 2 (id=3109):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, 'X.'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c0001800600010000"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000854}, 0x40)

10.217684624s ago: executing program 7 (id=3110):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c40a, &(0x7f00000003c0)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c757466383d302c696f636861727365743d63703836362c726f6469722c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c636f6465706167653d3835322c756e695f786c6174653d312c726f6469722c756e695f786c6174653d302c726f6469722c696f636861727365743d6b6f69382d722c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c636865636b3d7374726963742c007dda7c45d5aad78cccfdc2ffc29d6a3b6e1b129f9d0266d865d85fd2bfa2ccc210c0dcd127a25f0d6c6d96a9a07afc56b8e1aba9cc2ada1d083e28a51159b7c76a012ba863bd2b72ca09635af17887064bb040ed8e5244d0f8d2cf2a0964bc96503d78291d"], 0x6, 0x2d5, &(0x7f0000000680)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x3ea, 0xffffffff, 0x40})
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x2000000)
mount(0x0, &(0x7f0000000140)='.\x00', 0x0, 0xc01a2, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, 0x0)

8.744677356s ago: executing program 4 (id=3112):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x0, 0x0, 0x0)

7.662521458s ago: executing program 4 (id=3113):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x16, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560702000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c0000000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x25, '\x00', 0x0, @fallback=0x1e}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, 0x3b)

7.570227521s ago: executing program 8 (id=3114):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x24, 0x0, &(0x7f0000000000)=0x5a96966c)

6.609154866s ago: executing program 0 (id=3115):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
setresuid(0x0, 0x0, 0xffffffffffffffff)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = timerfd_create(0x7, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
readv(r2, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/52, 0x34}], 0x1)

6.608508006s ago: executing program 2 (id=3116):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x3, 0x300, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x0, 0x130, 0x190, 0xffffffc5, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "bdc74c01369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa6ecab6b1d2cc05e3182f64694d7d05fb8b8c8f56627a54f905d564eeeb8334f650ca0f3c44f7fda4d20a55050342ea85ecc8838e7088de33582f36a0a375bb7008adc297a5ece1bb2df53d17bef26bb6f800", 0x7f, 0x2}}]}, @common=@SET={0x60}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x98, 0xd8, 0x0, {}, [@common=@inet=@set1={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x360)

6.557616687s ago: executing program 4 (id=3117):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000280))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x802, 0x0)
r4 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000440)={0xc, 0x0, &(0x7f0000000600)=[@free_buffer={0x40086303, r4}], 0x0, 0x0, 0x0})

6.344433717s ago: executing program 4 (id=3118):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
socket$nl_generic(0x10, 0x3, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x43, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x1, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x6, 0x80, 0x2, 0x7, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x4, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0xa, 0x5, 0x6, 0x0, 0x7, 0x3c5b, 0x1, 0x20, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x6, 0x7, 0x5, 0x8, 0x4c72, 0x10000, 0x7, 0x6, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0xffffffff, 0x7, 0x5, 0x3e, 0x18e, 0x6, 0x6, 0x0, 0x8, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x49, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2c3, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x66abcbd2, 0xea4, 0x5, 0x4, 0x1007, 0x7fff, 0x6, 0x400, 0x401, 0x7, 0x1, 0xff, 0x7, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x301, 0x4, 0xb, 0x4, 0x9, 0x8, 0x40, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x7, 0x4, 0x200009, 0x3, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x0, 0x42, 0x3], [0x7, 0x408, 0x3ff, 0x5, 0xfffffffa, 0x100, 0x4, 0x9, 0x8, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x9, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x838, 0x200, 0x1fd, 0x80, 0x3, 0x4, 0x2950bfb2, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x6, 0xac8, 0x9, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120004, 0x7ff, 0x80000001, 0x80a2ed, 0x4, 0x5], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xfffc, 0xa620, 0x1, 0x5, 0x9, 0x2000002, 0x150, 0x60a7, 0x2, 0x16, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7f, 0x9, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0xfffffffe, 0x62, 0x30b1d693, 0xa1f, 0x0, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x7ff, 0xd7, 0x200, 0xb, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

5.530762529s ago: executing program 8 (id=3119):
ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}}, 0x0)

4.570507094s ago: executing program 2 (id=3120):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000002700), r3)
sendmsg$GTP_CMD_GETPDP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)={0x14, r4, 0x301, 0x70bd25, 0x25dfdbfe, {0x2, 0x0, 0xa6ff}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008040)

4.570129414s ago: executing program 4 (id=3121):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfc409000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000001000500050007000000000008000900030000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)

4.55046196s ago: executing program 8 (id=3122):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setreuid(0xffffffffffffffff, 0xee00)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f0000000500)={0x0, "f1a1173fb9462d3509e67197f90be6e423ceb0ab4912f9f6a31854ec7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

3.212226726s ago: executing program 4 (id=3123):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
process_vm_readv(r3, &(0x7f0000000140)=[{&(0x7f0000000340)=""/214, 0xd6}], 0x1, &(0x7f0000000080)=[{&(0x7f0000000a80)=""/109, 0x6d}], 0x1, 0x0)

3.200981924s ago: executing program 2 (id=3133):
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe3a}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000f5e20085000000820000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1, 0xf, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005080000000000008200000018010000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000048000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3.189394302s ago: executing program 8 (id=3124):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x0, 0x0, 0x0)

2.57658241s ago: executing program 2 (id=3125):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="20000000170a010100"], 0x20}}, 0x4040)

2.089145941s ago: executing program 8 (id=3126):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

770.57347ms ago: executing program 2 (id=3127):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
pipe(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001aa40)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000280)=@ethtool_ringparam={0x33, 0x83, 0x20000a2f, 0x401000, 0xe, 0x3, 0x2000000, 0x1, 0x3000000}})

556.866101ms ago: executing program 8 (id=3128):
setuid(0xee01)
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x1, 0xf, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f00000002c0))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_GETQUOTA(r0, 0xffffffff80000702, 0x0, &(0x7f0000000040))

0s ago: executing program 7 (id=3129):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
init_module(&(0x7f0000001a80)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x81, 0x7, 0x4, 0xffffffff, 0x3, 0x6, 0xe, 0x38c, 0x40, 0x1d3, 0x3, 0x0, 0x38, 0x1, 0xfff8, 0x8, 0x5}, [{0x6474e551, 0x8, 0x0, 0xb, 0x8, 0xffffffffffff0000, 0x9, 0x800000000000}]}, 0x78, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
process_vm_readv(r3, &(0x7f0000000140)=[{&(0x7f0000000340)=""/214, 0xd6}], 0x1, &(0x7f0000000080)=[{&(0x7f0000000a80)=""/109, 0x6d}], 0x1, 0x0)

kernel console output (not intermixed with test programs):

