last executing test programs:

2m57.143187352s ago: executing program 0 (id=2732):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x84000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080000000", @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
fcntl$setstatus(r0, 0x4, 0x7c00)
dup3(r1, r0, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c000000010605"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0)

2m56.860592636s ago: executing program 0 (id=2736):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048840)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000000)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m56.6406136s ago: executing program 0 (id=2740):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f00000002c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000380)="e13650b5290a576ace6e3cec562d7a97bea9209657a104d4221cd217163a0b401c37406907a67e54bcd5f478a326ec692ffcf847478bb1c2bd65fc571e8b31f2de93a2219657967b65a0d7a2ef93dd8e577225c6b32260406f437117a0c9509babbe97a1b27fe399c7de49b92ae5dfc9934f06b120b1692ba618304d0de4d2f9338e514cb2bc6eeb5d0bf749d69b4f9969b13e48a16f5d69a796688cf23c1c13cb442c17c15bc7c79073a7300555ed77712e1fbc67956cc2172208600d058eca1a8431844f1fb1f2f7f920824572ef2be2db707f82e11000a8d0d8926250", 0xde}, {&(0x7f0000000180)="8209bca041c10503f6f9859a626cf690e30e662dde5b425d85e9f42c0533b6c0ab66ff1b86acc84c305fdf3a1810a0568b6f96e503f73beec59879d4d49432ddab8d2b9bb2170b65f24de0d46f5599d38caf89d40a567cfff552b8eac0364ba5e6bc8d078e227970bda57df3db94bde7fb73272fee171fa97d9bc83eced556028040b79d730c9de41f1c3b07f5415811610caa614b60d9d7ddd28a929c2f4977e3ab1c", 0xa3}, {&(0x7f0000000740)="e96d9fca86f114e0072c4a8198a11e1fa85ffaeb7a1d338707fc9e4e5d8b03a3875cdad201cf80baa3e6bf0b778547614703ab1e7ac9e408ca5abe20f3d3d239cb89d9d067e5c35cc44e46f0165f5e3b09ff1f32745d77406f4e59004c6f3a8953ee2c147deef593106acd96c86b16a7f7941e8b2004d6f8900c5c1eaabed405740477c92426b5ae8e3a2841f6f98acf69ca1a9af49becfc93c3c702d87a1e75", 0xa0}], 0x3}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="13a8892019f1989dcb3695d96b609322d26e29fc35fee071c96d80bd46d6966cbe6b7a2cae610580a28150f9f09c86ff97e05d454faac2546a34871e68f5cbd68fd4b71e2aac0dc7620672a5d97f2b82603a6f9c25d5b78524ab47fb3c477a39625e82d11bae649b50912c5c3749d587d40f", 0x72}], 0x1}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f00000012c0)="52348bf9812fc081678b5760a4c4967393fd8939aaf12a894c5424df616c4eea14fbac2dad114a75c405d89fafa5715b56abba4bbceca456d8225e3f6eb57a03287e74c7bd74e40e3fda3150f92d181e7c82cb2f8ea0416fc4c0f111161cdb9a52911925644e25f871d02f403c83214f830f93b30b874e75cab53f1ed7871f21c0d654a47fab0637868517d7e8d9915e99b4dc2dcafdcb2ef2a012ec95418a544c32181fb969e01318e00a12fd1b2a0eb57bcf7de086e320f2d4be4e1453010be849e4d7dba41558329699aacd3d1c7d97b9bf74caf8b7946647309d209558b1965ef7ea4576ec0e289b73c2089310271d0a67d88a312f4cb0194c4f28ec3c2fe269311d0cec1fe0efef17d376d183b08e392b6cb58e930e1f959dd4528ec95350fc86e5297e6d59af036b132df17833881238ba8692842a8da4d5b4a37c94915331143d9128a197495433c2f550b4455a9ae03b937305e192e861ca3a60f9b3a14288e3daeb6936593485388a4aaab39b3843ee2960d9c8728eafb904333e7b78a270480e8dd89bc4cf0b791013cff43bf314e11a44d5f9c4fdad8a2fcdb04f76de29a50a0428148f4bc3eff1e84d25ea95dabddfba6162860a3c3389ee366450b6bcf1409f920caf1be5702af0402e2cef4896db544a26ebfab694d7a47eca55bd2f62f7d7eb1f6061f7e441df5ab31344f02179764822036ef706133ea1a6380e042f074b2b0ddcc578cb8a668a846b9d5792f8d434f8ec7b562594587c49e8e6b3450e545fc070644bd06a36106cdb63f9e8ad7ae50b5b44e47f377961f5e29392330fb4", 0x246}], 0x1}}], 0x3, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

2m56.499152662s ago: executing program 0 (id=2743):
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(0x0, &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db)

2m56.101841088s ago: executing program 0 (id=2750):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0xfe8e, 0x12)

2m55.436364539s ago: executing program 0 (id=2759):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x6)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000200)={@link_local, @dev, @val={@void, {0x8100, 0x7, 0x0, 0x4}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @address_request={0x11, 0x0, 0x0, 0x1}}}}}, 0x0)

2m55.118999464s ago: executing program 32 (id=2759):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x6)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000200)={@link_local, @dev, @val={@void, {0x8100, 0x7, 0x0, 0x4}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @address_request={0x11, 0x0, 0x0, 0x1}}}}}, 0x0)

2m55.107225544s ago: executing program 2 (id=2763):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}, 0x7}, 0x1c)
r1 = gettid()
fcntl$setown(r0, 0x8, r1)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xfff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="02", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000002c0)}}], 0x2, 0x404c851)

2m54.980271056s ago: executing program 2 (id=2764):
socket(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x59dc6d71776a1654}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000040)='qdisc_destroy\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
socket(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000080c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="4c00000010000305000900"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800c0001006d6163766c616e00140002800800010010000000", @ANYRES32=r5, @ANYBLOB="1cee7e6bf7db7469ae9e7c5f10e0e8b3"], 0x4c}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f00000007c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r6}, 0x1f)
unshare(0x6a040000)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0xe)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r10, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x700})
r11 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, r11)
socket(0x10, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)

2m54.148252049s ago: executing program 2 (id=2771):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x4000, 0x4)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r1, 0x84, 0x75, &(0x7f0000000040)="020000000980ffff", 0x8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x1, 0x3}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

2m53.36241756s ago: executing program 2 (id=2777):
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db)

2m52.996163926s ago: executing program 2 (id=2782):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
r2 = dup(r1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3)
dup3(r0, r2, 0x0)
r3 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x13)

2m50.785749409s ago: executing program 2 (id=2788):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}, 0x7}, 0x1c)
r1 = gettid()
fcntl$setown(r0, 0x8, r1)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xfff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="02", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1}}], 0x2, 0x404c851)

2m50.387272635s ago: executing program 33 (id=2788):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}, 0x7}, 0x1c)
r1 = gettid()
fcntl$setown(r0, 0x8, r1)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xfff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="02", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1}}], 0x2, 0x404c851)

2m32.991152042s ago: executing program 5 (id=2888):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1d, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3)
dup3(r0, 0xffffffffffffffff, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
pwritev(r3, &(0x7f00000005c0)=[{&(0x7f0000000600)='\x00T', 0x2}, {&(0x7f0000000640)="685114cc", 0x4}], 0x2, 0xffffffff, 0x4)

2m32.675421207s ago: executing program 5 (id=2891):
rt_sigaction(0x40, &(0x7f00000000c0)={0x0, 0x8000000, 0x0, {[0x9]}}, 0x0, 0x8, &(0x7f0000000200))
setrlimit(0xd, &(0x7f0000000280)={0xc800, 0x10001})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
read$eventfd(r0, &(0x7f0000000280), 0x8)

2m32.47368446s ago: executing program 5 (id=2895):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0213"], 0x10}}, 0x0)
r0 = io_uring_setup(0x5594, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x0, 0x1d2})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

2m32.083236686s ago: executing program 5 (id=2897):
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), 0x0, 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db)

2m31.738633811s ago: executing program 5 (id=2902):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f00000002c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000380)="e13650b5290a576ace6e3cec562d7a97bea9209657a104d4221cd217163a0b401c37406907a67e54bcd5f478a326ec692ffcf847478bb1c2bd65fc571e8b31f2de93a2219657967b65a0d7a2ef93dd8e577225c6b32260406f437117a0c9509babbe97a1b27fe399c7de49b92ae5dfc9934f06b120b1692ba618304d0de4d2f9338e514cb2bc6eeb5d0bf749d69b4f9969b13e48a16f5d69a796688cf23c1c13cb442c17c15bc7c79073a7300555ed77712e1fbc67956cc2172208600d058eca1a8431844f1fb1f2f7f920824572ef2be2db707f82e11000a8d0d8926250", 0xde}, {&(0x7f0000000180)="8209bca041c10503f6f9859a626cf690e30e662dde5b425d85e9f42c0533b6c0ab66ff1b86acc84c305fdf3a1810a0568b6f96e503f73beec59879d4d49432ddab8d2b9bb2170b65f24de0d46f5599d38caf89d40a567cfff552b8eac0364ba5e6bc8d078e227970bda57df3db94bde7fb73272fee171fa97d9bc83eced556028040b79d730c9de41f1c3b07f5415811610caa614b60d9d7ddd28a929c2f4977e3ab1c", 0xa3}, {&(0x7f0000000740)="e96d9fca86f114e0072c4a8198a11e1fa85ffaeb7a1d338707fc9e4e5d8b03a3875cdad201cf80baa3e6bf0b778547614703ab1e7ac9e408ca5abe20f3d3d239cb89d9d067e5c35cc44e46f0165f5e3b09ff1f32745d77406f4e59004c6f3a8953ee2c147deef593106acd96c86b16a7f7941e8b2004d6f8900c5c1eaabed405740477c92426b5ae8e3a2841f6f98acf69ca1a9af49becfc93c3c702d87a1e75", 0xa0}], 0x3}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="13a8892019f1989dcb3695d96b609322d26e29fc35fee071c96d80bd46d6966cbe6b7a2cae610580a28150f9f09c86ff97e05d454faac2546a34871e68f5cbd68fd4b71e2aac0dc7620672a5d97f2b82603a6f9c25d5b78524ab47fb3c477a39625e82d11bae649b50912c5c3749d587d40f", 0x72}], 0x1}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f00000012c0)="52348bf9812fc081678b5760a4c4967393fd8939aaf12a894c5424df616c4eea14fbac2dad114a75c405d89fafa5715b56abba4bbceca456d8225e3f6eb57a03287e74c7bd74e40e3fda3150f92d181e7c82cb2f8ea0416fc4c0f111161cdb9a52911925644e25f871d02f403c83214f830f93b30b874e75cab53f1ed7871f21c0d654a47fab0637868517d7e8d9915e99b4dc2dcafdcb2ef2a012ec95418a544c32181fb969e01318e00a12fd1b2a0eb57bcf7de086e320f2d4be4e1453010be849e4d7dba41558329699aacd3d1c7d97b9bf74caf8b7946647309d209558b1965ef7ea4576ec0e289b73c2089310271d0a67d88a312f4cb0194c4f28ec3c2fe269311d0cec1fe0efef17d376d183b08e392b6cb58e930e1f959dd4528ec95350fc86e5297e6d59af036b132df17833881238ba8692842a8da4d5b4a37c94915331143d9128a197495433c2f550b4455a9ae03b937305e192e861ca3a60f9b3a14288e3daeb6936593485388a4aaab39b3843ee2960d9c8728eafb904333e7b78a270480e8dd89bc4cf0b791013cff43bf314e11a44d5f9c4fdad8a2fcdb04f76de29a50a0428148f4bc3eff1e84d25ea95dabddfba6162860a3c3389ee366450b6bcf1409f920caf1be5702af0402e2cef4896db544a26ebfab694d7a47eca55bd2f62f7d7eb1f6061f7e441df5ab31344f02179764822036ef706133ea1a6380e042f074b2b0ddcc578cb8a668a846b9d5792f8d434f8ec7b562594587c49e8e6b3450e545fc070644bd06a36106cdb63f9e8ad7ae50b5b44e47f377961f5e29392330fb4", 0x246}], 0x1}}], 0x3, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