et [1, 0] type 2 family 0 port 6081 - 0
[  175.492577][ T4330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.530045][ T4330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.644568][ T1118] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  175.667188][ T4330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.697160][ T4330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.716306][ T4621] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  177.416346][ T6231] loop5: detected capacity change from 0 to 32768
[  177.469002][ T6231] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.535 (6231)
[  177.539769][ T6231] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.589529][ T6231] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  177.598961][ T6231] BTRFS info (device loop5): setting nodatasum
[  177.619478][ T6231] BTRFS info (device loop5): force zlib compression, level 3
[  177.627034][ T6231] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_LZO (0x8)
[  177.678728][ T6231] BTRFS info (device loop5): use lzo compression, level 0
[  177.739616][ T6231] BTRFS info (device loop5): turning on flush-on-commit
[  177.746732][ T6231] BTRFS info (device loop5): enabling auto defrag
[  177.766748][ T6263] loop0: detected capacity change from 0 to 8
[  177.819532][ T6231] BTRFS info (device loop5): max_inline at 4096
[  177.825880][ T6231] BTRFS info (device loop5): using free space tree
[  177.880231][ T6263] SQUASHFS error: lzo decompression failed, data probably corrupt
[  177.927206][ T6263] SQUASHFS error: Failed to read block 0x91: -5
[  177.939594][ T6263] SQUASHFS error: Unable to read metadata cache entry [8f]
[  177.946954][ T6263] SQUASHFS error: Unable to read inode 0x11f
[  178.273899][ T6231] BTRFS info (device loop5): enabling ssd optimizations
[  179.467981][ T6313] netlink: 16 bytes leftover after parsing attributes in process `syz.0.553'.
[  179.487921][ T5232] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.967542][ T6344] netlink: 'syz.0.561': attribute type 27 has an invalid length.
[  181.017659][ T6344] netlink: 'syz.0.561': attribute type 1 has an invalid length.
[  181.109700][ T6349] netlink: 44 bytes leftover after parsing attributes in process `syz.4.563'.
[  182.064444][ T6363] netlink: 'syz.5.567': attribute type 1 has an invalid length.
[  182.126984][ T6363] 8021q: adding VLAN 0 to HW filter on device bond1
[  182.357980][ T6366] bond1: (slave dummy0): making interface the new active one
[  182.391099][ T6366] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  182.469672][ T6368] netlink: 20 bytes leftover after parsing attributes in process `syz.5.567'.
[  182.611080][ T6368] A link change request failed with some changes committed already. Interface bond1 may have been left with an inconsistent configuration, please check.
[  182.769499][ T1118] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  184.062966][ T3598] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  184.272768][ T3598] usb 1-1: Using ep0 maxpacket: 32
[  184.282279][ T3598] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[  184.335196][ T3598] usb 1-1: config 0 has no interface number 0
[  184.362373][ T3598] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  184.406926][ T3598] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  184.464184][ T3598] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.485584][ T3598] usb 1-1: Product: syz
[  184.496888][ T3598] usb 1-1: Manufacturer: syz
[  184.512741][ T3598] usb 1-1: SerialNumber: syz
[  184.545950][ T3598] usb 1-1: config 0 descriptor??
[  184.568604][ T6415] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  184.815049][ T6415] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  185.097591][ T6428] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  185.131697][ T6428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  185.182389][ T6428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  185.227303][ T6428] device bridge_slave_0 left promiscuous mode
[  185.270157][ T6428] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.330687][ T6428] device bridge_slave_1 left promiscuous mode
[  185.350065][ T6428] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.407772][ T6428] bond0: (slave bond_slave_0): Releasing backup interface
[  185.462626][ T6428] bond0: (slave bond_slave_1): Releasing backup interface
[  185.705516][ T6428] team0: Port device team_slave_0 removed
[  185.768383][ T6428] team0: Port device team_slave_1 removed
[  185.796994][ T6428] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.824728][ T6428] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.851449][ T6428] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.871648][ T6428] batman_adv: batadv0: Removing interface: batadv_slave_1
[  185.986751][ T6430] team0: Mode changed to "loadbalance"
[  186.057896][ T6440] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.087948][ T6440] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.284807][ T6456] loop2: detected capacity change from 0 to 7
[  186.293282][ T5582] Dev loop2: unable to read RDB block 7
[  186.299092][ T5582]  loop2: AHDI p1 p2 p3
[  186.308507][ T5582] loop2: partition table partially beyond EOD, truncated
[  186.323502][ T5582] loop2: p1 start 1818582900 is beyond EOD, truncated
[  186.333771][ T5582] loop2: p3 start 335544320 is beyond EOD, truncated
[  186.347754][ T6456] Dev loop2: unable to read RDB block 7
[  186.357318][ T6456]  loop2: AHDI p1 p2 p3
[  186.370763][ T6456] loop2: partition table partially beyond EOD, truncated
[  186.386403][ T6456] loop2: p1 start 1818582900 is beyond EOD, truncated
[  186.416055][ T6456] loop2: p3 start 335544320 is beyond EOD, truncated
[  186.464430][ T3598] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  186.489270][ T3598] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  186.529323][ T3598] asix: probe of 1-1:0.188 failed with error -71
[  186.569304][ T3598] usb 1-1: USB disconnect, device number 8
[  187.475859][ T6479] cgroup: fork rejected by pids controller in /syz4
[  187.718990][ T4918] kernel write not supported for file /40/attr/exec (pid: 4918 comm: kworker/1:15)
[  188.224637][ T6592] loop5: detected capacity change from 0 to 1024
[  188.350773][ T6600] capability: warning: `syz.2.610' uses 32-bit capabilities (legacy support in use)
[  188.361647][ T6592] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  188.495237][ T6605] loop6: detected capacity change from 0 to 4096
[  188.553956][ T6605] ntfs3: loop6: Different NTFS' sector size (2048) and media sector size (512)
[  188.596022][ T6592] syz.5.608: attempt to access beyond end of device
[  188.596022][ T6592] loop5: rw=2051, sector=232, nr_sectors = 794 limit=1024
[  188.732270][ T6612] netlink: 'syz.2.612': attribute type 1 has an invalid length.
[  188.770201][ T6612] 8021q: adding VLAN 0 to HW filter on device bond2
[  188.918351][ T6612] bond2: (slave syz_tun): making interface the new active one
[  188.939085][ T5232] EXT4-fs (loop5): unmounting filesystem.
[  188.971782][ T6612] bond2: (slave syz_tun): Enslaving as an active interface with an up link
[  189.026192][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  189.108896][ T6612] netlink: 108 bytes leftover after parsing attributes in process `syz.2.612'.
[  189.145302][ T6619] loop5: detected capacity change from 0 to 512
[  189.171405][ T6612] device bond2 entered promiscuous mode
[  189.177041][ T6612] device syz_tun entered promiscuous mode
[  189.201748][ T6619] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  189.361493][ T6619] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  189.372726][ T6619] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  189.706407][ T5232] EXT4-fs (loop5): unmounting filesystem.
[  190.017616][ T6649] netlink: 4 bytes leftover after parsing attributes in process `syz.5.623'.
[  190.038044][ T6649] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  190.047281][ T6649] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  190.056383][ T6649] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  190.065171][ T6649] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  190.076864][ T6649] netlink: 4 bytes leftover after parsing attributes in process `syz.5.623'.
[  190.578839][ T6662] ptrace attach of "./syz-executor exec"[5232] was attempted by ""[6662]
[  191.302861][   T26] audit: type=1326 audit(1773163548.235:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  191.364293][   T26] audit: type=1326 audit(1773163548.235:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  191.476117][   T26] audit: type=1326 audit(1773163548.235:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  191.538666][   T26] audit: type=1326 audit(1773163548.235:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  191.573860][   T26] audit: type=1326 audit(1773163548.235:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  191.607602][ T6674] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  191.643287][   T26] audit: type=1326 audit(1773163548.235:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  191.877248][ T6674] device syzkaller0 entered promiscuous mode
[  191.884108][   T26] audit: type=1326 audit(1773163548.235:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  191.923927][ T6674] tipc: Resetting bearer <eth:syzkaller0>
[  191.947454][   T26] audit: type=1326 audit(1773163548.235:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  192.016511][   T26] audit: type=1326 audit(1773163548.235:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  192.072206][   T26] audit: type=1326 audit(1773163548.235:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  192.118017][ T6669] tipc: Resetting bearer <eth:syzkaller0>
[  194.283142][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.293116][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  196.362704][ T4274] Bluetooth: hci0: command 0x0406 tx timeout
[  196.368001][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[  196.757259][ T6669] tipc: Disabling bearer <eth:syzkaller0>
[  196.768658][ T6714] netlink: 'syz.6.644': attribute type 12 has an invalid length.
[  196.797521][ T6728] netlink: 12 bytes leftover after parsing attributes in process `syz.2.649'.
[  197.337769][ T6750] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  197.396947][ T4505] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  197.589668][ T4505] usb 6-1: Using ep0 maxpacket: 32
[  197.598112][ T4505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.631421][ T4505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.654663][ T4505] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  197.671749][ T4505] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.705426][ T4505] usb 6-1: config 0 descriptor??
[  197.740756][ T4505] hub 6-1:0.0: USB hub found
[  197.906627][ T6767] loop0: detected capacity change from 0 to 1024
[  197.924816][ T4505] hub 6-1:0.0: 1 port detected
[  197.986349][ T6767] EXT4-fs: inline encryption not supported
[  198.105318][ T6767] EXT4-fs: Ignoring removed bh option
[  198.164706][ T6767] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  198.257347][ T6767] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  198.489526][ T6786] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm ext4lazyinit: Invalid block bitmap block 4319936378139826030 in block_group 0
[  198.520112][ T6767] EXT4-fs error (device loop0): ext4_get_group_desc:277: comm syz.0.660: block_group >= groups_count - block_group = 59976627, groups_count = 1
[  198.583788][ T4505] hub 6-1:0.0: activate --> -90
[  198.639656][ T6767] EXT4-fs error (device loop0): __ext4_get_inode_loc_noinmem:4636: inode #1919252079: comm syz.0.660: unable to read itable block
[  198.877345][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  199.599698][ T4505] hub 6-1:0.0: hub_ext_port_status failed (err = -71)
[  199.612134][ T4500] usb 6-1: USB disconnect, device number 2
[  199.625429][ T4505] usb 6-1-port1: config error
[  199.655178][ T6834] device bridge_slave_0 left promiscuous mode
[  199.675935][ T6834] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.690992][ T6834] device bridge_slave_1 left promiscuous mode
[  199.697440][ T6834] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.713079][ T6834] bond0: (slave bond_slave_0): Releasing backup interface
[  199.723238][ T6834] bond0: (slave bond_slave_1): Releasing backup interface
[  199.750893][ T6834] team0: Port device team_slave_0 removed
[  199.766047][ T6834] team0: Port device team_slave_1 removed
[  199.849193][ T6835] team0: Mode changed to "loadbalance"
[  199.942396][ T6838] kvm: pic: level sensitive irq not supported
[  199.943170][ T6838] kvm: pic: single mode not supported
[  199.949970][ T6838] kvm: pic: level sensitive irq not supported
[  199.960249][ T6838] kvm: pic: single mode not supported
[  199.966419][ T6838] kvm: pic: level sensitive irq not supported
[  199.985080][ T6838] kvm: pic: single mode not supported
[  199.991705][ T6838] kvm: pic: level sensitive irq not supported
[  200.003221][ T6838] kvm: pic: level sensitive irq not supported
[  200.012881][ T6838] kvm: pic: single mode not supported
[  200.019037][ T6838] kvm: pic: level sensitive irq not supported
[  200.031829][ T6838] kvm: pic: single mode not supported
[  200.052532][ T6838] kvm: pic: single mode not supported
[  200.058005][ T6838] kvm: pic: level sensitive irq not supported
[  200.073529][ T6838] kvm: pic: single mode not supported
[  200.233156][ T6853] netlink: 8 bytes leftover after parsing attributes in process `syz.5.678'.
[  201.159848][ T4274] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  201.168714][ T4274] Bluetooth: hci3: Injecting HCI hardware error event
[  201.178220][ T4274] Bluetooth: hci3: hardware error 0x00
[  203.321857][ T4274] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  203.649104][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  203.649122][   T26] audit: type=1800 audit(1773163560.575:30): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.681" name="/" dev="fuse" ino=1 res=0 errno=0
[  204.047365][ T6906] netlink: 24 bytes leftover after parsing attributes in process `syz.6.692'.
[  205.051582][ T6908] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.060808][ T6908] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.782067][ T6908] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.823793][ T6908] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  206.129007][ T6908] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.138128][ T6908] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.147382][ T6908] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.156615][ T6908] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.262550][ T6908] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  206.271545][ T6908] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  206.280904][ T6908] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  206.289878][ T6908] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  206.315255][ T6924] device vlan3 entered promiscuous mode
[  206.615799][ T6950] overlayfs: failed to clone lowerpath
[  206.695483][ T6958] loop5: detected capacity change from 0 to 7
[  206.753655][ T6958]  loop5:
[  206.775959][ T6958] loop5: partition table partially beyond EOD, truncated
[  208.784860][ T7029] netlink: 2048 bytes leftover after parsing attributes in process `syz.4.735'.
[  208.810178][ T7030] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in;
[  208.810178][ T7030]    program syz.5.733 not setting count and/or reply_len properly
[  208.841002][ T7029] netlink: 4 bytes leftover after parsing attributes in process `syz.4.735'.
[  209.376361][ T7044] overlayfs: failed to clone upperpath
[  209.559855][   T14] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  209.680952][ T7047] netlink: 'syz.2.740': attribute type 1 has an invalid length.
[  209.689559][ T4281] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  209.712234][ T4281] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  209.722467][   T48] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  209.741232][ T4281] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  209.749783][ T4281] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  209.758561][ T4281] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  209.769666][   T14] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  209.797544][   T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.862573][   T14] usb 1-1: config 0 descriptor??
[  209.901218][   T14] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  209.946970][ T7051] 8021q: adding VLAN 0 to HW filter on device bond4
[  209.997465][ T7051] bond3: (slave bond4): making interface the new active one
[  210.055672][ T7051] bond3: (slave bond4): Enslaving as an active interface with an up link
[  210.133749][ T7054] netlink: 28 bytes leftover after parsing attributes in process `syz.2.740'.
[  210.155370][ T7054] 8021q: adding VLAN 0 to HW filter on device bond3
[  210.560574][ T7067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.743'.
[  210.744777][ T7067] 8021q: adding VLAN 0 to HW filter on device bond5
[  210.860181][ T7073] device macvlan2 entered promiscuous mode
[  210.885387][ T7073] device bond5 entered promiscuous mode
[  210.905187][ T7073] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  210.929657][ T7073] device bond5 left promiscuous mode
[  210.987211][ T7048] chnl_net:caif_netlink_parms(): no params data found
[  211.119753][   T14] usb 1-1: USB disconnect, device number 9
[  211.197195][ T7048] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.205308][ T7048] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.229002][ T7048] device bridge_slave_0 entered promiscuous mode
[  211.285832][ T7048] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.299569][ T7048] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.318306][ T7048] device bridge_slave_1 entered promiscuous mode
[  211.357536][ T7095] netlink: 'syz.2.749': attribute type 10 has an invalid length.
[  211.376494][ T7095] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.384122][ T7095] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.455911][ T7095] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.463200][ T7095] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.472537][ T7095] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.480100][ T7095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.499833][ T7095] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  211.517120][ T7048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.566278][ T7048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.635852][ T7048] team0: Port device team_slave_0 added
[  211.672951][ T7048] team0: Port device team_slave_1 added
[  211.769680][ T7048] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.777079][ T7048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.819662][ T4281] Bluetooth: hci2: command 0x0409 tx timeout
[  211.894940][ T7048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.908807][ T7048] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.916143][ T7048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.943655][ T7048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.052944][ T7048] device hsr_slave_0 entered promiscuous mode
[  212.125576][ T7048] device hsr_slave_1 entered promiscuous mode
[  212.135487][ T7048] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.159471][ T7048] Cannot create hsr debugfs directory
[  212.771980][ T7048] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  212.829612][ T7048] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  212.850619][ T7048] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  212.891790][ T7048] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  212.952900][ T7106] loop0: detected capacity change from 0 to 32768
[  213.073187][ T7106] XFS (loop0): Mounting V5 Filesystem
[  213.235866][ T7048] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.241162][ T7106] XFS (loop0): Ending clean mount
[  213.250969][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  213.285712][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  213.341160][ T7048] 8021q: adding VLAN 0 to HW filter on device team0
[  213.366832][   T26] audit: type=1800 audit(1773163570.295:31): pid=7106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.753" name="file1" dev="loop0" ino=9286 res=0 errno=0
[  213.430918][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  213.448137][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  213.488131][ T4559] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.495447][ T4559] bridge0: port 1(bridge_slave_0) entered forwarding state
[  213.533566][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  213.579833][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  213.599056][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  213.635314][ T4556] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.642554][ T4556] bridge0: port 2(bridge_slave_1) entered forwarding state
[  213.675596][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  213.695271][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  213.728727][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  213.738568][ T7157] overlayfs: failed to clone upperpath
[  213.748846][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  213.768215][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  213.769055][ T7157] overlayfs: failed to clone upperpath
[  213.791913][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  213.828977][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  213.858226][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  213.879568][ T4281] Bluetooth: hci2: command 0x041b tx timeout
[  213.887789][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  213.952347][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  214.000078][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  214.032437][ T7048] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  214.056668][ T4268] XFS (loop0): Unmounting Filesystem
[  214.433776][ T7182] overlayfs: failed to clone upperpath
[  214.609179][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  214.618268][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  214.647326][ T7048] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.553826][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  215.570806][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  215.650570][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  215.659883][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  215.695061][ T7048] device veth0_vlan entered promiscuous mode
[  215.710713][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  215.730167][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  215.766206][ T7048] device veth1_vlan entered promiscuous mode
[  215.872637][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  215.901493][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  215.922023][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  215.946030][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  215.961589][ T4281] Bluetooth: hci2: command 0x040f tx timeout
[  216.071948][ T7048] device veth0_macvtap entered promiscuous mode
[  216.101038][ T7048] device veth1_macvtap entered promiscuous mode
[  216.161251][ T7048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.219663][ T7048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.246183][ T7048] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.300479][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  216.310519][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  216.340475][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  216.370865][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  216.404684][ T7048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.427277][ T7048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.461527][ T7048] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.486797][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  216.512989][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  216.563806][ T7048] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.609499][ T7048] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.618769][ T7048] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.688049][ T7048] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.947509][ T4330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.967260][ T4330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.029149][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  217.141827][ T4559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.172016][ T4559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.196045][ T7254] netlink: 'syz.2.788': attribute type 12 has an invalid length.
[  217.244176][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  217.779626][ T4505] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  217.980560][ T4505] usb 8-1: Using ep0 maxpacket: 16
[  217.997534][ T4505] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  218.040173][ T4281] Bluetooth: hci2: command 0x0419 tx timeout
[  218.046906][ T4505] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  218.077491][ T4505] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  218.110728][ T4505] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  218.132602][ T4505] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.156357][ T4505] usb 8-1: config 0 descriptor??
[  218.517729][ T7295] 9pnet: p9_errstr2errno: server reported unknown error �@c0x0000000000000006
[  218.576621][ T4505] input: HID 05ac:8241 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:05AC:8241.0002/input/input8
[  218.743764][ T4505] appleir 0003:05AC:8241.0002: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.7-1/input0
[  218.877268][ T7310] loop0: detected capacity change from 0 to 64
[  218.920128][ T4505] usb 8-1: USB disconnect, device number 2
[  219.219834][ T7312] fido_id[7312]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  219.646236][ T7333] loop7: detected capacity change from 0 to 128
[  219.735580][ T7333] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  219.762168][ T7333] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  220.038429][ T7048] EXT4-fs (loop7): unmounting filesystem.
[  221.765055][ T7392] tipc: Started in network mode
[  221.815131][ T7392] tipc: Node identity ac14140f, cluster identity 4711
[  221.851742][ T7392] tipc: Enabled bearer <udp:syz2>, priority 10
[  222.322967][ T7412] overlayfs: failed to clone upperpath
[  222.963993][ T7432] tipc: Failed to remove unknown binding: 66,1,1/650140596:1707541234/1707541236
[  222.973987][ T7432] tipc: Failed to remove unknown binding: 66,1,1/650140596:1707541234/1707541236
[  222.986594][  T125] tipc: Node number set to 2886997007
[  223.190024][ T7438] netlink: 28 bytes leftover after parsing attributes in process `syz.4.842'.
[  223.756335][ T7453] loop0: detected capacity change from 0 to 128
[  223.799993][  T125] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  223.834204][ T7453] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  223.857738][ T7453] ext4 filesystem being mounted at /155/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  223.922912][ T7453] fscrypt (loop0, inode 12): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS
[  224.028272][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  224.044099][  T125] usb 6-1: Using ep0 maxpacket: 32
[  224.053581][  T125] usb 6-1: config 0 has an invalid interface number: 188 but max is 0
[  224.104123][ T7461] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  224.105286][  T125] usb 6-1: config 0 has no interface number 0
[  224.113442][ T7461] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  224.128887][ T7461] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  224.138158][ T7461] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  224.142967][  T125] usb 6-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  224.203907][  T125] usb 6-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  224.229785][  T125] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.246256][  T125] usb 6-1: Product: syz
[  224.257756][  T125] usb 6-1: Manufacturer: syz
[  224.266094][  T125] usb 6-1: SerialNumber: syz
[  224.297447][  T125] usb 6-1: config 0 descriptor??
[  224.313220][ T7447] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  224.536504][ T7447] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  224.846703][ T7481] loop7: detected capacity change from 0 to 256
[  224.897033][ T7481] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  225.367037][  T125] asix 6-1:0.188 (unnamed net_device) (uninitialized): invalid PHY address: 105
[  226.019925][ T7521] syz.7.871 sent an empty control message without MSG_MORE.
[  226.678413][   T14] usb 6-1: USB disconnect, device number 3
[  227.574959][ T7579] overlayfs: failed to clone lowerpath
[  227.604661][ T7579] overlayfs: failed to clone upperpath
[  228.611820][ T7600] loop7: detected capacity change from 0 to 32768
[  228.698768][ T7600] XFS (loop7): Mounting V5 Filesystem
[  228.768648][ T7626] overlayfs: failed to clone upperpath
[  228.818463][ T7600] XFS (loop7): Ending clean mount
[  229.594319][ T7048] XFS (loop7): Unmounting Filesystem
[  231.811607][ T7711] 9pnet_fd: Insufficient options for proto=fd
[  231.894161][ T7710] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  231.924985][ T7714] loop5: detected capacity change from 0 to 512
[  231.966394][ T7714] EXT4-fs: Ignoring removed i_version option
[  232.002025][ T7714] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  232.062562][ T7714] EXT4-fs (loop5): orphan cleanup on readonly fs
[  232.098057][ T7714] Quota error (device loop5): v2_read_file_info: Free block number 1 out of range (1, 6).
[  232.121959][ T7714] EXT4-fs warning (device loop5): ext4_enable_quotas:7087: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  232.150281][ T7714] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  232.229220][ T7714] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 49 vs 41 free clusters
[  232.279849][ T7714] EXT4-fs (loop5): Remounting filesystem read-only
[  232.294763][ T7714] EXT4-fs (loop5): 1 truncate cleaned up
[  232.301803][ T7714] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  232.468811][ T7714] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.925: iget: bad i_size value: 360287970189639690
[  232.621556][ T7736] netlink: 896 bytes leftover after parsing attributes in process `syz.2.935'.
[  232.638356][ T5232] EXT4-fs (loop5): unmounting filesystem.
[  232.805274][  T125] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  233.009478][  T125] usb 8-1: Using ep0 maxpacket: 16
[  233.023268][  T125] usb 8-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  233.067672][  T125] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.090021][  T125] usb 8-1: Product: syz
[  233.099682][  T125] usb 8-1: Manufacturer: syz
[  233.109777][  T125] usb 8-1: SerialNumber: syz
[  233.123007][ T7748] netlink: 16 bytes leftover after parsing attributes in process `syz.5.940'.
[  233.141403][  T125] usb 8-1: config 0 descriptor??
[  233.156495][  T125] asix: probe of 8-1:0.0 failed with error -22
[  233.377733][ T7731] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.392456][ T7731] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  233.409152][  T125] usb 8-1: USB disconnect, device number 3
[  234.052597][ T7778] bond2: (slave syz_tun): Releasing active interface
[  234.060871][  T125] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  234.074119][ T7778] device syz_tun left promiscuous mode
[  234.125222][ T7778] bond0: (slave bridge0): Releasing backup interface
[  234.150546][ T7778] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.158095][ T7778] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.197922][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  234.233464][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  234.266915][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  234.275906][  T125] usb 8-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  234.300217][  T125] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.311878][ T7778] device bridge_slave_0 left promiscuous mode