2m31.233476839s ago: executing program 5 (id=2908):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x1, 0x3}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

2m30.810946936s ago: executing program 34 (id=2908):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x1, 0x3}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

4.151754427s ago: executing program 6 (id=3739):
sched_setscheduler(0x0, 0x2, 0x0)
syz_open_dev$vcsu(0x0, 0xffffffffffff7fff, 0xa000)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x4000884)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @local}, {0x0, 0x17c1, 0x8}}}}}, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x2a)

3.760505903s ago: executing program 1 (id=3741):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fbdbdf251e00000008000300", @ANYRES32=r2, @ANYBLOB="50002f800c0002000203aaaaaaaaaaaa0c00038008000100020000003400038008000100000000002800038006000100"], 0x6c}, 0x1, 0x0, 0x0, 0x20000041}, 0x4880)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0xb, 0x0, @vifc_lcl_addr=@empty, @remote}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3.346425189s ago: executing program 4 (id=3745):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=@migrate={0xcc, 0x21, 0x1, 0xfffffffc, 0x0, {{@in=@private=0xa010101, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x100000}, [@migrate={0x50, 0x11, [{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@mcast1, @in=@private=0xa010102, @in=@loopback, 0x33, 0x1, 0x0, 0x3506, 0x2, 0x8}]}, @user_kmaddress={0x2c, 0x13, {@in6=@private1, @in=@loopback}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x800c}, 0x0)

3.28459643s ago: executing program 1 (id=3746):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x4)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

3.28360387s ago: executing program 4 (id=3747):
fsync(0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYRES16=<r1=>0x0], &(0x7f0000000180)='syzkaller\x00', 0xfff, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x77, 0x41341)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x5, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x9c, 0xb, 0x2001, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r7}, 0x18)
ptrace(0x10, r5)
ptrace$getregset(0x4204, r5, 0x1, &(0x7f0000000480)={0x0})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000540)={0x0, 0x0, <r8=>0x0, &(0x7f00000004c0)=""/76, 0x4c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYRESOCT=r8, @ANYRESOCT=r8, @ANYRES32=<r9=>0xffffffffffffffff, @ANYRES32=<r10=>0x0], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1d, 0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r10, @ANYRESDEC=r9, @ANYRESHEX=r1, @ANYRES64=r6], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11}, 0x10)
r12 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r12, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r12, 0x8943, &(0x7f0000000000))
syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r0)
r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x25}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x10000}, 0x50)

3.23545206s ago: executing program 6 (id=3749):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@dioread_nolock}, {@nobarrier}, {@abort}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@norecovery}, {@errors_remount}]}, 0x1, 0x570, &(0x7f00000019c0)="$eJzs3c1rHOUfAPDvbF76+vs1hVJURAI9WNFumsSXCh7qUbRY0HtdkjGUbLoluylNLLQ92IsXKYKIBfHgTe8ei/+Af0VBi0VK0IOXyGxm022zm2zTbXbrfj4w4XlmZvM835l5nn1mn1k2gIE1nv0pRDwfEV8mEYciIsm3DUe+cXx9v9X7V2ayJYm1tY/+TOr7ZfnG/2q87kCeeS4ifvk84tXC5nKryyvzpXI5XczzE7WFixPV5ZUT5xdKc+lcemFqevrUG9NTb7/1ZtdifeXs3998ePu9U18cW/36p7uHbyZxOg7m25rjeALXmjPjMZ4fk5E4/ciOk10orJ8kva4AOzKUt/ORyPqAQzGUt3rgv+9qRKwBAyrR/mFANcYBjXv7Lt0HPzPuvbt+A7Q5/uH1z0Zib/3eaP9q8tCdUXa/O9aF8rMyfv791s1sie59DgGwrWvXI+Lk8PDm/i/J+7+dO9nBPo+Wof+D3XM7G/+81mr8U9gY/0SL8c+BFm13J7Zv/4W7XSimrWz8907L8e/GpNXYUJ77X33MN5J8er6cZn3b/yPieIzsyfJbzeecWr2z1m5b8/gvW7LyG2PBvB53h/c8/JrZUq30JDE3u3c94oWW499k4/wnLc5/djzOdljG0fTWS+22bR//07X2fcTLLc//gxmtZOv5yYn69TDRuCo2++vG0V/blb85/tHYzfiz879/6/jHkub52urjl/Hd3n/Sdtseij86v/5Hk4/r6dF83eVSrbY4GTGafLB5/dSD1zbyjf2z+I8f27r/a3X974uITzqM/8aRH1/sKP4eXP9Z/LOPdf4fP3Hn/c++bVd+Z/3f6/XU8XxNJ/1fpxV8kmMHAAAAAAAA/aYQEQcjKRQ30oVCsbj+fMeR2F8oj60//xGzUf+u7FiMFBoz3YeanoeYzJ+HbeSnHslPR8ThiPhqaF89X5yplGd7HTwAAAAAAAAAAAAAAAAAAAD0iQNtvv+f+W2o17UDnjo/+Q2Da9v2341fegL6kvd/GFzaPwwu7R8Gl/YPg6up/e/pZT2A3ef9HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArjp75ky2rK3evzKT5WcvLS/NVy6dmE2r88WFpZniTGXxYnGuUpkrp8WZysJ2/69cqVycnIqlyxO1tFqbqC6vnFuoLF2onTu/UJpLz6UjuxIVAAAAAAAAAAAAAAAAAAAAPFuqyyvzpXI5XZSQ2FFiuD+qsZ7ILummNVd7XZ+tEn/80BfVaJfodc8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8GwAA//9ITzKe")
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000f9ffffff0000000011000000181100", @ANYRES32, @ANYBLOB="0000000000000060b7"], 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x4b, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
setxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000700)=ANY=[], 0x381, 0x2)

3.190059201s ago: executing program 1 (id=3750):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair(0x23, 0x2, 0x0, &(0x7f0000000040))

3.026865934s ago: executing program 4 (id=3751):
r0 = socket$nl_route(0x10, 0x3, 0x0)
recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2000c058)

2.894900896s ago: executing program 6 (id=3752):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r1, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000, 0x0, 0x20000000}, 0x4000)

2.735742398s ago: executing program 6 (id=3753):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@test_dummy_encryption}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file2\x00', 0x42, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0xfffffffe, 0x2, 0x3, 0x6})

1.9582583s ago: executing program 4 (id=3756):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0x11)

1.95802005s ago: executing program 6 (id=3757):
sched_setscheduler(0x0, 0x2, 0x0)
syz_open_dev$vcsu(0x0, 0xffffffffffff7fff, 0xa000)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x4000884)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @local}, {0x0, 0x17c1, 0x8}}}}}, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x2a)

1.274324681s ago: executing program 3 (id=3760):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x44, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000000)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.083459424s ago: executing program 3 (id=3761):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fbdbdf251e000000"], 0x6c}, 0x1, 0x0, 0x0, 0x20000041}, 0x4880)

960.735086ms ago: executing program 4 (id=3762):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f00000002c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="13a8892019f1989dcb3695d96b609322d26e29fc35fee071c96d80bd46d6966cbe6b7a2cae610580a28150f9f09c86ff97e05d454faac2546a34871e68f5cbd68fd4b71e2aac0dc7620672a5d97f2b82603a6f9c25d5b78524ab47fb3c477a39625e82d11bae649b50912c5c3749d587d40f", 0x72}], 0x1}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f00000012c0)="52348bf9812fc081678b5760a4c4967393fd8939aaf12a894c5424df616c4eea14fbac2dad114a75c405d89fafa5715b56abba4bbceca456d8225e3f6eb57a03287e74c7bd74e40e3fda3150f92d181e7c82cb2f8ea0416fc4c0f111161cdb9a52911925644e25f871d02f403c83214f830f93b30b874e75cab53f1ed7871f21c0d654a47fab0637868517d7e8d9915e99b4dc2dcafdcb2ef2a012ec95418a544c32181fb969e01318e00a12fd1b2a0eb57bcf7de086e320f2d4be4e1453010be849e4d7dba41558329699aacd3d1c7d97b9bf74caf8b7946647309d209558b1965ef7ea4576ec0e289b73c2089310271d0a67d88a312f4cb0194c4f28ec3c2fe269311d0cec1fe0efef17d376d183b08e392b6cb58e930e1f959dd4528ec95350fc86e5297e6d59af036b132df17833881238ba8692842a8da4d5b4a37c94915331143d9128a197495433c2f550b4455a9ae03b937305e192e861ca3a60f9b3a14288e3daeb6936593485388a4aaab39b3843ee2960d9c8728eafb904333e7b78a270480e8dd89bc4cf0b791013cff43bf314e11a44d5f9c4fdad8a2fcdb04f76de29a50a0428148f4bc3eff1e84d25ea95dabddfba6162860a3c3389ee366450b6bcf1409f920caf1be5702af0402e2cef4896db544a26ebfab694d7a47eca55bd2f62f7d7eb1f6061f7e441df5ab31344f02179764822036ef706133ea1a6380e042f074b2b0ddcc578cb8a668a846b9d5792f8d434f8ec7b562594587c49e8e6b3450e545fc070644bd06a36106cdb63f9e8ad7ae50b5b44e47f377961f5e29392330fb4", 0x246}], 0x1}}], 0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

959.979116ms ago: executing program 3 (id=3763):
socket$inet_udp(0x2, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='syzkaller\x00'}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r1}, 0x10)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x4e22, 0x7, @empty, 0xfffffffc}, 0xffffffffffffffff, {[0x0, 0x0, 0x5c, 0x3, 0x3, 0x5, 0x0, 0x3]}}, 0x66)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
pipe(&(0x7f0000000280))
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r5}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

775.308198ms ago: executing program 4 (id=3764):
r0 = socket$nl_route(0x10, 0x3, 0x0)
recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2000c058)

736.893629ms ago: executing program 3 (id=3765):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x140f, 0x1, 0x70bd25, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x4000840}, 0x4004804)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000005007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

720.290209ms ago: executing program 1 (id=3766):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00'})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0xb, 0x0, @vifc_lcl_addr=@empty, @remote}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

530.644402ms ago: executing program 3 (id=3767):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@dioread_nolock}, {@nobarrier}, {@abort}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@norecovery}, {@errors_remount}]}, 0x1, 0x570, &(0x7f00000019c0)="$eJzs3c1rHOUfAPDvbF76+vs1hVJURAI9WNFumsSXCh7qUbRY0HtdkjGUbLoluylNLLQ92IsXKYKIBfHgTe8ei/+Af0VBi0VK0IOXyGxm022zm2zTbXbrfj4w4XlmZvM835l5nn1mn1k2gIE1nv0pRDwfEV8mEYciIsm3DUe+cXx9v9X7V2ayJYm1tY/+TOr7ZfnG/2q87kCeeS4ifvk84tXC5nKryyvzpXI5XczzE7WFixPV5ZUT5xdKc+lcemFqevrUG9NTb7/1ZtdifeXs3998ePu9U18cW/36p7uHbyZxOg7m25rjeALXmjPjMZ4fk5E4/ciOk10orJ8kva4AOzKUt/ORyPqAQzGUt3rgv+9qRKwBAyrR/mFANcYBjXv7Lt0HPzPuvbt+A7Q5/uH1z0Zib/3eaP9q8tCdUXa/O9aF8rMyfv791s1sie59DgGwrWvXI+Lk8PDm/i/J+7+dO9nBPo+Wof+D3XM7G/+81mr8U9gY/0SL8c+BFm13J7Zv/4W7XSimrWz8907L8e/GpNXYUJ77X33MN5J8er6cZn3b/yPieIzsyfJbzeecWr2z1m5b8/gvW7LyG2PBvB53h/c8/JrZUq30JDE3u3c94oWW499k4/wnLc5/djzOdljG0fTWS+22bR//07X2fcTLLc//gxmtZOv5yYn69TDRuCo2++vG0V/blb85/tHYzfiz879/6/jHkub52urjl/Hd3n/Sdtseij86v/5Hk4/r6dF83eVSrbY4GTGafLB5/dSD1zbyjf2z+I8f27r/a3X974uITzqM/8aRH1/sKP4eXP9Z/LOPdf4fP3Hn/c++bVd+Z/3f6/XU8XxNJ/1fpxV8kmMHAAAAAAAA/aYQEQcjKRQ30oVCsbj+fMeR2F8oj60//xGzUf+u7FiMFBoz3YeanoeYzJ+HbeSnHslPR8ThiPhqaF89X5yplGd7HTwAAAAAAAAAAAAAAAAAAAD0iQNtvv+f+W2o17UDnjo/+Q2Da9v2341fegL6kvd/GFzaPwwu7R8Gl/YPg6up/e/pZT2A3ef9HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArjp75ky2rK3evzKT5WcvLS/NVy6dmE2r88WFpZniTGXxYnGuUpkrp8WZysJ2/69cqVycnIqlyxO1tFqbqC6vnFuoLF2onTu/UJpLz6UjuxIVAAAAAAAAAAAAAAAAAAAAPFuqyyvzpXI5XZSQ2FFiuD+qsZ7ILummNVd7XZ+tEn/80BfVaJfodc8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8GwAA//9ITzKe")
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000f9ffffff000000001100000018110000", @ANYRES32, @ANYBLOB="0000000000000060b7"], 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x4b, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
setxattr$trusted_overlay_nlink(0x0, &(0x7f0000000140), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000700)=ANY=[], 0x381, 0x2)

484.002513ms ago: executing program 1 (id=3768):
fsync(0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYRES16=<r1=>0x0], &(0x7f0000000180)='syzkaller\x00', 0xfff, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x77, 0x41341)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x9c, 0xb, 0x2001, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r7}, 0x18)
ptrace(0x10, r5)
ptrace$getregset(0x4204, r5, 0x1, &(0x7f0000000480)={0x0})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000540)={0x0, 0x0, <r8=>0x0, &(0x7f00000004c0)=""/76, 0x4c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYRESOCT=r8, @ANYRESOCT=r8, @ANYRES32=<r9=>0xffffffffffffffff, @ANYRES32=<r10=>0x0], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1d, 0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r10, @ANYRESDEC=r9, @ANYRESHEX=r1, @ANYRES64=r6], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11}, 0x10)
r12 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r12, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r12, 0x8943, &(0x7f0000000000))
syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r0)
r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x25}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x10000}, 0x50)

264.684406ms ago: executing program 1 (id=3769):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$TIPC_NL_PUBL_GET(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@nodiscard}, {}, {@background_gc_on}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@gc_merge}, {@nouser_xattr}, {@alloc_mode_reuse}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@block_mode}, {@noinline_dentry}]}, 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1811e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x2)
ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r4, 0x0, 0xfc01, 0x1000f4)

254.296126ms ago: executing program 3 (id=3770):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0x11)

0s ago: executing program 6 (id=3771):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x18)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @multicast2}, {0x0, @link_local}, 0x4a, {0x2, 0x0, @rand_addr=0x64010101}, 'veth0_to_team\x00'})
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0xfff, 0x0)

kernel console output (not intermixed with test programs):

 syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1481.597046][   T28] audit: type=1326 audit(1753795114.917:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1481.712734][   T28] audit: type=1326 audit(1753795114.927:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1481.775446][T18391] netlink: 'syz.1.2831': attribute type 4 has an invalid length.
[ 1481.789848][   T50] Bluetooth: hci0: command tx timeout
[ 1481.837702][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1481.860686][   T28] audit: type=1326 audit(1753795114.927:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1481.920638][T18247] veth0_vlan: entered promiscuous mode
[ 1481.926803][   T28] audit: type=1326 audit(1753795114.927:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1481.963663][T18247] veth1_vlan: entered promiscuous mode
[ 1482.005793][   T28] audit: type=1326 audit(1753795114.927:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1482.046078][   T28] audit: type=1326 audit(1753795114.987:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1482.075701][T18247] veth0_macvtap: entered promiscuous mode
[ 1482.093653][   T28] audit: type=1326 audit(1753795114.987:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1482.122855][   T28] audit: type=1326 audit(1753795114.987:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1482.148451][   T28] audit: type=1326 audit(1753795115.007:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18387 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1482.181121][T18247] veth1_macvtap: entered promiscuous mode
[ 1482.201460][T18247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1482.221574][T18247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1482.231605][T18247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1482.246650][T18247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1482.265775][T18403] loop1: detected capacity change from 0 to 128
[ 1482.290279][T18247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1482.309258][T18247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1482.332019][T18247] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1482.403552][T18247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1482.453830][T18247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1482.481206][T18247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1482.515587][T18247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1482.547357][T18247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1482.595692][T18247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1482.645295][T18247] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1482.714428][T18247] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.762798][T18247] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.803043][T18247] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.836646][T18247] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.857510][T18408] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1482.912087][T18408] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1483.221816][T18412] loop4: detected capacity change from 0 to 2048
[ 1483.257154][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1483.291756][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1483.358584][T18412] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1483.405960][ T1317] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1483.415073][ T1317] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1483.446575][T18155] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[ 1483.469030][T18155] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6642: Corrupt filesystem
[ 1483.628586][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1484.157147][T18422] loop1: detected capacity change from 0 to 512
[ 1484.389054][T18422] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1484.402054][T18422] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1484.927383][T18433] loop4: detected capacity change from 0 to 512
[ 1484.934665][T18433] EXT4-fs: Ignoring removed nobh option
[ 1485.003386][T18433] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.2844: iget: bad i_size value: 38620345925642
[ 1485.022428][T18433] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2844: couldn't read orphan inode 15 (err -117)
[ 1485.046121][T18439] loop5: detected capacity change from 0 to 512
[ 1485.057490][T18439] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1485.071957][T18433] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1485.135687][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1485.139343][T18439] EXT4-fs (loop5): 1 truncate cleaned up
[ 1485.155917][T18439] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1485.304585][T18247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1485.489464][T18449] binfmt_misc: register: failed to install interpreter file ./file2
[ 1485.499567][T18449] Cannot find add_set index 0 as target
[ 1485.511898][T18450] loop1: detected capacity change from 0 to 128
[ 1485.918634][T18462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2855'.
[ 1485.933255][   T11] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm kworker/u4:0: bg 0: block 5: invalid block bitmap
[ 1485.942699][T18462] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2855'.
[ 1485.954372][   T11] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1485.968260][   T11] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1485.968260][   T11] 
[ 1485.971902][T18462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2855'.
[ 1485.979168][   T11] EXT4-fs (loop4): Total free blocks count 0
[ 1485.995029][T18462] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2855'.
[ 1486.004005][   T11] EXT4-fs (loop4): Free/Dirty block details
[ 1486.004028][   T11] EXT4-fs (loop4): free_blocks=0
[ 1486.004043][   T11] EXT4-fs (loop4): dirty_blocks=5024
[ 1486.004054][   T11] EXT4-fs (loop4): Block reservation details
[ 1486.004065][   T11] EXT4-fs (loop4): i_reserved_data_blocks=5024
[ 1486.072973][   T11] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[ 1486.204290][T18468] tipc: Started in network mode
[ 1486.230629][T18468] tipc: Node identity 429c49285b4c, cluster identity 4711
[ 1486.253358][T18468] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1486.316872][T18473] syzkaller0: entered promiscuous mode
[ 1486.325480][T18473] syzkaller0: entered allmulticast mode
[ 1486.380352][T18468] tipc: Resetting bearer <eth:syzkaller0>
[ 1486.390689][T18478] binfmt_misc: register: failed to install interpreter file ./file2
[ 1486.402851][T18466] tipc: Resetting bearer <eth:syzkaller0>
[ 1486.409335][T18478] Cannot find del_set index 1 as target
[ 1486.440620][T18466] tipc: Disabling bearer <eth:syzkaller0>
[ 1486.513864][T18482] loop3: detected capacity change from 0 to 1024
[ 1486.522389][T18482] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1486.554662][T18482] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1486.709807][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1487.042101][T18502] binfmt_misc: register: failed to install interpreter file ./file2
[ 1487.057510][T18502] Cannot find del_set index 1 as target
[ 1487.244244][T18507] (null): rxe_set_mtu: Set mtu to 1024
[ 1488.234466][T18507] infiniband syz!: set active
[ 1488.239574][T18507] infiniband syz!: added team_slave_0
[ 1488.826789][T18507] RDS/IB: syz!: added
[ 1488.833492][T18507] smc: adding ib device syz! with port count 1
[ 1488.840712][T18507] smc:    ib device syz! port 1 has pnetid 
[ 1489.082858][   T28] kauditd_printk_skb: 2 callbacks suppressed
[ 1489.082873][   T28] audit: type=1326 audit(1753795122.597:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18510 comm="syz.4.2875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1489.214903][   T28] audit: type=1326 audit(1753795122.637:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18510 comm="syz.4.2875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1489.311035][   T28] audit: type=1326 audit(1753795122.637:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18510 comm="syz.4.2875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1489.678960][T18524] loop1: detected capacity change from 0 to 512
[ 1489.695104][T18524] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1489.733216][T18524] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c118, mo2=0002]
[ 1489.783946][T18524] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.2879: corrupted in-inode xattr: e_value size too large
[ 1489.822713][T18524] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2879: couldn't read orphan inode 15 (err -117)
[ 1489.849922][T18524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1489.981292][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1490.074845][T18538] netlink: 'syz.3.2885': attribute type 4 has an invalid length.
[ 1490.283263][T18552] loop4: detected capacity change from 0 to 512
[ 1490.291187][T18549] loop1: detected capacity change from 0 to 128
[ 1490.334752][T18552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1490.342030][T18557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2890'.
[ 1490.363691][T18552] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1490.497154][T18557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2890'.
[ 1490.539040][   T28] audit: type=1800 audit(1753795124.057:119): pid=18552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2889" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1490.644327][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1490.773797][T18563] loop3: detected capacity change from 0 to 512
[ 1490.784560][T18563] EXT4-fs: Ignoring removed nobh option
[ 1490.809723][T18563] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2894: iget: bad i_size value: 38620345925642
[ 1490.850622][T18563] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2894: couldn't read orphan inode 15 (err -117)
[ 1490.940467][T18563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1491.099194][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1491.139517][T18570] netlink: 'syz.4.2896': attribute type 4 has an invalid length.
[ 1491.258803][T18581] loop5: detected capacity change from 0 to 512
[ 1491.267913][T18581] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1491.299865][T18581] EXT4-fs (loop5): 1 truncate cleaned up
[ 1491.320681][T18581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1491.406643][   T28] audit: type=1800 audit(1753795124.917:120): pid=18572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2897" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1491.485509][T18247] EXT4-fs error (device loop5): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /13/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1491.513957][T18247] EXT4-fs (loop5): Remounting filesystem read-only
[ 1491.531623][T18587] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2901'.
[ 1491.587346][T18587] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2901'.
[ 1491.605225][T18465] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1491.886222][T18594] netlink: 7 bytes leftover after parsing attributes in process `syz.3.2905'.
[ 1491.900166][T18594] netlink: 7 bytes leftover after parsing attributes in process `syz.3.2905'.
[ 1492.096179][T18598] loop3: detected capacity change from 0 to 2048
[ 1492.171012][T18598]  loop3: p1 < > p4
[ 1492.187609][T18598] loop3: p4 size 8388608 extends beyond EOD, truncated
[ 1492.341234][   T11] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1492.482552][   T11] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1492.609440][   T11] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1492.722366][   T11] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1492.771253][T18607] loop3: detected capacity change from 0 to 512
[ 1492.801587][T18607] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1492.831267][T18607] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.2913: bg 0: block 248: padding at end of block bitmap is not set
[ 1492.878758][T18607] Quota error (device loop3): write_blk: dquota write failed
[ 1492.917134][T18607] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1492.927861][T18607] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.2913: Failed to acquire dquot type 1
[ 1492.967165][T18607] EXT4-fs (loop3): 1 truncate cleaned up
[ 1492.989515][T18607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1493.020613][T16610] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1493.030857][T16610] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1493.039416][T16610] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1493.048579][T16610] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1493.076687][ T5789] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1493.085462][ T5789] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1493.114463][T18607] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1493.152318][T18607] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1493.162246][T18615] Quota error (device loop3): do_check_range: Getting block 1536 out of range 0-5
[ 1493.246952][T18607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2913'.
[ 1493.255976][T18607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2913'.
[ 1493.786032][T18627] netlink: 'syz.4.2919': attribute type 10 has an invalid length.
[ 1493.793970][T18627] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2919'.
[ 1493.803089][T18627] dummy0: entered promiscuous mode
[ 1494.194690][T18611] chnl_net:caif_netlink_parms(): no params data found
[ 1494.282921][T18639] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2923'.
[ 1494.650471][T18649] loop4: detected capacity change from 0 to 128
[ 1494.715882][   T11] hsr_slave_0: left promiscuous mode
[ 1494.722354][   T11] hsr_slave_1: left promiscuous mode
[ 1494.729073][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1494.736624][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1494.766577][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1494.775044][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1494.787059][   T11] bridge_slave_1: left allmulticast mode