[  234.333087][ T7778] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.356371][ T7778] device bridge_slave_1 left promiscuous mode
[  234.359831][  T125] usb 8-1: config 0 descriptor??
[  234.387145][  T125] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  234.419665][ T7778] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.460382][ T7778] bond0: (slave bond_slave_0): Releasing backup interface
[  234.508416][ T7778] bond0: (slave bond_slave_1): Releasing backup interface
[  234.588701][  T125] gp8psk: usb in 128 operation failed.
[  234.604733][ T7778] team0: Port device team_slave_1 removed
[  234.612891][  T125] gp8psk: usb in 137 operation failed.
[  234.618010][ T7778] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.623064][  T125] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  234.626537][ T7778] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.642301][  T125] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  234.656198][  T125] usb 8-1: media controller created
[  234.660421][ T7778] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.669856][ T7778] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.689294][  T125] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  234.719311][ T7778] bond1: (slave vlan2): Releasing active interface
[  234.754658][  T125] gp8psk_fe: Frontend attached
[  234.772187][  T125] usb 8-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  234.788891][  T125] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  234.874899][ T7778] bond3: (slave bond4): Releasing backup interface
[  234.961461][  T125] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  234.977176][  T125] gp8psk: found Genpix USB device pID = 203 (hex)
[  235.038620][ T7789] ip: renamed from gretap0
[  235.307323][   T22] usb 8-1: USB disconnect, device number 4
[  235.472176][   T22] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  236.070067][  T125] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  236.271724][  T125] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.292534][  T125] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  236.324122][  T125] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  236.351906][  T125] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.376222][  T125] usb 1-1: Product: syz
[  236.387486][  T125] usb 1-1: Manufacturer: syz
[  236.403406][  T125] usb 1-1: SerialNumber: syz
[  236.436042][  T125] cdc_mbim 1-1:1.0: skipping garbage
[  236.634402][ T7823] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  237.270117][ T7823] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  237.277817][  T125] cdc_mbim 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  237.299800][  T125] cdc_mbim 1-1:1.0: setting rx_max = 2048
[  237.507349][  T125] cdc_mbim 1-1:1.0: setting tx_max = 184
[  237.531369][  T125] cdc_mbim 1-1:1.0: cdc-wdm0: USB WDM device
[  237.623121][  T125] cdc_mbim 1-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 86:0c:88:49:c0:00
[  237.740969][    C1] cdc_mbim 1-1:1.0: nonzero urb status received: -71
[  237.747974][    C1] cdc_mbim 1-1:1.0: wdm_int_callback - 0 bytes
[  237.755118][    C1] cdc_mbim 1-1:1.0: nonzero urb status received: -71
[  237.761856][    C1] cdc_mbim 1-1:1.0: wdm_int_callback - 0 bytes
[  237.806235][   T22] usb 1-1: USB disconnect, device number 10
[  237.820250][   T22] cdc_mbim 1-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM
[  239.740509][ T7943] loop7: detected capacity change from 0 to 2048
[  239.939161][ T7947] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  240.392243][ T7943] syz.7.995 (7943) used greatest stack depth: 19312 bytes left
[  240.462565][ T7966] loop0: detected capacity change from 0 to 256
[  242.919055][ T8006] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1010'.
[  243.752703][ T8041] loop7: detected capacity change from 0 to 4096
[  244.012278][ T8048] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  244.051510][ T8047] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1022'.
[  244.136550][   T26] audit: type=1800 audit(1773163601.065:32): pid=8041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1020" name="file1" dev="loop7" ino=15 res=0 errno=0
[  245.048136][   T26] audit: type=1800 audit(1773163601.975:33): pid=8041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1020" name="file1" dev="loop7" ino=15 res=0 errno=0
[  245.614746][ T8085] device macvlan2 entered promiscuous mode
[  245.622792][ T8085] device bond6 entered promiscuous mode
[  245.628918][ T8085] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  245.636449][  T125] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  245.671954][ T8085] device bond6 left promiscuous mode
[  245.825668][  T125] usb 8-1: Using ep0 maxpacket: 32
[  245.841579][  T125] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  245.853777][  T125] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  245.865346][  T125] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  245.876846][  T125] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  245.891792][  T125] usb 8-1: config 0 interface 0 has no altsetting 0
[  245.901995][  T125] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  245.911252][  T125] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  245.920778][  T125] usb 8-1: Product: syz
[  245.924987][  T125] usb 8-1: Manufacturer: syz
[  245.930067][  T125] usb 8-1: SerialNumber: syz
[  245.956475][  T125] usb 8-1: config 0 descriptor??
[  245.973538][  T125] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  246.021651][  T125] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  246.449711][ T8099] device batadv_slave_0 entered promiscuous mode
[  248.434142][ T4500] usb 8-1: USB disconnect, device number 5
[  248.507610][ T4500] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  248.913059][ T8128] sctp: [Deprecated]: syz.2.1063 (pid 8128) Use of struct sctp_assoc_value in delayed_ack socket option.
[  248.913059][ T8128] Use struct sctp_sack_info instead
[  249.449493][  T125] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  249.639710][  T125] usb 8-1: Using ep0 maxpacket: 32
[  249.647019][  T125] usb 8-1: config index 0 descriptor too short (expected 3659, got 75)
[  249.674809][  T125] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  249.695526][  T125] usb 8-1: New USB device found, idVendor=08ca, idProduct=2060, bcdDevice=c6.58
[  250.757693][  T125] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.766593][  T125] usb 8-1: Product: syz
[  250.771218][  T125] usb 8-1: Manufacturer: syz
[  250.776772][  T125] usb 8-1: SerialNumber: syz
[  251.164552][  T125] usb 8-1: config 0 descriptor??
[  251.173731][  T125] gspca_main: sunplus-2.14.0 probing 08ca:2060
[  252.963407][ T4274] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  252.975685][ T4274] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  252.985529][ T4274] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  252.998421][  T125] gspca_sunplus: reg_r err -71
[  253.010019][ T4274] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  253.018941][  T125] sunplus: probe of 8-1:0.0 failed with error -71
[  253.027981][ T4274] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  253.037246][ T4274] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  253.110959][  T125] usb 8-1: USB disconnect, device number 6
[  253.385674][ T8184] chnl_net:caif_netlink_parms(): no params data found
[  253.468430][ T8202] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1080'.
[  253.591209][ T8202] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[  253.622720][ T8202] bond7: (slave vxcan3): Error -95 calling set_mac_address
[  253.698953][ T8211] device macvlan2 entered promiscuous mode
[  253.705790][ T8211] bond7: (slave macvlan2): Error -98 calling set_mac_address
[  253.719038][ T8184] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.726459][ T8184] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.735114][ T8184] device bridge_slave_0 entered promiscuous mode
[  253.744372][ T8184] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.752478][ T8184] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.761275][ T8184] device bridge_slave_1 entered promiscuous mode
[  253.811260][ T8184] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.854688][ T8184] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.943121][ T8184] team0: Port device team_slave_0 added
[  254.503376][ T8221] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.511219][ T8221] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.794451][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805955ec00: rx timeout, send abort
[  254.965208][ T8221] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.011047][ T8221] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.079735][ T4281] Bluetooth: hci4: command 0x0409 tx timeout
[  255.291353][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880784e3c00: rx timeout, send abort
[  255.305141][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805955ec00: abort rx timeout. Force session deactivation
[  255.397810][ T8221] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.406903][ T8221] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.416147][ T8221] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.425857][ T8221] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.519766][ T8184] team0: Port device team_slave_1 added
[  255.603177][ T8184] batman_adv: batadv0: Adding interface: batadv_slave_0
[  255.619131][ T8184] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.646061][ T8184] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  255.660348][ T8184] batman_adv: batadv0: Adding interface: batadv_slave_1
[  255.667413][ T8184] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.694514][ T8184] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  255.735271][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.741895][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  255.766505][ T8242] netlink: 'syz.4.1095': attribute type 1 has an invalid length.
[  255.799893][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880784e3c00: abort rx timeout. Force session deactivation
[  255.800512][ T8242] device bond1 entered promiscuous mode
[  255.811432][    C1] vcan0: j1939_tp_rxtimer: 0xffff888079b39400: rx timeout, send abort
[  255.820215][ T8242] 8021q: adding VLAN 0 to HW filter on device bond1
[  255.854059][ T8184] device hsr_slave_0 entered promiscuous mode
[  255.864352][ T8184] device hsr_slave_1 entered promiscuous mode
[  255.871692][ T8184] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  255.879911][ T8184] Cannot create hsr debugfs directory
[  255.928276][ T8244] 8021q: adding VLAN 0 to HW filter on device bond2
[  255.946201][ T8244] device bond2 entered promiscuous mode
[  255.957333][ T8244] bond1: (slave bond2): Enslaving as a backup interface with a down link
[  256.280517][ T8184] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  256.324464][    C1] vcan0: j1939_tp_rxtimer: 0xffff888079b39400: abort rx timeout. Force session deactivation
[  256.348879][ T8184] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  256.403283][ T8184] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  256.444073][ T8184] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  256.701082][ T8184] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.739815][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  256.763368][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  256.789402][ T8184] 8021q: adding VLAN 0 to HW filter on device team0
[  256.841628][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  256.879061][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  256.927387][ T4555] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.934617][ T4555] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.966649][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  257.000665][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  257.019661][ T4555] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.026819][ T4555] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.050051][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  257.074902][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  257.114796][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  257.148068][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  257.159810][ T4274] Bluetooth: hci4: command 0x041b tx timeout
[  257.196874][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  257.247355][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  257.274162][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  257.298894][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  257.317901][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  257.329166][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  257.347634][ T8184] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  257.368216][ T8184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  257.378891][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  257.389004][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  257.927921][ T8284] netlink: 'syz.7.1107': attribute type 6 has an invalid length.
[  257.954589][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  257.964579][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  258.011667][ T8184] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.024940][ T8284] netlink: 'syz.7.1107': attribute type 6 has an invalid length.
[  259.105679][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  259.129783][ T4555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  259.194034][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  259.218935][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  259.239545][ T4274] Bluetooth: hci4: command 0x040f tx timeout
[  259.286171][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  259.307805][   T26] audit: type=1800 audit(1773163616.235:34): pid=8303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1112" name="/" dev="fuse" ino=2 res=0 errno=0
[  259.368401][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  259.412766][ T8184] device veth0_vlan entered promiscuous mode
[  259.486963][ T8184] device veth1_vlan entered promiscuous mode
[  259.606048][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  259.636471][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  259.672608][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  259.725372][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  259.768175][ T8184] device veth0_macvtap entered promiscuous mode
[  259.804670][ T8184] device veth1_macvtap entered promiscuous mode
[  259.890635][ T8184] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.927679][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  259.951408][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  259.993685][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  260.046185][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  260.101006][ T8184] batman_adv: batadv0: Interface activated: batadv_slave_1
[  260.132517][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  260.161814][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  260.209120][ T8184] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.247000][ T8184] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.298709][ T8184] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.368104][ T8184] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.770882][ T4294] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.789676][ T4294] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.876566][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  260.996892][ T4558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  261.039397][ T4558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.087868][   T34] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  261.319468][ T4274] Bluetooth: hci4: command 0x0419 tx timeout