[ 1494.802971][   T11] bridge_slave_1: left promiscuous mode
[ 1494.819242][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1494.840542][   T11] bridge_slave_0: left allmulticast mode
[ 1494.846259][   T11] bridge_slave_0: left promiscuous mode
[ 1494.853254][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1494.901083][   T11] veth1_macvtap: left promiscuous mode
[ 1494.907072][   T11] veth0_macvtap: left promiscuous mode
[ 1494.912953][   T11] veth1_vlan: left promiscuous mode
[ 1494.920313][   T11] veth0_vlan: left promiscuous mode
[ 1495.137822][ T5789] Bluetooth: hci0: command tx timeout
[ 1495.801295][   T11] team0 (unregistering): Port device team_slave_1 removed
[ 1495.880669][   T11] team0 (unregistering): Port device team_slave_0 removed
[ 1495.936334][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1495.996970][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1496.551866][T18660] loop4: detected capacity change from 0 to 2048
[ 1496.601440][T18660] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1496.669996][   T11] bond0 (unregistering): Released all slaves
[ 1496.773040][T18664] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1496.790214][T18664] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 954 with error 28
[ 1496.804203][T18664] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1496.804203][T18664] 
[ 1496.814144][T18664] EXT4-fs (loop4): Total free blocks count 0
[ 1496.821458][T18664] EXT4-fs (loop4): Free/Dirty block details
[ 1496.828203][T18664] EXT4-fs (loop4): free_blocks=2415919104
[ 1496.833951][T18664] EXT4-fs (loop4): dirty_blocks=960
[ 1496.853601][T18611] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1496.855432][T18651] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1496.870304][T18664] EXT4-fs (loop4): Block reservation details
[ 1496.871232][T18611] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1496.891110][T18611] bridge_slave_0: entered allmulticast mode
[ 1496.900478][T18611] bridge_slave_0: entered promiscuous mode
[ 1496.902164][T18664] EXT4-fs (loop4): i_reserved_data_blocks=60
[ 1496.919279][T18651] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1496.927786][T18611] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1496.956335][T18651] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1496.975411][T18611] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1497.008816][T18611] bridge_slave_1: entered allmulticast mode
[ 1497.016600][T18611] bridge_slave_1: entered promiscuous mode
[ 1497.132573][T18611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1497.180587][T18611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1497.216954][ T5789] Bluetooth: hci0: command tx timeout
[ 1497.277373][T18611] team0: Port device team_slave_0 added
[ 1497.302010][T18611] team0: Port device team_slave_1 added
[ 1497.359412][T18670] loop1: detected capacity change from 0 to 128
[ 1497.368685][T18611] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1497.375778][T18611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1497.403249][T18611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1497.427845][T18611] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1497.435417][T18611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1497.478667][T18611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1497.535565][  T163] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[ 1497.543886][T18672] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2931'.
[ 1497.601393][T18611] hsr_slave_0: entered promiscuous mode
[ 1497.617096][T18611] hsr_slave_1: entered promiscuous mode
[ 1497.626160][T18611] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1497.639491][T18611] Cannot create hsr debugfs directory
[ 1497.686240][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1497.794586][T18679] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2934'.
[ 1498.104872][T18692] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2938'.
[ 1498.127436][T18611] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1498.150282][T18611] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1498.195300][T18611] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1498.243978][T18611] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1498.426637][T18695] loop4: detected capacity change from 0 to 512
[ 1498.719638][T18695] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1498.926818][T18695] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.2941: bg 0: block 248: padding at end of block bitmap is not set
[ 1498.946909][T18705] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2940'.
[ 1498.991686][T18695] Quota error (device loop4): write_blk: dquota write failed
[ 1499.020911][T18695] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 1499.066670][T18695] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.2941: Failed to acquire dquot type 1
[ 1499.112749][T18695] EXT4-fs (loop4): 1 truncate cleaned up
[ 1499.193871][T18611] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1499.261505][T18611] 8021q: adding VLAN 0 to HW filter on device team0
[ 1499.297414][ T5789] Bluetooth: hci0: command tx timeout
[ 1499.336227][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1499.343413][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1499.375764][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1499.383051][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1499.590789][T18712] syz!: rxe_newlink: already configured on team_slave_0
[ 1499.653968][T18695] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1499.696457][T18716] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2945'.
[ 1499.707285][T18695] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[ 1499.772956][T18695] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1499.823543][T18718] Quota error (device loop4): do_check_range: Getting block 1536 out of range 0-5
[ 1499.845477][T18695] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2941'.
[ 1499.873089][T18695] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2941'.
[ 1499.953070][T18730] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2948'.
[ 1499.980379][T18611] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1500.410594][T18745] (null): rxe_set_mtu: Set mtu to 1024
[ 1500.442909][T18745] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1501.387980][ T5789] Bluetooth: hci0: command tx timeout
[ 1501.462776][T18752] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2954'.
[ 1501.674569][T18611] veth0_vlan: entered promiscuous mode
[ 1501.742447][T18611] veth1_vlan: entered promiscuous mode
[ 1501.831415][T18611] veth0_macvtap: entered promiscuous mode
[ 1501.906455][T18611] veth1_macvtap: entered promiscuous mode
[ 1501.960924][T18611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1501.977513][T18611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1501.987443][T18611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1501.997947][T18611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1502.007812][T18611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1502.034315][T18611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1502.046501][T18611] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1502.094393][T18611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1502.118577][T18611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1502.128490][T18611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1502.139599][T18611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1502.150375][T18611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1502.161171][T18611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1502.173712][T18611] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1502.202159][T18611] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.221992][T18611] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.231089][T18611] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.239904][T18611] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.366275][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1502.386363][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1502.454006][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1502.462254][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1502.961547][T18770] netlink: 'syz.6.2909': attribute type 4 has an invalid length.
[ 1503.541909][T18780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2962'.
[ 1503.636200][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1503.817022][T18784] loop3: detected capacity change from 0 to 1024
[ 1503.841090][T18784] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1503.895615][T18784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1503.995442][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1504.119271][T18795] loop1: detected capacity change from 0 to 128
[ 1504.235811][T18809] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2973'.
[ 1504.267086][T18808] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2972'.
[ 1504.406588][T18811] loop4: detected capacity change from 0 to 512
[ 1504.434287][T18811] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1504.455482][T18811] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.2974: bad orphan inode 13
[ 1504.496232][T18811] ext4_test_bit(bit=12, block=18) = 1
[ 1504.542218][T18811] is_bad_inode(inode)=0
[ 1504.546551][T18811] NEXT_ORPHAN(inode)=2130706432
[ 1504.566108][T18811] max_ino=32
[ 1504.576790][T18811] i_nlink=1
[ 1504.595812][T18811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1504.890347][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1505.888556][T18831] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2982'.
[ 1506.137478][T18836] loop4: detected capacity change from 0 to 1024
[ 1506.161058][T18836] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1506.221571][T18836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1506.390772][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1506.636106][T18844] loop6: detected capacity change from 0 to 2048
[ 1506.692053][T18844] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1506.756615][T18851] netlink: 'syz.4.2989': attribute type 4 has an invalid length.
[ 1506.893076][T18852] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1506.931088][T18852] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 266 with error 28
[ 1506.966636][T18852] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1506.966636][T18852] 
[ 1506.997718][T18852] EXT4-fs (loop6): Total free blocks count 0
[ 1507.005052][T18859] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2992'.
[ 1507.026834][T18852] EXT4-fs (loop6): Free/Dirty block details
[ 1507.038463][T18852] EXT4-fs (loop6): free_blocks=2415919104
[ 1507.052110][T18852] EXT4-fs (loop6): dirty_blocks=272
[ 1507.065758][T18852] EXT4-fs (loop6): Block reservation details
[ 1507.085290][T18852] EXT4-fs (loop6): i_reserved_data_blocks=17
[ 1507.101527][T18861] loop4: detected capacity change from 0 to 1024
[ 1507.127946][T18861] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1507.166603][T18861] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1507.238468][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1507.404921][T18873] binfmt_misc: register: failed to install interpreter file ./file2
[ 1507.418916][T18873] Cannot find add_set index 0 as target
[ 1507.502437][   T42] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[ 1507.558560][T18875] loop1: detected capacity change from 0 to 512
[ 1507.719155][T18875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1507.735681][T18875] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1508.061476][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1508.604468][T18888] netlink: 'syz.6.3003': attribute type 4 has an invalid length.
[ 1508.632545][T18890] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3002'.
[ 1508.905203][T18892] loop6: detected capacity change from 0 to 1024
[ 1508.954224][T18892] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1509.042773][T18900] loop1: detected capacity change from 0 to 1024
[ 1509.056490][T18892] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1509.119190][T18901] binfmt_misc: register: failed to install interpreter file ./file2
[ 1509.141081][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.154515][T18898] Cannot find add_set index 0 as target
[ 1509.193769][T18900] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1509.335369][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.517471][T18913] netlink: 'syz.4.3012': attribute type 4 has an invalid length.
[ 1509.552209][T18915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3013'.
[ 1509.655896][T18921] loop3: detected capacity change from 0 to 512
[ 1509.673008][T18921] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1509.691096][T18921] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.3015: bad orphan inode 13
[ 1509.715826][T18921] ext4_test_bit(bit=12, block=18) = 1
[ 1509.725503][T18921] is_bad_inode(inode)=0
[ 1509.735645][T18921] NEXT_ORPHAN(inode)=2130706432
[ 1509.756596][T18921] max_ino=32
[ 1509.766084][T18921] i_nlink=1
[ 1509.773049][T18921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1509.779791][T18926] binfmt_misc: register: failed to install interpreter file ./file2
[ 1509.797868][T18926] Cannot find add_set index 0 as target
[ 1509.900789][T18921] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1510.073913][T18921] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.3015: bg 0: block 248: padding at end of block bitmap is not set
[ 1510.118075][T18921] Quota error (device loop3): write_blk: dquota write failed
[ 1510.125859][T18921] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1510.137965][T18921] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.3015: Failed to acquire dquot type 1
[ 1510.172831][T18921] EXT4-fs warning (device loop3): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1510.297697][T18936] (null): rxe_set_mtu: Set mtu to 1024
[ 1510.306582][T18936] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1511.033044][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1511.600834][T18948] binfmt_misc: register: failed to install interpreter file ./file2