[  265.976098][ T8377] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1131'.
[  266.354219][ T8384] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1132'.
[  266.580982][ T8388] netlink: 'syz.0.1133': attribute type 1 has an invalid length.
[  266.733818][ T8393] device bond2 entered promiscuous mode
[  266.780381][ T8393] 8021q: adding VLAN 0 to HW filter on device bond2
[  268.605774][ T8429] loop8: detected capacity change from 0 to 8
[  268.687343][ T6743] udevd[6743]: incorrect cramfs checksum on /dev/loop8
[  268.695341][ T8429] MTD: Attempt to mount non-MTD device "/dev/loop8"
[  268.918475][ T8435] cramfs: Error -3 while decompressing!
[  268.956948][ T8435] cramfs: ffffffff96d8a178(16)->ffff8880399e4000(4096)
[  268.986541][ T8435] cramfs: Error -3 while decompressing!
[  269.020555][ T8435] cramfs: ffffffff96d8a178(16)->ffff8880399e4000(4096)
[  269.073257][   T26] audit: type=1800 audit(1773163625.995:35): pid=8435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1146" name="file0" dev="loop8" ino=244 res=0 errno=0
[  269.787199][ T8442] loop0: detected capacity change from 0 to 256
[  269.983227][ T8448] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT
[  270.198495][ T8453] netlink: 'syz.7.1156': attribute type 10 has an invalid length.
[  270.243565][ T8453] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  272.351405][ T8504] tipc: Started in network mode
[  272.356694][ T8504] tipc: Node identity 84e, cluster identity 4711
[  272.369443][ T8504] tipc: Node number set to 2126
[  272.569519][   T22] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  272.669178][ T8515] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1172'.
[  272.761773][   T22] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.790696][   T22] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  272.825875][   T22] usb 8-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  272.879479][   T22] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.919048][   T22] usb 8-1: config 0 descriptor??
[  273.193350][ T8523] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1174'.
[  273.372396][   T22] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  273.393095][   T22] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  273.422687][   T22] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  273.438358][   T22] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  273.468576][   T22] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  273.471902][ T8527] netlink: 'syz.4.1176': attribute type 10 has an invalid length.
[  273.497977][   T22] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  273.524526][   T22] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  273.532073][ T8527] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  273.576080][   T22] cp2112 0003:10C4:EA90.0003: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.7-1/input0
[  273.672905][   T22] cp2112 0003:10C4:EA90.0003: Part Number: 0x82 Device Version: 0xFE
[  275.238677][   T22] cp2112 0003:10C4:EA90.0003: error setting SMBus config
[  275.360703][   T22] cp2112: probe of 0003:10C4:EA90.0003 failed with error -71
[  275.424276][   T22] usb 8-1: USB disconnect, device number 7
[  275.732593][ T8546] fido_id[8546]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  276.567333][ T4505] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  276.721079][ T8568] netlink: 'syz.8.1182': attribute type 10 has an invalid length.
[  276.733257][ T8566] tipc: Failed to remove unknown binding: 66,0,0/2886997007:2529146712/2529146713
[  276.763211][ T8568] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.763418][ T4505] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  276.771114][ T8568] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.791323][ T4505] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  276.801333][ T4505] usb 8-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  276.811024][ T4505] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.857706][ T8568] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.858758][ T4505] usb 8-1: config 0 descriptor??
[  276.864919][ T8568] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.877394][ T8568] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.884726][ T8568] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.927318][ T8568] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  277.281591][ T8580] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1195'.
[  277.307629][ T8580] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1195'.
[  277.515696][ T8589] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1199'.
[  278.089309][ T8606] netlink: 'syz.0.1206': attribute type 10 has an invalid length.
[  278.142858][ T8606] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  279.484781][ T4505] usb 8-1: USB disconnect, device number 8
[  279.494855][ T8641] binder: BINDER_SET_CONTEXT_MGR already set
[  279.542100][ T8641] binder: 8640:8641 ioctl 4018620d 200000004a80 returned -16
[  280.010972][ T8653] loop8: detected capacity change from 0 to 8192
[  280.978101][ T8683] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1233'.
[  284.084262][ T8723] loop0: detected capacity change from 0 to 32768
[  284.117447][ T8723] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.1243 (8723)
[  284.162503][ T8723] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  284.201354][ T8723] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  284.232261][ T8723] BTRFS info (device loop0): force zlib compression, level 3
[  284.258107][ T8723] BTRFS info (device loop0): force clearing of disk cache
[  284.274634][ T8723] BTRFS info (device loop0): setting nodatasum
[  284.293497][ T8723] BTRFS info (device loop0): allowing degraded mounts
[  284.950811][ T8723] BTRFS info (device loop0): enabling disk space caching
[  284.957929][ T8723] BTRFS info (device loop0): disk space caching is enabled
[  285.461161][ T8723] BTRFS info (device loop0): rebuilding free space tree
[  285.535402][ T8723] BTRFS info (device loop0): disabling free space tree
[  285.561857][ T8723] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  285.592223][ T8723] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  286.649109][ T8804] binder: 8803:8804 ioctl c0306201 2000000003c0 returned -14
[  286.802141][ T4918] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  287.021672][ T4918] usb 9-1: config 0 has an invalid interface number: 41 but max is 0
[  287.049606][ T4918] usb 9-1: config 0 has no interface number 0
[  287.055786][ T4918] usb 9-1: config 0 interface 41 has no altsetting 0
[  287.117679][ T4918] usb 9-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  287.158689][ T4918] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.183661][ T4918] usb 9-1: Product: syz
[  287.201969][ T4268] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  287.219038][ T4918] usb 9-1: Manufacturer: syz
[  287.230408][ T4918] usb 9-1: SerialNumber: syz
[  287.277034][ T4918] usb 9-1: config 0 descriptor??
[  288.106426][ T4918] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  289.392778][ T4918] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): Error reading RX_CTL register:ffffffb9
[  289.424463][ T4918] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0000:ffffffb9
[  289.452231][ T4918] CoreChips: probe of 9-1:0.41 failed with error -71
[  289.481964][ T4918] usb 9-1: USB disconnect, device number 2
[  289.797131][ T8864] sch_tbf: peakrate 2147483647 is lower than or equals to rate 2831036522994172386 !
[  290.683495][ T8885] device batadv_slave_0 entered promiscuous mode
[  290.860994][ T8882] device batadv_slave_0 left promiscuous mode
[  291.361356][ T8908] loop8: detected capacity change from 0 to 128
[  293.348442][ T8948] netlink: 'syz.8.1312': attribute type 4 has an invalid length.
[  293.418311][ T8949] netlink: 'syz.8.1312': attribute type 4 has an invalid length.
[  293.818978][   T26] audit: type=1326 audit(2000000013.660:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8935 comm="syz.2.1310" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x0
[  295.134068][   T14] libceph: connect (1)[c::]:6789 error -101
[  295.174013][   T14] libceph: mon0 (1)[c::]:6789 connect error
[  295.208210][ T8991] ceph: No mds server is up or the cluster is laggy
[  298.577214][ T9038] loop0: detected capacity change from 0 to 40427
[  298.616142][ T9038] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[  298.638588][ T9038] F2FS-fs (loop0): inline encryption not supported
[  298.679095][ T9038] F2FS-fs (loop0): invalid crc value
[  298.700722][ T9038] F2FS-fs (loop0): Found nat_bits in checkpoint
[  298.883584][ T9038] F2FS-fs (loop0): Start checkpoint disabled!
[  298.968588][ T9038] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  299.286584][   T46] F2FS-fs (loop0) : inject checkpoint error in f2fs_balance_fs of f2fs_write_inode+0x531/0x760
[  299.630787][ T9073] x_tables: duplicate underflow at hook 2
[  300.155339][ T9083] loop0: detected capacity change from 0 to 512
[  300.774959][ T9081] loop8: detected capacity change from 0 to 8192
[  300.840416][ T9081] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  301.135361][ T9106] overlayfs: failed to clone upperpath
[  302.260857][ T9125] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1363'.
[  303.619594][ T4315] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  303.821560][ T4315] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  303.840902][ T4315] usb 1-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00
[  303.869137][ T4315] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.911908][ T4315] usb 1-1: config 0 descriptor??
[  303.931601][ T4315] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  304.154448][ T9140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.195100][ T9140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.219580][ T4315] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  304.245421][   T22] usb 1-1: USB disconnect, device number 11
[  304.409601][ T4315] usb 8-1: Using ep0 maxpacket: 32
[  304.417283][ T4315] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  304.451035][ T4315] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  304.469714][ T4315] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  304.491612][ T4315] usb 8-1: Product: syz
[  304.496025][ T4315] usb 8-1: Manufacturer: syz
[  304.517490][ T4315] usb 8-1: SerialNumber: syz
[  304.536670][ T4315] usb 8-1: config 0 descriptor??
[  304.544574][ T9154] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[  304.912614][   T22] usb 8-1: USB disconnect, device number 9
[  304.967412][ T9177] loop0: detected capacity change from 0 to 512
[  304.997987][ T9177] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  305.080261][ T9177] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.1380: iget: bad i_size value: 38620345925642
[  305.106187][ T9177] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1380: couldn't read orphan inode 15 (err -117)
[  305.125045][ T9177] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  305.241699][ T9177] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.1380: bg 0: block 5: invalid block bitmap
[  305.434173][ T9177] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 48 with error 28
[  305.529021][ T9177] EXT4-fs (loop0): This should not happen!! Data will be lost
[  305.529021][ T9177] 
[  305.606555][ T9177] EXT4-fs (loop0): Total free blocks count 0
[  305.658451][ T9177] EXT4-fs (loop0): Free/Dirty block details
[  305.699801][ T9177] EXT4-fs (loop0): free_blocks=0
[  305.720172][ T9177] EXT4-fs (loop0): dirty_blocks=52
[  305.776507][ T9177] EXT4-fs (loop0): Block reservation details
[  305.814481][ T9177] EXT4-fs (loop0): i_reserved_data_blocks=52
[  305.826656][ T9195] program syz.7.1383 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  305.891167][ T9198] program syz.7.1383 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  306.158481][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  306.372890][ T9207] device ip6gretap1 entered promiscuous mode
[  306.388788][ T9207] bond3: (slave ip6gretap1): no link monitoring support
[  306.406439][ T9207] bond3: (slave ip6gretap1): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details
[  306.437969][ T9207] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  306.514658][ T9218] device ip6gretap1 entered promiscuous mode
[  306.587208][ T9218] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  308.097066][   T26] audit: type=1326 audit(2000000027.940:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.2.1396" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x0
[  313.554590][ T9330] loop7: detected capacity change from 0 to 256
[  313.731356][ T4453] tipc: Left network mode
[  315.267411][   T26] audit: type=1326 audit(2000000035.110:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.7.1427" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fede839c799 code=0x0
[  317.162442][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  317.169240][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  317.403553][ T4453] device hsr_slave_0 left promiscuous mode
[  317.467818][ T4453] device hsr_slave_1 left promiscuous mode
[  317.491059][ T4453] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.517381][ T4453] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.530692][ T4453] device bridge_slave_1 left promiscuous mode
[  317.536991][ T4453] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.550555][ T9422] overlayfs: failed to clone upperpath
[  317.577961][ T4453] device bridge_slave_0 left promiscuous mode
[  317.603589][ T4453] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.527437][ T4453] bond1 (unregistering): (slave dummy0): Releasing active interface
[  318.567447][ T4453] bond1 (unregistering): Released all slaves
[  320.335278][ T4453] team0 (unregistering): Port device team_slave_1 removed
[  320.466027][ T4453] team0 (unregistering): Port device team_slave_0 removed
[  320.582890][ T4453] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  320.783952][ T4453] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  321.479733][ T4453] bond0 (unregistering): Released all slaves
[  321.638330][ T9478] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1468'.
[  321.652540][ T9482] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  323.596445][ T9552] overlayfs: failed to clone upperpath
[  323.872911][ T9562] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1492'.
[  323.952255][ T9566] overlayfs: failed to clone upperpath
[  324.074997][ T9568] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1495'.
[  324.103072][ T9568] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1495'.
[  324.132790][ T9568] device bridge0 entered promiscuous mode
[  324.148114][ T9568] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1495'.
[  325.908030][ T9632] netlink: 'syz.7.1515': attribute type 10 has an invalid length.
[  325.936522][ T9632] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  326.637023][ T9650] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1518'.
[  327.899658][ T9684] device wg1 entered promiscuous mode
[  328.823421][ T9723] loop7: detected capacity change from 0 to 128
[  329.032149][ T9723] syz.7.1540: attempt to access beyond end of device
[  329.032149][ T9723] loop7: rw=2049, sector=138, nr_sectors = 104 limit=128
[  329.208760][ T9723] capability: warning: `syz.7.1540' uses deprecated v2 capabilities in a way that may be insecure
[  329.395901][ T9723] syz.7.1540: attempt to access beyond end of device
[  329.395901][ T9723] loop7: rw=2049, sector=138, nr_sectors = 72 limit=128
[  329.976468][ T4274] Bluetooth: hci4: unexpected event 0x3e length: 263 > 260
[  329.976494][ T4274] Bluetooth: hci4: unexpected subevent 0x0d length: 262 > 260
[  329.992898][ T4274] Bluetooth: hci4: adv larger than maximum supported
[  329.992954][ T4274] Bluetooth: hci4: adv larger than maximum supported
[  330.759821][ T4315] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  331.041323][ T4315] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[  331.070894][ T4315] usb 8-1: config 0 has no interface number 0
[  331.098858][ T4315] usb 8-1: config 0 interface 67 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  331.167017][ T4315] usb 8-1: config 0 interface 67 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  331.191318][ T4315] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  331.201983][ T9770] overlayfs: failed to clone upperpath
[  331.238238][ T4315] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.269406][ T4315] usb 8-1: Product: syz
[  331.273710][ T4315] usb 8-1: Manufacturer: syz
[  331.278340][ T4315] usb 8-1: SerialNumber: syz
[  331.312779][ T4315] usb 8-1: config 0 descriptor??
[  331.318767][ T9752] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  331.331692][ T9752] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  331.411067][ T4315] smsc95xx v2.0.0
[  331.616093][ T9752] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  331.640040][ T9752] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  331.880703][ T4315] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  331.904218][ T4315] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  332.597146][ T9808] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1563'.
[  332.977405][ T9816] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1568'.
[  333.248982][ T9824] overlayfs: failed to clone lowerpath
[  333.356183][ T4315] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000038: -71
[  333.387582][ T4315] smsc95xx: probe of 8-1:0.67 failed with error -71
[  333.425056][ T4315] usb 8-1: USB disconnect, device number 10
[  333.968982][ T9850] overlayfs: failed to clone upperpath
[  334.071352][ T9854] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1581'.
[  334.198752][ T9860] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1582'.
[  334.215119][ T9862] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1583'.
[  334.298411][ T9862] 8021q: adding VLAN 0 to HW filter on device team1
[  334.599409][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[  334.899133][ T4315] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  335.088976][ T4315] usb 8-1: Using ep0 maxpacket: 32
[  335.096167][ T4315] usb 8-1: config 0 has an invalid interface number: 188 but max is 0
[  335.135362][ T4315] usb 8-1: config 0 has no interface number 0
[  335.159793][ T4315] usb 8-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  335.206526][ T4315] usb 8-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  335.242455][ T4315] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.268917][ T4315] usb 8-1: Product: syz
[  335.278550][ T4315] usb 8-1: Manufacturer: syz
[  335.295645][ T4315] usb 8-1: SerialNumber: syz
[  335.321187][ T4315] usb 8-1: config 0 descriptor??
[  335.345205][ T9881] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  335.570215][ T9881] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  336.084532][ T9913] tipc: Failed to remove unknown binding: 66,1,1/2886997007:161098571/161098573
[  336.133466][ T9913] tipc: Failed to remove unknown binding: 66,1,1/2886997007:161098571/161098573
[  336.167483][ T9913] tipc: Failed to remove unknown binding: 66,1,1/2886997007:161098571/161098573
[  336.812367][ T9933] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1603'.
[  336.938426][ T9933] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1603'.
[  337.400861][ T4315] asix 8-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  337.431834][ T4315] asix 8-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  337.477944][ T4315] asix: probe of 8-1:0.188 failed with error -71
[  337.526001][ T4315] usb 8-1: USB disconnect, device number 11
[  340.789499][T10034] netlink: 452 bytes leftover after parsing attributes in process `syz.8.1636'.
[  342.118166][T10078] overlayfs: failed to clone upperpath
[  343.128272][   T46] bond0: (slave bond_slave_0): interface is now down
[  343.143442][   T46] bond0: (slave bond_slave_1): interface is now down
[  343.175829][   T46] bond0: (slave bridge0): interface is now down
[  343.297317][   T26] audit: type=1326 audit(2000000063.150:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.415179][   T26] audit: type=1326 audit(2000000063.170:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.510887][   T26] audit: type=1326 audit(2000000063.190:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.604836][   T26] audit: type=1326 audit(2000000063.190:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.693985][   T26] audit: type=1326 audit(2000000063.190:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.766496][   T26] audit: type=1326 audit(2000000063.200:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.850437][   T26] audit: type=1326 audit(2000000063.200:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.945356][   T26] audit: type=1326 audit(2000000063.200:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  343.973515][T10156] loop7: detected capacity change from 0 to 128
[  344.054743][T10156] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  344.086096][   T26] audit: type=1326 audit(2000000063.200:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  344.185998][T10156] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  344.219032][   T26] audit: type=1326 audit(2000000063.200:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10125 comm="syz.4.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  344.285520][T10156] ext2 filesystem being mounted at /137/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.672687][ T7048] EXT4-fs (loop7): unmounting filesystem.
[  345.362974][T10207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.434139][T10186] infiniband syz1: set active
[  345.443967][T10186] infiniband syz1: added syz_tun
[  345.458406][T10207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.542117][T10186] RDS/IB: syz1: added
[  345.552977][T10207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.590424][T10186] smc: adding ib device syz1 with port count 1
[  345.616470][T10186] smc:    ib device syz1 port 1 has pnetid 
[  346.081616][T10227] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1695'.
[  347.568779][T10239] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  349.649062][T10310] loop7: detected capacity change from 0 to 128
[  349.693115][T10310] FAT-fs (loop7): Directory bread(block 524322) failed
[  349.700102][T10310] FAT-fs (loop7): Directory bread(block 524323) failed
[  349.727786][T10310] FAT-fs (loop7): Directory bread(block 524324) failed
[  349.767658][T10310] FAT-fs (loop7): Directory bread(block 524325) failed
[  349.792304][T10310] FAT-fs (loop7): Directory bread(block 524326) failed
[  349.818443][T10310] FAT-fs (loop7): Directory bread(block 524327) failed
[  349.841599][T10310] FAT-fs (loop7): Directory bread(block 524328) failed
[  349.868945][T10310] FAT-fs (loop7): Directory bread(block 524329) failed
[  350.032826][T10310] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4273022513 (8546045026 ns) > initial count (2701865562 ns). Using initial count to start timer.
[  350.118823][T10326] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1722'.
[  354.159417][ T4501] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  354.359360][ T4501] usb 8-1: Using ep0 maxpacket: 16
[  354.366773][ T4501] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  354.438637][ T4501] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  354.511853][ T4501] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  354.615391][ T4501] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.676191][ T4501] usb 8-1: Product: syz
[  354.706407][ T4501] usb 8-1: Manufacturer: syz
[  354.759120][ T4501] usb 8-1: SerialNumber: syz
[  356.317328][T10417] loop7: detected capacity change from 0 to 512
[  356.468429][T10417] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  356.512611][T10417] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  356.583165][T10417] EXT4-fs (loop7): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  356.654743][T10417] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  356.674656][T10417] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  356.719633][T10417] EXT4-fs (loop7): failed to initialize system zone (-117)
[  356.787387][T10417] EXT4-fs (loop7): mount failed
[  357.504609][ T4501] usb 8-1: 0:2 : does not exist
[  357.522275][ T4501] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[  357.609815][ T4501] usb 8-1: USB disconnect, device number 12
[  357.754253][T10486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  357.863008][T10486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  357.880300][ T9494] udevd[9494]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  357.970146][T10486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  358.484391][T10515] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  358.516397][T10515] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  358.557309][T10515] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  358.601761][T10515] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  358.657199][T10515] device geneve2 entered promiscuous mode
[  358.687814][T10517] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1770'.
[  358.774510][T10518] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  362.240021][T10591] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1787'.
[  362.282030][T10591] device ip6gre1 entered promiscuous mode
[  362.475678][T10587] VFS: Mount too revealing
[  362.518320][T10593] netlink: 'syz.4.1787': attribute type 6 has an invalid length.
[  362.535293][T10593] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1787'.
[  362.795745][T10601] netlink: 'syz.7.1791': attribute type 11 has an invalid length.
[  366.234266][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  366.234284][   T26] audit: type=1326 audit(2000000086.101:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.328443][   T26] audit: type=1326 audit(2000000086.101:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.374124][   T26] audit: type=1326 audit(2000000086.161:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.453233][   T26] audit: type=1326 audit(2000000086.161:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.553219][   T26] audit: type=1326 audit(2000000086.161:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.638941][   T26] audit: type=1326 audit(2000000086.161:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.687398][T10675] overlayfs: failed to clone upperpath
[  366.743378][   T26] audit: type=1326 audit(2000000086.161:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.813069][   T26] audit: type=1326 audit(2000000086.161:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.879057][   T26] audit: type=1326 audit(2000000086.161:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  366.966249][   T26] audit: type=1326 audit(2000000086.171:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.2.1805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03919c799 code=0x7ffc0000
[  367.186410][T10687] netlink: 128 bytes leftover after parsing attributes in process `syz.7.1815'.
[  367.593880][T10703] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  367.622411][T10703] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  367.793140][T10712] rdma_rxe: rxe_register_device failed with error -23
[  367.801757][T10712] rdma_rxe: failed to add ipvlan0
[  368.636490][T10734] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1830'.
[  368.823174][T10737] netlink: 'syz.2.1831': attribute type 10 has an invalid length.
[  368.942646][T10737] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  369.039084][T10743] device wg1 entered promiscuous mode
[  369.677524][T10755] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1838'.
[  370.195417][T10767] netlink: 'syz.4.1845': attribute type 10 has an invalid length.
[  371.175324][T10779] gfs2: gfs2 mount does not exist
[  372.522744][   T26] kauditd_printk_skb: 63 callbacks suppressed
[  372.522761][   T26] audit: type=1326 audit(2000000092.384:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.537632][T10814] overlayfs: failed to clone upperpath
[  372.586470][   T26] audit: type=1326 audit(2000000092.384:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.636911][   T26] audit: type=1326 audit(2000000092.384:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.694722][   T26] audit: type=1326 audit(2000000092.384:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.787957][   T26] audit: type=1326 audit(2000000092.394:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.827998][   T26] audit: type=1326 audit(2000000092.394:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.851449][   T26] audit: type=1326 audit(2000000092.394:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5a4b59b607 code=0x7ffc0000
[  372.875239][   T26] audit: type=1326 audit(2000000092.394:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.898246][   T26] audit: type=1326 audit(2000000092.394:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.939170][   T26] audit: type=1326 audit(2000000092.475:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4b59c799 code=0x7ffc0000
[  372.981230][   T14] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  373.175211][   T14] usb 8-1: Using ep0 maxpacket: 16
[  373.183527][   T14] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  373.219635][   T14] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  373.257396][   T14] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  373.269068][   T14] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.284631][   T14] usb 8-1: Product: syz
[  373.288942][   T14] usb 8-1: Manufacturer: syz
[  373.295505][   T14] usb 8-1: SerialNumber: syz
[  373.542045][   T14] usb 8-1: 0:2 : does not exist
[  373.562651][   T14] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[  373.617224][   T14] usb 8-1: USB disconnect, device number 13
[  374.588893][T10841] xt_CT: No such helper "snmp_trap"
[  374.731621][T10836] udevd[10836]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  375.738183][T10847] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1875'.
[  375.755952][ T4274] Bluetooth: hci4: command 0x0406 tx timeout
[  375.875102][T10851] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  377.445317][T10891] VFS: Mount too revealing
[  378.582799][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  378.589209][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  378.602231][T10903] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1895'.
[  378.857631][T10907] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1894'.
[  383.052085][T10952] netlink: 'syz.0.1911': attribute type 2 has an invalid length.
[  383.080700][T10952] netlink: 'syz.0.1911': attribute type 1 has an invalid length.
[  383.639368][T10964] tipc: Failed to remove unknown binding: 66,1,1/0:1447744191/1447744193
[  383.651167][T10964] tipc: Failed to remove unknown binding: 66,1,1/0:1447744191/1447744193
[  383.660312][T10964] tipc: Failed to remove unknown binding: 66,1,1/0:1447744191/1447744193
[  384.038371][T10977] netlink: 'syz.2.1918': attribute type 11 has an invalid length.
[  384.576247][T10989] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  385.114322][T11001] 9pnet: p9_errstr2errno: server reported unknown error �@��?���߾�I�퉲r��6��~��D��m�ʄ!\
[  387.310569][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1935'.
[  388.645628][T11041] xt_CT: No such helper "snmp_trap"
[  388.917005][T11049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1944'.
[  389.034889][T11053] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1944'.
[  390.399215][T11077] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1947'.
[  390.487196][T11081] af_packet: tpacket_rcv: packet too big, clamped from 240 to 4294967272. macoff=96
[  390.534855][T11077] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1947'.
[  392.387966][T11098] xt_CT: No such helper "snmp_trap"
[  394.964312][T11144] netlink: 'syz.4.1969': attribute type 9 has an invalid length.
[  394.984171][T11144] netlink: 'syz.4.1969': attribute type 6 has an invalid length.