[ 1511.624925][T18948] Cannot find add_set index 0 as target
[ 1511.801975][T18956] netlink: 'syz.3.3022': attribute type 4 has an invalid length.
[ 1511.899118][T18961] loop4: detected capacity change from 0 to 128
[ 1512.329207][T18972] loop1: detected capacity change from 0 to 512
[ 1512.364919][T18972] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1512.401041][T18972] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.3035: bad orphan inode 13
[ 1512.426294][T18972] ext4_test_bit(bit=12, block=18) = 1
[ 1512.436882][T18972] is_bad_inode(inode)=0
[ 1512.441073][T18972] NEXT_ORPHAN(inode)=2130706432
[ 1512.445945][T18972] max_ino=32
[ 1512.476816][T18972] i_nlink=1
[ 1512.481906][T18972] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1512.518574][T18975] binfmt_misc: register: failed to install interpreter file ./file2
[ 1512.574270][T18975] Cannot find add_set index 0 as target
[ 1512.612280][T18972] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[ 1512.661178][T18972] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.3035: bg 0: block 248: padding at end of block bitmap is not set
[ 1512.704339][T18972] Quota error (device loop1): write_blk: dquota write failed
[ 1512.717823][T18972] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1512.741051][T18972] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3035: Failed to acquire dquot type 1
[ 1512.800347][T18972] EXT4-fs warning (device loop1): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1512.831014][T18981] netlink: 'syz.6.3039': attribute type 4 has an invalid length.
[ 1512.944673][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1513.298845][T18993] (null): rxe_set_mtu: Set mtu to 1024
[ 1513.306038][T18993] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1514.966060][T19005] loop6: detected capacity change from 0 to 512
[ 1515.008124][T19005] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1515.137103][T19005] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1515.167754][T19011] netlink: 'syz.3.3049': attribute type 4 has an invalid length.
[ 1515.226171][   T28] audit: type=1800 audit(1753795148.737:121): pid=19005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3048" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1515.381548][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1516.009064][T19033] netlink: 'syz.1.3058': attribute type 4 has an invalid length.
[ 1516.220094][T19038] binfmt_misc: register: failed to install interpreter file ./file2
[ 1516.239486][T19038] Cannot find add_set index 0 as target
[ 1516.705997][T19058] netlink: 'syz.3.3068': attribute type 4 has an invalid length.
[ 1516.923214][T19062] binfmt_misc: register: failed to install interpreter file ./file2
[ 1516.933968][T19062] Cannot find add_set index 0 as target
[ 1517.843868][T19069] loop6: detected capacity change from 0 to 1024
[ 1517.873339][T19069] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1517.947524][T19069] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1518.166174][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1518.633366][T19083] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3077'.
[ 1518.646898][T19083] netlink: 212 bytes leftover after parsing attributes in process `syz.3.3077'.
[ 1518.786544][T19088] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3077'.
[ 1518.805633][T19086] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1518.817241][T19086] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1518.956583][T19086] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1518.974298][T19086] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1518.976915][T19093] binfmt_misc: register: failed to install interpreter file ./file2
[ 1519.017640][T19093] Cannot find add_set index 0 as target
[ 1519.137652][T19096] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3081'.
[ 1519.204024][T19086] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1519.249690][T19086] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.412525][T19105] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3083'.
[ 1519.552742][T19086] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1519.596884][T19086] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.730206][T19110] (null): rxe_set_mtu: Set mtu to 1024
[ 1519.737499][T19110] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1520.404310][T19086] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1520.446301][T19086] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1520.524146][T19086] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1520.560773][T19086] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1520.639526][T19086] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1520.678182][T19086] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1520.753193][T19086] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1520.792373][T19086] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1521.074045][T19121] binfmt_misc: register: failed to install interpreter file ./file2
[ 1521.091847][T19121] Cannot find add_set index 0 as target
[ 1521.257496][T19125] loop6: detected capacity change from 0 to 512
[ 1521.500270][T19125] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1521.515379][T19125] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1521.536533][   T28] audit: type=1800 audit(1753795155.047:122): pid=19125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3092" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1521.637722][T19139] loop3: detected capacity change from 0 to 128
[ 1522.472933][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1523.751344][T19150] loop4: detected capacity change from 0 to 512
[ 1523.972188][T19147] binfmt_misc: register: failed to install interpreter file ./file2
[ 1523.994847][T19147] Cannot find add_set index 0 as target
[ 1524.845574][T19150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1524.858552][T19150] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1525.152554][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1525.222692][   T28] audit: type=1326 audit(1753795158.737:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.252964][T19171] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3105' sets config #1
[ 1525.282996][   T28] audit: type=1326 audit(1753795158.767:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.317360][   T28] audit: type=1326 audit(1753795158.767:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.367457][   T28] audit: type=1326 audit(1753795158.767:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.468296][T19177] netlink: 'syz.4.3106': attribute type 4 has an invalid length.
[ 1525.504555][   T28] audit: type=1326 audit(1753795158.767:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.586158][   T28] audit: type=1326 audit(1753795158.767:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.609704][   T28] audit: type=1326 audit(1753795158.767:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.635987][   T28] audit: type=1326 audit(1753795158.767:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.662018][   T28] audit: type=1326 audit(1753795158.767:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19169 comm="syz.1.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1b018e9a9 code=0x7ffc0000
[ 1525.715800][T19183] binfmt_misc: register: failed to install interpreter file ./file2
[ 1525.725837][T19183] Cannot find add_set index 0 as target
[ 1525.936749][T19193] loop4: detected capacity change from 0 to 128
[ 1526.432413][T19194] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3109'.
[ 1527.987261][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1527.993592][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1528.275592][T19207] loop1: detected capacity change from 0 to 512
[ 1529.180835][T19207] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1529.193778][T19207] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1529.529949][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1529.721716][T19221] netlink: 'syz.1.3119': attribute type 4 has an invalid length.
[ 1529.803698][T19223] binfmt_misc: register: failed to install interpreter file ./file2
[ 1529.831123][T19223] Cannot find add_set index 0 as target
[ 1530.015935][T19231] loop4: detected capacity change from 0 to 1024
[ 1530.062179][T19231] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1530.178706][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1530.199433][T19237] loop3: detected capacity change from 0 to 1024
[ 1530.208901][T19238] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3123'.
[ 1530.209549][T19237] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1530.265760][T19237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1530.474102][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1531.215285][T19258] binfmt_misc: register: failed to install interpreter file ./file2
[ 1531.254423][T19258] Cannot find add_set index 0 as target
[ 1531.600640][T19266] loop1: detected capacity change from 0 to 1024
[ 1531.630380][T19266] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1531.692512][T19266] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1531.783703][T19275] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3135'.
[ 1531.870754][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1532.288935][T19292] binfmt_misc: register: failed to install interpreter file ./file2
[ 1532.300309][T19292] Cannot find add_set index 0 as target
[ 1532.620375][T19300] netlink: 'syz.1.3147': attribute type 4 has an invalid length.
[ 1533.170655][T19315] loop4: detected capacity change from 0 to 128
[ 1533.180862][T19310] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3148'.
[ 1533.405122][T19318] (null): rxe_set_mtu: Set mtu to 1024
[ 1533.412833][T19318] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1535.500423][T19322] binfmt_misc: register: failed to install interpreter file ./file2
[ 1535.527889][T19322] Cannot find add_set index 0 as target
[ 1536.139016][T19329] loop6: detected capacity change from 0 to 512
[ 1536.148101][T19329] EXT4-fs warning (device loop6): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1536.945443][T19329] loop6: detected capacity change from 0 to 544
[ 1536.957049][T19329] EXT4-fs (loop6): failed to parse options in superblock: 																																																																
[ 1536.982084][T19333] netlink: 'syz.3.3159': attribute type 4 has an invalid length.
[ 1536.998618][T19329] EXT4-fs (loop6): Number of reserved GDT blocks insanely large: 2313
[ 1537.076069][T19342] binfmt_misc: register: failed to install interpreter file ./file2
[ 1537.095692][T19342] Cannot find add_set index 0 as target
[ 1537.218161][T19352] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3161'.
[ 1537.374799][T19354] loop3: detected capacity change from 0 to 128
[ 1537.609116][T19357] (null): rxe_set_mtu: Set mtu to 1024
[ 1537.616769][T19357] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1540.705650][T19373] binfmt_misc: register: failed to install interpreter file ./file2
[ 1540.730131][T19373] Cannot find add_set index 0 as target
[ 1544.310113][T19393] (null): rxe_set_mtu: Set mtu to 1024
[ 1544.322828][T19393] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1545.016936][T19398] netlink: 176 bytes leftover after parsing attributes in process `syz.4.3179'.
[ 1545.168766][T19401] loop6: detected capacity change from 0 to 1024
[ 1545.206438][T19401] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1545.227643][T19403] binfmt_misc: register: failed to install interpreter file ./file2
[ 1545.242571][T19403] Cannot find add_set index 0 as target
[ 1545.346960][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1545.649532][T19418] loop1: detected capacity change from 0 to 512
[ 1545.677387][T19418] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1545.875065][T19418] loop1: detected capacity change from 0 to 544
[ 1545.885442][T19426] netlink: 176 bytes leftover after parsing attributes in process `syz.6.3190'.
[ 1545.896431][T19418] EXT4-fs (loop1): failed to parse options in superblock: 																																																																
[ 1545.913684][T19418] EXT4-fs (loop1): Number of reserved GDT blocks insanely large: 2313
[ 1545.934688][T19428] binfmt_misc: register: failed to install interpreter file ./file2
[ 1545.947699][T19428] Cannot find add_set index 0 as target
[ 1547.079784][T19446] loop4: detected capacity change from 0 to 512
[ 1547.207274][T19446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1547.220144][T19446] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1547.834289][T19462] netlink: 176 bytes leftover after parsing attributes in process `syz.1.3200'.
[ 1547.900077][T19463] loop6: detected capacity change from 0 to 128
[ 1548.265776][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1548.482707][T19475] binfmt_misc: register: failed to install interpreter file ./file2
[ 1548.520138][T19475] Cannot find add_set index 0 as target
[ 1548.649447][T19479] loop3: detected capacity change from 0 to 128
[ 1548.677542][T19479] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1548.727879][T19479] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1550.399073][T19495] loop4: detected capacity change from 0 to 512
[ 1550.577595][T19495] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1550.590555][T19495] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1550.998454][T19504] loop1: detected capacity change from 0 to 512
[ 1551.025244][T16919] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1551.034778][T19504] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1551.661896][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1551.750277][T19504] loop1: detected capacity change from 0 to 512
[ 1551.964033][T19504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1552.017416][T19512] binfmt_misc: register: failed to install interpreter file ./file2
[ 1552.055624][T19504] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1552.085975][T19512] Cannot find add_set index 0 as target
[ 1552.188338][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1552.400875][T19523] loop6: detected capacity change from 0 to 1024
[ 1552.411693][T19523] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1552.468499][T19523] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1552.498668][T19523] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1552.679108][T19532] syz!: rxe_newlink: already configured on team_slave_0
[ 1552.696765][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1553.374334][T19536] netlink: 'syz.6.3224': attribute type 4 has an invalid length.
[ 1553.495625][T19540] binfmt_misc: register: failed to install interpreter file ./file2
[ 1553.564379][T19540] Cannot find add_set index 0 as target
[ 1553.643652][T19543] loop6: detected capacity change from 0 to 512
[ 1553.684578][T19543] EXT4-fs warning (device loop6): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1553.832319][T19548] loop4: detected capacity change from 0 to 128
[ 1553.848920][T19543] loop6: detected capacity change from 0 to 512
[ 1553.961475][T19543] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1553.990769][T19543] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1554.203206][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1554.776286][T19565] netlink: 'syz.1.3236': attribute type 4 has an invalid length.
[ 1554.974177][T19571] binfmt_misc: register: failed to install interpreter file ./file2
[ 1554.992598][T19571] Cannot find add_set index 0 as target
[ 1555.245621][ T5789] Bluetooth: hci4: command 0x0406 tx timeout
[ 1555.532885][T19586] (null): rxe_set_mtu: Set mtu to 1024
[ 1555.539894][T19586] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1556.309230][T19591] netlink: 'syz.1.3245': attribute type 4 has an invalid length.
[ 1556.342311][T19592] loop6: detected capacity change from 0 to 512
[ 1556.388108][T19592] EXT4-fs: Ignoring removed nobh option
[ 1556.422643][T19592] EXT4-fs error (device loop6): ext4_orphan_get:1399: inode #15: comm syz.6.3246: iget: bad i_size value: 38620345925642
[ 1556.477894][T19592] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.3246: couldn't read orphan inode 15 (err -117)
[ 1556.539735][T19592] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1557.372269][   T11] EXT4-fs error (device loop6): ext4_validate_block_bitmap:430: comm kworker/u4:0: bg 0: block 5: invalid block bitmap
[ 1557.411953][   T11] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1557.445343][T19598] binfmt_misc: register: failed to install interpreter file ./file2
[ 1557.446918][   T11] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1557.446918][   T11] 
[ 1557.466038][T19598] Cannot find add_set index 0 as target
[ 1557.486874][   T11] EXT4-fs (loop6): Total free blocks count 0
[ 1557.493025][   T11] EXT4-fs (loop6): Free/Dirty block details
[ 1557.503154][   T11] EXT4-fs (loop6): free_blocks=0
[ 1557.516731][   T11] EXT4-fs (loop6): dirty_blocks=2664
[ 1557.523113][   T11] EXT4-fs (loop6): Block reservation details
[ 1557.538273][   T11] EXT4-fs (loop6): i_reserved_data_blocks=2664
[ 1557.639476][   T11] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 612 with error 28
[ 1557.868692][T19606] loop6: detected capacity change from 0 to 2048
[ 1557.911039][T19606] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1558.173077][T19612] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1558.360023][T19612] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 606 with error 28
[ 1558.495105][T19612] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1558.495105][T19612] 
[ 1558.607104][T19612] EXT4-fs (loop6): Total free blocks count 0
[ 1558.673512][T19612] EXT4-fs (loop6): Free/Dirty block details
[ 1558.783849][T19612] EXT4-fs (loop6): free_blocks=2415919104
[ 1558.822331][T19612] EXT4-fs (loop6): dirty_blocks=608
[ 1558.846127][T19612] EXT4-fs (loop6): Block reservation details
[ 1558.883801][T19612] EXT4-fs (loop6): i_reserved_data_blocks=38
[ 1559.293721][ T5904] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[ 1560.239552][T19628] loop3: detected capacity change from 0 to 512
[ 1561.675488][T19628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1561.688483][T19628] ext4 filesystem being mounted at /267/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1561.917773][T19634] netlink: 'syz.4.3257': attribute type 4 has an invalid length.
[ 1562.071690][T19643] binfmt_misc: register: failed to install interpreter file ./file2
[ 1562.096620][T19642] loop6: detected capacity change from 0 to 128
[ 1562.110453][T19643] Cannot find add_set index 0 as target
[ 1562.112575][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1562.155186][T19642] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1562.193704][T19642] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1562.333059][T19651] loop4: detected capacity change from 0 to 164
[ 1562.412441][T19651] process 'syz.4.3262' launched '/dev/fd/3' with NULL argv: empty string added
[ 1562.452038][T19651] syz.4.3262: attempt to access beyond end of device
[ 1562.452038][T19651] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[ 1562.469149][T19651] syz.4.3262: attempt to access beyond end of device
[ 1562.469149][T19651] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[ 1562.535830][T19657] loop1: detected capacity change from 0 to 128
[ 1562.616066][T19659] loop3: detected capacity change from 0 to 2048
[ 1562.672190][T19659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1562.776918][   T28] kauditd_printk_skb: 6 callbacks suppressed
[ 1562.776935][   T28] audit: type=1804 audit(1753795196.217:138): pid=19657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3264" name="/newroot/186/file0/bus" dev="loop1" ino=1048614 res=1 errno=0
[ 1562.848614][   T28] audit: type=1800 audit(1753795196.217:139): pid=19657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3264" name="bus" dev="loop1" ino=1048614 res=0 errno=0
[ 1563.595272][T19665] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1563.754165][T19665] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 294 with error 28
[ 1563.851233][T19665] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1563.851233][T19665] 
[ 1563.893147][T19665] EXT4-fs (loop3): Total free blocks count 0
[ 1564.007777][T19665] EXT4-fs (loop3): Free/Dirty block details
[ 1564.179130][T19665] EXT4-fs (loop3): free_blocks=2415919104
[ 1564.185123][T19665] EXT4-fs (loop3): dirty_blocks=304
[ 1564.190594][T19665] EXT4-fs (loop3): Block reservation details
[ 1564.201828][T19665] EXT4-fs (loop3): i_reserved_data_blocks=19
[ 1564.900925][T19679] loop1: detected capacity change from 0 to 512
[ 1566.605051][T18611] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1566.640291][T19679] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1566.652971][T19679] ext4 filesystem being mounted at /188/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1566.770296][  T163] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[ 1566.985712][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1567.157721][T19696] loop3: detected capacity change from 0 to 1024
[ 1567.181766][T19696] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1567.274582][T19696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1567.423191][T19709] loop1: detected capacity change from 0 to 512
[ 1567.457950][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1567.467793][T19709] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1567.521204][T19712] tipc: Started in network mode
[ 1567.526117][T19712] tipc: Node identity ac14140f, cluster identity 4711
[ 1567.548826][T19712] tipc: New replicast peer: 255.255.255.255
[ 1567.561090][T19709] loop1: detected capacity change from 0 to 512
[ 1567.571166][T19712] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1567.590420][T19709] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1567.613971][T19715] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3278'.
[ 1567.626996][T19715] tipc: Disabling bearer <udp:syz2>
[ 1568.149915][T19735] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3288'.
[ 1568.160074][T19735] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3288'.
[ 1568.252627][T19735] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3288'.
[ 1568.268081][T19735] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3288'.
[ 1568.406203][T19743] loop3: detected capacity change from 0 to 512
[ 1568.434136][T19743] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1568.531679][T19743] loop3: detected capacity change from 0 to 512
[ 1568.555064][T19743] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1569.034941][T19769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3303'.
[ 1569.165148][T19769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3303'.
[ 1569.358795][T19785] loop6: detected capacity change from 0 to 512
[ 1569.384551][T19785] EXT4-fs warning (device loop6): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1569.468628][T19785] loop6: detected capacity change from 0 to 512
[ 1569.483049][T19785] EXT4-fs warning (device loop6): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1569.717530][T19800] netlink: 'syz.6.3316': attribute type 4 has an invalid length.
[ 1569.861504][T19791] (null): rxe_set_mtu: Set mtu to 1024
[ 1569.867648][T19791] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1570.011510][T19806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3319'.
[ 1570.251752][T19806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3319'.
[ 1570.944523][T19823] loop3: detected capacity change from 0 to 512
[ 1570.992748][T19823] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1571.044960][T19825] netlink: 'syz.6.3327': attribute type 4 has an invalid length.
[ 1571.242973][T19823] loop3: detected capacity change from 0 to 512
[ 1571.279812][T19823] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1571.610781][T19838] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3332'.
[ 1571.975710][T19855] binfmt_misc: register: failed to install interpreter file ./file2
[ 1572.025083][T19854] Cannot find add_set index 0 as target
[ 1572.255739][T19860] loop1: detected capacity change from 0 to 512
[ 1572.387577][T19860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1572.400828][T19860] ext4 filesystem being mounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1574.250416][T19870] (null): rxe_set_mtu: Set mtu to 1024
[ 1574.258287][T19870] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1574.448250][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1574.489596][T19872] loop6: detected capacity change from 0 to 1024
[ 1574.511623][T19872] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1574.589671][T19872] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1574.775436][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1575.161421][T19885] __nla_validate_parse: 2 callbacks suppressed
[ 1575.161441][T19885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3346'.
[ 1575.204609][T19885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3346'.
[ 1575.376200][T19885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3346'.
[ 1575.405689][T19885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3346'.
[ 1575.540156][T19894] binfmt_misc: register: failed to install interpreter file ./file2
[ 1575.565842][T19894] Cannot find add_set index 0 as target
[ 1575.995798][T19905] loop4: detected capacity change from 0 to 512
[ 1576.043838][T19905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1576.056809][T19905] ext4 filesystem being mounted at /129/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1576.553839][T10027] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[ 1576.679077][T10027] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1577.472184][T19929] binfmt_misc: register: failed to install interpreter file ./file2
[ 1577.490053][T19929] Cannot find add_set index 0 as target
[ 1577.569370][T19930] loop6: detected capacity change from 0 to 128
[ 1577.668446][T19932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3361'.
[ 1577.694583][T19932] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3361'.
[ 1577.722371][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1577.907549][T19932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3361'.
[ 1577.924413][T19932] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3361'.
[ 1578.327533][T19952] binfmt_misc: register: failed to install interpreter file ./file2
[ 1578.332047][T19953] loop3: detected capacity change from 0 to 1024
[ 1578.348391][T19952] Cannot find add_set index 0 as target
[ 1578.352779][T19953] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1578.392733][T19953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1578.464250][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1578.491899][T19958] loop1: detected capacity change from 0 to 512
[ 1578.557434][T19958] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1578.633999][T19958] loop1: detected capacity change from 0 to 512
[ 1578.661986][T19958] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1578.736932][T19966] netlink: 'syz.4.3375': attribute type 4 has an invalid length.
[ 1578.750238][T19965] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3374'.
[ 1578.769496][T19965] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3374'.
[ 1579.079055][T19976] binfmt_misc: register: failed to install interpreter file ./file2
[ 1579.099542][T19976] Cannot find add_set index 0 as target
[ 1579.462282][T19988] (null): rxe_set_mtu: Set mtu to 1024
[ 1579.469279][T19988] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1580.768508][T19993] netlink: 'syz.1.3385': attribute type 4 has an invalid length.
[ 1581.252991][T20000] loop4: detected capacity change from 0 to 512
[ 1581.270103][T20002] __nla_validate_parse: 2 callbacks suppressed
[ 1581.270119][T20002] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3389'.
[ 1581.319074][T20000] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1581.333806][T20002] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3389'.
[ 1581.472896][T20002] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3389'.