[  396.500996][T11174] xt_time: invalid argument - start or stop time greater than 23:59:59
[  400.841004][T11214] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1993'.
[  401.086036][T11214] device bond8 entered promiscuous mode
[  401.116518][T11214] 8021q: adding VLAN 0 to HW filter on device bond8
[  401.208193][T11219] device gretap2 entered promiscuous mode
[  401.236808][T11219] bond8: (slave gretap2): Enslaving as an active interface with an up link
[  401.285502][ T1118] IPv6: ADDRCONF(NETDEV_CHANGE): bond8: link becomes ready
[  401.384810][T11225] netlink: 'syz.8.1996': attribute type 9 has an invalid length.
[  401.407741][T11225] netlink: 'syz.8.1996': attribute type 6 has an invalid length.
[  404.399259][T11259] 8021q: adding VLAN 0 to HW filter on device bond0
[  404.449170][T11259] team0: Port device bond0 added
[  404.482451][T11267] netlink: 'syz.2.2009': attribute type 16 has an invalid length.
[  404.533610][T11267] netlink: 'syz.2.2009': attribute type 17 has an invalid length.
[  405.150528][T11286] netlink: 1347 bytes leftover after parsing attributes in process `syz.4.2016'.
[  406.585485][T11299] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2021'.
[  406.781131][T11305] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2024'.
[  407.050632][T11311] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2026'.
[  407.352886][T11316] 8021q: adding VLAN 0 to HW filter on device bond0
[  407.376950][T11316] team0: Port device bond0 added
[  407.397108][T11319] netlink: 'syz.0.2028': attribute type 16 has an invalid length.
[  407.462213][T11319] netlink: 'syz.0.2028': attribute type 17 has an invalid length.
[  408.827977][   T26] kauditd_printk_skb: 19 callbacks suppressed
[  408.827997][   T26] audit: type=1804 audit(2000000128.706:168): pid=11345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2038" name="bus" dev="ramfs" ino=59169 res=1 errno=0
[  408.929423][   T26] audit: type=1804 audit(2000000128.766:169): pid=11345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2038" name="bus" dev="ramfs" ino=59169 res=1 errno=0
[  409.071962][T11353] overlayfs: failed to clone upperpath
[  409.526010][T11358] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2043'.
[  410.073649][T11362] netlink: 'syz.0.2045': attribute type 3 has an invalid length.
[  410.172066][T11366] netlink: 'syz.0.2045': attribute type 10 has an invalid length.
[  410.236257][T11366] 8021q: adding VLAN 0 to HW filter on device team0
[  413.137174][   T26] audit: type=1804 audit(2000000132.998:170): pid=11404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2058" name="bus" dev="ramfs" ino=59258 res=1 errno=0
[  413.692350][   T26] audit: type=1804 audit(2000000132.998:171): pid=11404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.2058" name="bus" dev="ramfs" ino=59258 res=1 errno=0
[  414.964459][T11430] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2064'.
[  415.171899][T11430] device bridge_slave_1 left promiscuous mode
[  415.209513][T11430] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.290953][T11430] device bridge_slave_0 left promiscuous mode
[  415.317857][T11430] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.751007][T11430] bond0: (slave bridge0): Releasing backup interface
[  420.162780][T11487] debugfs: Directory 'netdev:nicvf0' with parent 'phy19' already present!
[  422.181168][T11524] loop7: detected capacity change from 0 to 128
[  422.308602][T11524] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  422.382289][T11524] ext4 filesystem being mounted at /207/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  422.696154][T11536] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2099'.
[  423.017480][T11524] fscrypt (loop7, inode 12): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  423.048780][T11524] fscrypt (loop7, inode 12): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  423.453154][ T7048] EXT4-fs (loop7): unmounting filesystem.
[  428.465079][T11642] netlink: 'syz.8.2130': attribute type 1 has an invalid length.
[  428.748824][T11642] 8021q: adding VLAN 0 to HW filter on device bond1
[  428.821546][T11646] bond1: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms
[  428.844563][T11651] VFS: Mount too revealing
[  429.872334][T11642] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  430.035178][T11660] loop7: detected capacity change from 0 to 4096
[  430.090321][T11660] EXT4-fs (loop7): Test dummy encryption mode enabled
[  430.109652][T11660] EXT4-fs (loop7): first meta block group too large: 4177526784 (group descriptor block count 1)
[  430.529711][T11682] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2140'.
[  430.884818][T11687] netlink: 'syz.7.2142': attribute type 1 has an invalid length.
[  431.006917][T11687] bond1: (slave gretap1): making interface the new active one
[  431.023977][T11687] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  431.062261][T11690] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  431.288184][T11694] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2155'.
[  432.748525][T11719] binder: 11718:11719 ioctl c0306201 2000000003c0 returned -14
[  433.334722][T11737] sch_tbf: burst 32855 is lower than device lo mtu (11337746) !
[  433.992884][T11740] debugfs: Directory 'netdev:nicvf0' with parent 'phy10' already present!
[  434.324289][T11752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2165'.
[  434.372174][T11752] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  434.381297][T11752] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  434.390380][T11752] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  434.399623][T11752] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  434.517331][T11752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2165'.
[  438.515675][T11793] sch_tbf: burst 32855 is lower than device lo mtu (11337746) !
[  438.549424][T11789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2187'.
[  439.994792][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  440.001297][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  440.741512][T11824] netlink: 'syz.4.2190': attribute type 1 has an invalid length.
[  440.847197][T11831] bond4: (slave gretap1): making interface the new active one
[  440.855583][T11831] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  440.913749][T11824] bond4: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  441.169695][T11840] netlink: 60 bytes leftover after parsing attributes in process `syz.8.2195'.
[  441.237562][T11840] unsupported nlmsg_type 40
[  442.852221][T11867] overlayfs: failed to clone upperpath
[  442.858161][T11866] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2205'.
[  442.983792][T11872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2207'.
[  443.622275][T11886] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2213'.
[  443.648450][T11886] (unnamed net_device) (uninitialized): peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  443.896464][T11887] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2213'.
[  443.924855][T11887] bond9: peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  444.907866][T11912] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2220'.
[  445.987799][T11930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2227'.
[  445.999634][T11930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2227'.
[  446.010550][T11930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2227'.
[  446.450558][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2236'.
[  446.461482][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2236'.
[  446.471208][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2236'.
[  446.480373][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2236'.
[  450.111945][T12024] __nla_validate_parse: 3 callbacks suppressed
[  450.113245][T12024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2258'.
[  455.553420][T12100] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2285'.
[  461.311565][T12169] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2302'.
[  465.212852][T12220] overlayfs: failed to clone upperpath
[  468.315331][T12271] netlink: 'syz.0.2335': attribute type 8 has an invalid length.
[  470.225211][T12295] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2343'.
[  470.389736][T12302] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2345'.
[  471.406844][T12333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  471.434232][T12333] device batadv_slave_0 entered promiscuous mode
[  473.141552][T12363] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2368'.
[  473.605586][T12371] loop7: detected capacity change from 0 to 256
[  473.704762][T12373] overlayfs: failed to clone upperpath
[  476.025561][T12405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2381'.
[  481.820161][T12490] loop7: detected capacity change from 0 to 128
[  482.440336][T12503] device batadv_slave_0 entered promiscuous mode
[  482.621501][T12510] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  483.880223][T12534] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2423'.
[  485.014725][T12563] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2430'.
[  485.903197][T12569] overlayfs: failed to clone upperpath
[  494.332631][T12720] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2478'.
[  494.733968][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.743129][T12724] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.753873][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.763230][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.772839][T12724] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.782409][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.791699][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.801030][T12724] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2476'.
[  494.810555][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2476'.
[  497.560753][ T4315] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  497.780704][ T4315] usb 8-1: Using ep0 maxpacket: 32
[  497.787350][ T4315] usb 8-1: config 250 has an invalid interface number: 230 but max is 0
[  498.577708][ T4315] usb 8-1: config 250 has no interface number 0
[  498.604169][ T4315] usb 8-1: config 250 interface 230 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  498.638957][ T4315] usb 8-1: config 250 interface 230 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  498.665027][ T4315] usb 8-1: config 250 interface 230 has no altsetting 0
[  498.690038][ T4315] usb 8-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  498.726345][ T4315] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.765040][ T4315] usb 8-1: Product: syz
[  498.774028][ T4315] usb 8-1: Manufacturer: syz
[  498.799534][ T4315] usb 8-1: SerialNumber: syz
[  499.037790][ T4315] ums-usbat 8-1:250.230: USB Mass Storage device detected
[  499.680286][T12787] xt_nat: multiple ranges no longer supported
[  499.768181][ T4315] ums-usbat 8-1:250.230: Quirks match for vid 0781 pid 0005: 1
[  500.148214][ T4315] ums-usbat: probe of 8-1:250.230 failed with error -5
[  500.198717][ T4315] usb 8-1: USB disconnect, device number 14
[  501.425239][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  501.431822][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  503.927373][T12839] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  505.335067][   T26] audit: type=1326 audit(2000000736.383:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.8.2509" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x0
[  505.955450][T12857] __nla_validate_parse: 23 callbacks suppressed
[  505.955471][T12857] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2513'.
[  506.272612][T12868] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2516'.
[  507.492313][T12887] device bond2 entered promiscuous mode
[  507.539054][T12887] device bond_slave_0 entered promiscuous mode
[  507.546636][T12887] device bond_slave_1 entered promiscuous mode
[  507.564614][T12887] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  507.579682][T12887] bond2: (slave macvlan2): making interface the new active one
[  507.640983][T12887] device macvlan2 entered promiscuous mode
[  507.647223][T12887] device bond0 entered promiscuous mode
[  507.691920][T12887] bond2: (slave macvlan2): Enslaving as an active interface with an up link
[  509.115678][T12901] loop7: detected capacity change from 0 to 1024
[  509.279173][T12901] hfsplus: xattr searching failed
[  509.450250][T12908] hfsplus: xattr searching failed
[  509.587960][T12914] netlink: 'syz.4.2531': attribute type 4 has an invalid length.
[  509.645897][T12914] netlink: 'syz.4.2531': attribute type 4 has an invalid length.
[  511.154756][T12933] loop7: detected capacity change from 0 to 256
[  512.294037][T12941] device bond2 entered promiscuous mode
[  512.372169][T12951] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  512.549720][T12941] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  512.728977][T12941] bond2: (slave macvlan2): making interface the new active one
[  512.761165][T12941] device macvlan2 entered promiscuous mode
[  512.805492][T12941] device bond0 entered promiscuous mode
[  512.885514][T12941] device bond_slave_0 entered promiscuous mode
[  513.063701][T12941] device bond_slave_1 entered promiscuous mode
[  513.335954][T12941] device bridge0 entered promiscuous mode
[  513.666738][T12941] device wlan1 entered promiscuous mode
[  513.673934][T12941] bond2: (slave macvlan2): Enslaving as an active interface with an up link
[  517.590233][T13000] bond0: (slave wlan1): Releasing backup interface
[  517.616886][T13000] bond1: (slave bond2): Releasing backup interface
[  517.668759][T13000] device bond2 left promiscuous mode
[  517.695693][T13000] bond3: (slave ip6gretap1): Releasing backup interface
[  517.740375][T13000] bond4: (slave gretap1): Releasing active interface
[  517.775659][T13007] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2560'.
[  517.875174][T13007] tc_dump_action: action bad kind
[  518.089210][T13008] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  520.794388][T13026] device bond5 entered promiscuous mode
[  520.851829][T13030] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  520.927005][T13030] bond5: (slave macvlan2): Enslaving as an active interface with a down link
[  523.942304][T13065] netlink: 56 bytes leftover after parsing attributes in process `syz.7.2576'.
[  523.985878][T13065] tc_dump_action: action bad kind
[  524.052994][T13071] device bridge5 entered promiscuous mode
[  524.089036][T13073] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  524.515563][T13078] xt_hashlimit: max too large, truncated to 1048576
[  524.523121][T13078] xt_limit: Overflow, try lower: 0/0
[  526.392080][T13087] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  527.479433][T13090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2581'.
[  527.696019][T13090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  530.692448][T13141] device bond10 entered promiscuous mode
[  533.196870][T13177] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  535.112191][T13207] loop7: detected capacity change from 0 to 128
[  535.178327][T13207] FAT-fs (loop7): Unrecognized mount option "uni_1��	!rGxlate=1" or missing value
[  542.095854][T13258] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2631'.
[  542.771384][T13273] overlayfs: failed to clone upperpath
[  542.900987][ T4918] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  543.950672][ T4918] usb 8-1: Using ep0 maxpacket: 8
[  544.012637][ T4918] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  544.056730][ T4918] usb 8-1: config 0 has no interface number 0
[  544.080498][ T4918] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  544.117638][ T4918] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 50335, setting to 1024
[  544.167755][ T4918] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  544.208217][ T4918] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.264026][ T4918] usb 8-1: config 0 descriptor??
[  544.285867][T13270] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  544.310288][ T4918] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  544.513376][ T4315] usb 8-1: USB disconnect, device number 15
[  544.513469][    C0] iowarrior 8-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  544.934879][T13300] device wlan1 entered promiscuous mode
[  545.005822][T13300] device vlan6 entered promiscuous mode
[  545.020127][T13300] device bond0 entered promiscuous mode
[  545.179584][T13304] netlink: 'syz.0.2644': attribute type 10 has an invalid length.
[  545.187725][ T4621] bond0: (slave bond_slave_0): interface is now down
[  545.210693][ T4621] bond0: (slave bond_slave_1): interface is now down
[  545.217539][ T4621] bond0: (slave bridge0): interface is now down
[  545.222346][T13304] device syz_tun entered promiscuous mode
[  545.262901][ T4621] bond0: (slave bond_slave_0): interface is now down
[  545.278571][T13304] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  545.283257][ T4621] bond0: (slave bond_slave_1): interface is now down
[  545.320033][ T4621] bond0: (slave bridge0): interface is now down
[  545.363193][ T4621] bond0: (slave syz_tun): interface is now down
[  545.440533][ T4621] bond0: now running without any active interface!
[  545.512062][T13318] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2647'.
[  545.537813][T13318] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[  545.716789][T13323] netlink: 'syz.0.2650': attribute type 10 has an invalid length.
[  545.756527][T13323] bond0: (slave wlan1): Enslaving as an active interface with a down link
[  548.705995][T13379] netlink: 'syz.7.2668': attribute type 10 has an invalid length.
[  549.789556][T13404] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2679'.
[  550.228122][   T26] audit: type=1326 audit(2000000782.123:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  550.311549][   T26] audit: type=1326 audit(2000000782.153:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  551.068721][   T26] audit: type=1326 audit(2000000782.153:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  551.212181][   T26] audit: type=1326 audit(2000000782.153:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  551.218400][T13425] netlink: 'syz.2.2688': attribute type 39 has an invalid length.
[  551.242868][   T26] audit: type=1326 audit(2000000782.153:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  551.814488][   T26] audit: type=1326 audit(2000000782.153:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  552.053203][   T26] audit: type=1326 audit(2000000782.153:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  552.086498][   T26] audit: type=1326 audit(2000000782.153:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  552.170213][   T26] audit: type=1326 audit(2000000782.153:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  552.216308][   T26] audit: type=1326 audit(2000000782.153:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13410 comm="syz.8.2684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88a39c799 code=0x7ffc0000
[  552.372030][T13441] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2694'.
[  552.879648][T13446] syz.4.2697 (13446) used greatest stack depth: 18096 bytes left
[  555.013449][T13471] ipt_REJECT: ECHOREPLY no longer supported.
[  555.795752][T13475] MTD: Couldn't look up '/dev/nullb0': -2
[  556.486056][T13483] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2708'.
[  558.178955][T13518] ptrace attach of "./syz-executor exec"[13520] was attempted by "./syz-executor exec"[13518]
[  559.613361][T13531] --map-set only usable from mangle table
[  561.397727][T13540] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2724'.
[  562.699304][T13553] team0 (unregistering): Port device team_slave_0 removed
[  562.723861][T13553] team0 (unregistering): Port device team_slave_1 removed
[  562.868507][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  562.875092][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  562.915374][T13553] team0 (unregistering): Port device bond0 removed
[  563.965258][T13572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2733'.
[  564.037191][T13572] bridge4: port 1(vlan2) entered blocking state
[  564.044760][T13572] bridge4: port 1(vlan2) entered disabled state
[  564.056560][T13572] device vlan2 entered promiscuous mode
[  564.069365][T13572] device bridge0 entered promiscuous mode
[  566.298604][T13619] netlink: 'syz.2.2747': attribute type 1 has an invalid length.
[  566.825640][T13619] 8021q: adding VLAN 0 to HW filter on device bond11
[  569.745227][T13678] netlink: 'syz.0.2762': attribute type 11 has an invalid length.
[  570.050635][T13681] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2761'.
[  572.476597][T13715] xt_CT: You must specify a L4 protocol and not use inversions on it
[  574.739244][T13739] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2780'.
[  574.758636][T13739] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2780'.
[  580.829441][T13830] device vlan3 entered promiscuous mode
[  581.066443][T13837] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  581.266461][T13843] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  581.819115][T13850] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2812'.
[  582.920121][T13862] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2818'.
[  584.467494][T13872] overlayfs: failed to clone upperpath
[  584.473746][T13874] overlayfs: failed to clone upperpath
[  586.229171][   T26] kauditd_printk_skb: 23 callbacks suppressed
[  586.229185][   T26] audit: type=1326 audit(2000000818.123:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  586.362815][   T26] audit: type=1326 audit(2000000818.153:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  586.452569][   T26] audit: type=1326 audit(2000000818.153:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  586.543128][   T26] audit: type=1326 audit(2000000818.153:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  586.687836][   T26] audit: type=1326 audit(2000000818.153:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  586.866079][   T26] audit: type=1326 audit(2000000818.153:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  587.141074][   T26] audit: type=1326 audit(2000000818.163:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  587.897745][   T26] audit: type=1326 audit(2000000818.163:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  588.068102][   T26] audit: type=1326 audit(2000000818.163:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  588.137484][   T26] audit: type=1326 audit(2000000818.163:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13902 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e839c799 code=0x7ffc0000
[  588.483556][T13940] infiniband syz1: set active
[  590.723382][T13957] netdevsim netdevsim0: Direct firmware load for /
[  590.723382][T13957]  failed with error -2
[  590.773071][T13957] netdevsim netdevsim0: Falling back to sysfs fallback for: /
[  590.773071][T13957] 
[  593.236368][T13981] overlayfs: failed to clone upperpath
[  594.720102][T14011] sctp: [Deprecated]: syz.4.2859 (pid 14011) Use of struct sctp_assoc_value in delayed_ack socket option.
[  594.720102][T14011] Use struct sctp_sack_info instead
[  595.513053][T13990] Bluetooth: hci0: command 0x2016 tx timeout
[  597.256561][T14051] MPTCP: kernel_bind error, err=-99
[  605.652200][T14125] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2889'.
[  606.170761][T14127] ptrace attach of "./syz-executor exec"[14128] was attempted by "./syz-executor exec"[14127]
[  611.224923][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  611.224940][   T26] audit: type=1804 audit(2000000843.123:220): pid=14168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2900" name="bus" dev="ramfs" ino=67974 res=1 errno=0
[  612.894150][T14185] netem: change failed
[  613.808217][T14190] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  615.106005][T14209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2913'.
[  615.116249][T14209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2913'.
[  619.854612][T13990] Bluetooth: min 6 > max 0
[  622.411475][T13990] Bluetooth: hci4: command 0x2021 tx timeout
[  622.974473][T14287] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  624.479127][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  624.485614][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  624.849227][T14306] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2943'.
[  627.680006][T14345] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2951'.
[  629.825145][T14377] overlayfs: failed to clone upperpath
[  635.777631][T14447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2986'.
[  635.983651][T14449] 9pnet: p9_errstr2errno: server reported unknown error �0x0000000000000009
[  648.909338][T14590] 9pnet: p9_errstr2errno: server reported unknown error �0x0000000000000009
[  649.436108][T14608] xt_bpf: check failed: parse error
[  651.904973][T14622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3038'.
[  652.115450][T14624] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3039'.
[  652.161952][T14631] netlink: 'syz.7.3036': attribute type 2 has an invalid length.
[  653.366236][T14624] 8021q: adding VLAN 0 to HW filter on device bond12
[  653.401000][T14625] device bond12 entered promiscuous mode
[  654.157980][T14628] device dummy0 entered promiscuous mode
[  654.165730][T14628] bond12: (slave dummy0): Enslaving as an active interface with an up link
[  654.174863][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bond12: link becomes ready
[  654.244221][T14625] device bond12 left promiscuous mode
[  654.249659][T14625] device dummy0 left promiscuous mode
[  654.638802][T14648] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3042'.
[  657.797902][T14661] overlayfs: failed to clone upperpath
[  674.606752][T14808] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3082'.
[  675.417093][T14793] team0 (unregistering): Port device team_slave_0 removed
[  675.450950][T14793] team0 (unregistering): Port device team_slave_1 removed
[  675.495038][T14801] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  675.507577][T14801] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  675.519584][T14801] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  675.991458][T14825] xt_CT: You must specify a L4 protocol and not use inversions on it
[  680.164784][T14870] xt_bpf: check failed: parse error
[  684.411195][T14907] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3109'.
[  685.897331][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  685.904987][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  693.078210][T14981] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3125'.
[  694.619629][T14985] netdevsim netdevsim2: Direct firmware load for /
[  694.619629][T14985]  failed with error -2
[  694.672892][T14985] netdevsim netdevsim2: Falling back to sysfs fallback for: /
[  694.672892][T14985] 
[  694.801015][ T4453] ------------[ cut here ]------------
[  694.807304][ T4453] WARNING: CPU: 1 PID: 4453 at io_uring/io_uring.c:2890 io_ring_exit_work+0x336/0x763
[  694.817070][ T4453] Modules linked in:
[  694.821072][ T4453] CPU: 1 PID: 4453 Comm: kworker/u4:7 Not tainted syzkaller #0
[  694.828659][ T4453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  694.838825][ T4453] Workqueue: events_unbound io_ring_exit_work
[  694.845077][ T4453] RIP: 0010:io_ring_exit_work+0x336/0x763
[  694.850913][ T4453] Code: 89 de 48 8b 7c 24 30 48 8b 74 24 10 e8 1b 2d 11 00 48 85 c0 48 8b 5c 24 28 75 3b e8 1c d5 5d f7 e9 16 fe ff ff e8 12 d5 5d f7 <0f> 0b b8 70 17 00 00 48 89 44 24 10 eb c7 44 89 f1 80 e1 07 80 c1
[  694.871164][ T4453] RSP: 0018:ffffc90004487ac0 EFLAGS: 00010293
[  694.877300][ T4453] RAX: ffffffff8a249d9e RBX: ffff88803cf8f018 RCX: ffff88801a395940
[  694.885621][ T4453] RDX: 0000000000000000 RSI: fffffffffffffffb RDI: 0000000000000000
[  694.893836][ T4453] RBP: ffffc90004487c30 R08: ffffc90004487a47 R09: 1ffff92000890f48
[  694.901899][ T4453] R10: dffffc0000000000 R11: fffff52000890f49 R12: dffffc0000000000
[  694.910010][ T4453] R13: ffff88803cf8f000 R14: 0000000100009985 R15: 000000010000998a
[  694.918059][ T4453] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  694.927156][ T4453] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  694.933814][ T4453] CR2: 0000001b2fb1bff8 CR3: 0000000060983000 CR4: 00000000003506e0
[  694.941863][ T4453] Call Trace:
[  694.945196][ T4453]  <TASK>
[  694.948189][ T4453]  ? io_ring_ctx_wait_and_kill+0x2e6/0x2e6
[  694.954094][ T4453]  ? _raw_spin_unlock+0x40/0x40
[  694.959060][ T4453]  ? _raw_spin_unlock_irq+0x1f/0x40
[  694.964340][ T4453]  ? process_one_work+0x7b0/0x1160
[  694.969535][ T4453]  process_one_work+0x8a2/0x1160
[  694.974560][ T4453]  ? worker_detach_from_pool+0x240/0x240
[  694.980412][ T4453]  ? _raw_spin_lock_irq+0xb7/0xf0
[  694.985506][ T4453]  ? _raw_spin_lock_irqsave+0x100/0x100
[  694.991129][ T4453]  ? kthread_data+0x4b/0xc0
[  694.995708][ T4453]  worker_thread+0xaa2/0x1270
[  695.000436][ T4453]  ? __kthread_parkme+0x162/0x1c0
[  695.005582][ T4453]  kthread+0x29d/0x330
[  695.009728][ T4453]  ? worker_clr_flags+0x1a0/0x1a0
[  695.014824][ T4453]  ? kthread_blkcg+0xd0/0xd0
[  695.019441][ T4453]  ret_from_fork+0x1f/0x30
[  695.023971][ T4453]  </TASK>
[  695.027019][ T4453] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  695.034321][ T4453] CPU: 1 PID: 4453 Comm: kworker/u4:7 Not tainted syzkaller #0
[  695.042247][ T4453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  695.052420][ T4453] Workqueue: events_unbound io_ring_exit_work
[  695.058540][ T4453] Call Trace:
[  695.061909][ T4453]  <TASK>
[  695.064871][ T4453]  dump_stack_lvl+0x188/0x24e
[  695.069605][ T4453]  ? memcpy+0x3c/0x60
[  695.073664][ T4453]  ? show_regs_print_info+0x12/0x12
[  695.078921][ T4453]  ? load_image+0x400/0x400
[  695.083571][ T4453]  panic+0x2e5/0x730
[  695.087509][ T4453]  ? bpf_jit_dump+0xd0/0xd0
[  695.092055][ T4453]  ? ret_from_fork+0x1f/0x30
[  695.096689][ T4453]  __warn+0x2f8/0x4f0
[  695.100696][ T4453]  ? io_ring_exit_work+0x336/0x763
[  695.105837][ T4453]  ? io_ring_exit_work+0x336/0x763
[  695.111006][ T4453]  report_bug+0x2ba/0x4f0
[  695.115436][ T4453]  ? io_ring_exit_work+0x336/0x763
[  695.120584][ T4453]  handle_bug+0x3a/0x70
[  695.124779][ T4453]  exc_invalid_op+0x16/0x40
[  695.129314][ T4453]  asm_exc_invalid_op+0x16/0x20
[  695.134206][ T4453] RIP: 0010:io_ring_exit_work+0x336/0x763
[  695.139973][ T4453] Code: 89 de 48 8b 7c 24 30 48 8b 74 24 10 e8 1b 2d 11 00 48 85 c0 48 8b 5c 24 28 75 3b e8 1c d5 5d f7 e9 16 fe ff ff e8 12 d5 5d f7 <0f> 0b b8 70 17 00 00 48 89 44 24 10 eb c7 44 89 f1 80 e1 07 80 c1
[  695.160391][ T4453] RSP: 0018:ffffc90004487ac0 EFLAGS: 00010293
[  695.166541][ T4453] RAX: ffffffff8a249d9e RBX: ffff88803cf8f018 RCX: ffff88801a395940
[  695.174524][ T4453] RDX: 0000000000000000 RSI: fffffffffffffffb RDI: 0000000000000000
[  695.182505][ T4453] RBP: ffffc90004487c30 R08: ffffc90004487a47 R09: 1ffff92000890f48
[  695.190499][ T4453] R10: dffffc0000000000 R11: fffff52000890f49 R12: dffffc0000000000
[  695.198676][ T4453] R13: ffff88803cf8f000 R14: 0000000100009985 R15: 000000010000998a
[  695.206676][ T4453]  ? io_ring_exit_work+0x336/0x763
[  695.211920][ T4453]  ? io_ring_ctx_wait_and_kill+0x2e6/0x2e6
[  695.217751][ T4453]  ? _raw_spin_unlock+0x40/0x40
[  695.222612][ T4453]  ? _raw_spin_unlock_irq+0x1f/0x40
[  695.227903][ T4453]  ? process_one_work+0x7b0/0x1160
[  695.233121][ T4453]  process_one_work+0x8a2/0x1160
[  695.238185][ T4453]  ? worker_detach_from_pool+0x240/0x240
[  695.243833][ T4453]  ? _raw_spin_lock_irq+0xb7/0xf0
[  695.249067][ T4453]  ? _raw_spin_lock_irqsave+0x100/0x100
[  695.254647][ T4453]  ? kthread_data+0x4b/0xc0
[  695.259444][ T4453]  worker_thread+0xaa2/0x1270
[  695.264156][ T4453]  ? __kthread_parkme+0x162/0x1c0
[  695.269339][ T4453]  kthread+0x29d/0x330
[  695.273430][ T4453]  ? worker_clr_flags+0x1a0/0x1a0
[  695.278611][ T4453]  ? kthread_blkcg+0xd0/0xd0
[  695.283213][ T4453]  ret_from_fork+0x1f/0x30
[  695.287655][ T4453]  </TASK>
[  695.291212][ T4453] Kernel Offset: disabled
[  695.295628][ T4453] Rebooting in 86400 seconds..