[ 1581.493944][T20002] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3389'.
[ 1581.512179][T20000] loop4: detected capacity change from 0 to 512
[ 1581.549675][T20006] binfmt_misc: register: failed to install interpreter file ./file2
[ 1581.559987][T20000] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 24
[ 1581.561136][T20006] Cannot find add_set index 0 as target
[ 1581.922614][T20016] syz.3.3392[20016] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1581.922865][T20016] syz.3.3392[20016] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1582.222676][T20014] loop1: detected capacity change from 0 to 512
[ 1582.269731][T20014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1582.282699][T20014] ext4 filesystem being mounted at /221/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1585.221465][T20032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3397'.
[ 1585.242264][T20036] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3399'.
[ 1585.253502][T20036] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3399'.
[ 1585.267212][T20036] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3399'.
[ 1585.276107][T20036] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3399'.
[ 1585.382529][T20040] binfmt_misc: register: failed to install interpreter file ./file2
[ 1585.400848][T20040] Cannot find add_set index 0 as target
[ 1585.718026][T20049] (null): rxe_set_mtu: Set mtu to 1024
[ 1585.724984][T20049] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1588.346371][T20066] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3405'.
[ 1588.967747][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1590.006169][T20069] netlink: 'syz.4.3409': attribute type 10 has an invalid length.
[ 1590.014202][T20069] netlink: 'syz.4.3409': attribute type 19 has an invalid length.
[ 1590.022064][T20069] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3409'.
[ 1590.250161][T20074] binfmt_misc: register: failed to install interpreter file ./file2
[ 1590.266093][T20074] Cannot find add_set index 0 as target
[ 1590.274319][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1590.541536][T20082] loop1: detected capacity change from 0 to 128
[ 1590.789786][T20091] (null): rxe_set_mtu: Set mtu to 1024
[ 1590.796681][T20091] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1590.993475][ T5789] Bluetooth: hci1: command 0x0406 tx timeout
[ 1591.287164][T20097] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3417'.
[ 1592.469097][T20108] loop6: detected capacity change from 0 to 512
[ 1594.417754][T20108] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1594.432087][T20108] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1594.515049][T20123] pimreg: entered allmulticast mode
[ 1594.705422][T20123] pimreg: left allmulticast mode
[ 1594.750817][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1594.780532][   T28] audit: type=1326 audit(1753795228.287:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20122 comm="syz.4.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1594.844188][   T28] audit: type=1326 audit(1753795228.287:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20122 comm="syz.4.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1594.906922][   T28] audit: type=1326 audit(1753795228.287:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20122 comm="syz.4.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1594.996777][   T28] audit: type=1326 audit(1753795228.287:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20122 comm="syz.4.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1595.066841][   T28] audit: type=1326 audit(1753795228.287:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20122 comm="syz.4.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1595.102876][T20138] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3430'.
[ 1595.687173][T20156] (null): rxe_set_mtu: Set mtu to 1024
[ 1595.693982][T20156] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1596.072990][T20160] loop4: detected capacity change from 0 to 512
[ 1596.206700][T20160] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1596.219364][T20160] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1597.468084][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1597.523598][   T28] audit: type=1326 audit(1753795231.037:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20176 comm="syz.3.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1597.550133][   T28] audit: type=1326 audit(1753795231.037:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20176 comm="syz.3.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1597.627357][   T28] audit: type=1326 audit(1753795231.037:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20176 comm="syz.3.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1597.686682][   T28] audit: type=1326 audit(1753795231.037:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20176 comm="syz.3.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1597.714156][   T28] audit: type=1326 audit(1753795231.037:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20176 comm="syz.3.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1597.779391][T20182] tipc: New replicast peer: 255.255.255.255
[ 1597.841251][T20182] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1597.904710][T20192] loop1: detected capacity change from 0 to 128
[ 1597.927085][T20191] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3438'.
[ 1597.957859][T20191] tipc: Disabling bearer <udp:syz2>
[ 1598.548393][T20208] loop3: detected capacity change from 0 to 512
[ 1598.621862][T20208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1598.636849][T20208] ext4 filesystem being mounted at /309/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1599.200203][T20220] (null): rxe_set_mtu: Set mtu to 1024
[ 1599.207100][T20220] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1600.412415][T20222] loop6: detected capacity change from 0 to 512
[ 1600.467086][T20222] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1600.492599][T20222] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1600.536926][T20222] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1600.554215][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1601.463761][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1601.612645][T20226] smc: net device bond0 applied user defined pnetid SYZ0
[ 1601.661342][T20226] smc: net device bond0 erased user defined pnetid SYZ0
[ 1601.671551][T20230] loop6: detected capacity change from 0 to 1024
[ 1601.706832][T20230] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1601.768861][T20230] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1601.982981][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1602.840906][T20248] loop6: detected capacity change from 0 to 2048
[ 1602.909311][T20248] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1603.095774][T20253] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1603.122567][T20253] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 234 with error 28
[ 1603.136563][T20253] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1603.136563][T20253] 
[ 1603.154793][T20253] EXT4-fs (loop6): Total free blocks count 0
[ 1603.162773][T20253] EXT4-fs (loop6): Free/Dirty block details
[ 1603.174577][T20253] EXT4-fs (loop6): free_blocks=2415919104
[ 1603.180805][T20253] EXT4-fs (loop6): dirty_blocks=240
[ 1603.187078][   T28] kauditd_printk_skb: 48 callbacks suppressed
[ 1603.187089][   T28] audit: type=1326 audit(1753795236.707:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20255 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1603.192875][T20253] EXT4-fs (loop6): Block reservation details
[ 1603.197780][   T28] audit: type=1326 audit(1753795236.707:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20255 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1603.216542][T20253] EXT4-fs (loop6): i_reserved_data_blocks=15
[ 1603.256075][   T28] audit: type=1326 audit(1753795236.737:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20255 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1603.293211][   T28] audit: type=1326 audit(1753795236.737:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20255 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1603.321294][   T28] audit: type=1326 audit(1753795236.737:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20255 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6089b8e9a9 code=0x7ffc0000
[ 1603.722561][T20052] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[ 1603.735148][T20270] loop3: detected capacity change from 0 to 128
[ 1604.106670][T20284] pimreg: entered allmulticast mode
[ 1604.191106][T20289] pimreg: left allmulticast mode
[ 1604.294458][T20295] loop6: detected capacity change from 0 to 1024
[ 1604.318723][T20295] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 1604.342272][T20295] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[ 1604.370082][T20295] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1604.420037][T20295] EXT4-fs error (device loop6): ext4_get_journal_inode:5805: inode #5: comm syz.6.3483: unexpected bad inode w/o EXT4_IGET_BAD
[ 1604.447109][T20295] EXT4-fs (loop6): no journal found
[ 1604.452363][T20295] EXT4-fs (loop6): can't get journal size
[ 1604.464352][T20295] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1605.244986][T20295] syz.6.3483: vmalloc error: size 85630976, failed to allocated page array size 167248, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=syz6,mems_allowed=0-1
[ 1605.265467][T20306] loop1: detected capacity change from 0 to 128
[ 1605.318343][T20295] CPU: 1 PID: 20295 Comm: syz.6.3483 Not tainted 6.6.100-syzkaller #0
[ 1605.326560][T20295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1605.336621][T20295] Call Trace:
[ 1605.339905][T20295]  <TASK>
[ 1605.342842][T20295]  dump_stack_lvl+0x16c/0x230
[ 1605.347538][T20295]  ? show_regs_print_info+0x20/0x20
[ 1605.352761][T20295]  ? load_image+0x3b0/0x3b0
[ 1605.357302][T20295]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1605.363751][T20295]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[ 1605.370266][T20295]  warn_alloc+0x210/0x300
[ 1605.374622][T20295]  ? zone_watermark_ok_safe+0x230/0x230
[ 1605.380197][T20295]  ? _raw_spin_unlock+0x28/0x40
[ 1605.385076][T20295]  __vmalloc_node_range+0x662/0x1320
[ 1605.390402][T20295]  ? schedule+0xc7/0x170
[ 1605.394672][T20295]  ? futex_wait_queue+0x27/0x1b0
[ 1605.399631][T20295]  ? free_vm_area+0x50/0x50
[ 1605.404147][T20295]  ? ima_read_file+0x79/0x170
[ 1605.408839][T20295]  ? ima_post_path_mknod+0x160/0x160
[ 1605.414158][T20295]  ? kernel_read_file+0x3ea/0x680
[ 1605.419214][T20295]  vmalloc+0x79/0x90
[ 1605.423134][T20295]  ? kernel_read_file+0x3ea/0x680
[ 1605.428178][T20295]  kernel_read_file+0x3ea/0x680
[ 1605.433061][T20295]  ? vfs_cmd_create+0x230/0x230
[ 1605.437946][T20295]  __se_sys_finit_module+0x3b7/0x650
[ 1605.443255][T20295]  ? __x64_sys_finit_module+0x80/0x80
[ 1605.448681][T20295]  ? lockdep_hardirqs_on+0x98/0x150
[ 1605.453894][T20295]  do_syscall_64+0x55/0xb0
[ 1605.458323][T20295]  ? clear_bhb_loop+0x40/0x90
[ 1605.463008][T20295]  ? clear_bhb_loop+0x40/0x90
[ 1605.467695][T20295]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1605.473595][T20295] RIP: 0033:0x7f571c98e9a9
[ 1605.478018][T20295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1605.497639][T20295] RSP: 002b:00007f571d7be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 1605.506067][T20295] RAX: ffffffffffffffda RBX: 00007f571cbb5fa0 RCX: 00007f571c98e9a9
[ 1605.514053][T20295] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000005
[ 1605.522053][T20295] RBP: 00007f571ca10d69 R08: 0000000000000000 R09: 0000000000000000
[ 1605.530036][T20295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1605.538019][T20295] R13: 0000000000000000 R14: 00007f571cbb5fa0 R15: 00007fff9031c9d8
[ 1605.546029][T20295]  </TASK>
[ 1605.651525][T20295] Mem-Info:
[ 1605.654685][T20295] active_anon:8168 inactive_anon:0 isolated_anon:0
[ 1605.654685][T20295]  active_file:1289 inactive_file:40468 isolated_file:0
[ 1605.654685][T20295]  unevictable:768 dirty:191 writeback:0
[ 1605.654685][T20295]  slab_reclaimable:11148 slab_unreclaimable:99773
[ 1605.654685][T20295]  mapped:26982 shmem:4379 pagetables:964
[ 1605.654685][T20295]  sec_pagetables:0 bounce:0
[ 1605.654685][T20295]  kernel_misc_reclaimable:0
[ 1605.654685][T20295]  free:1349125 free_pcp:8116 free_cma:0
[ 1605.841175][T20295] Node 0 active_anon:32472kB inactive_anon:0kB active_file:5156kB inactive_file:161672kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:107928kB dirty:764kB writeback:0kB shmem:15980kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11716kB pagetables:3756kB sec_pagetables:0kB all_unreclaimable? no
[ 1605.901913][T20311] syz.4.3489[20311] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1605.902207][T20311] syz.4.3489[20311] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1605.976235][T20295] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1606.125479][T20295] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1606.210947][T20315] loop4: detected capacity change from 0 to 1024
[ 1606.227421][T20295] lowmem_reserve[]: 0 2525 2526 2526 2526
[ 1606.232117][T20315] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1606.233200][T20295] Node 0 DMA32 free:1490456kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:33188kB inactive_anon:0kB active_file:5156kB inactive_file:160364kB unevictable:1536kB writepending:764kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:11096kB local_pcp:7168kB free_cma:0kB
[ 1606.293822][T20315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1606.307465][T20295] lowmem_reserve[]: 0 0 1 1 1
[ 1606.312618][T20295] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[ 1606.347437][T20295] lowmem_reserve[]: 0 0 0 0 0
[ 1606.352275][T20295] Node 1 Normal free:3890364kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21704kB local_pcp:11332kB free_cma:0kB
[ 1606.382525][T20315] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1606.434223][T20295] lowmem_reserve[]: 0 0 0 0 0
[ 1606.450240][T20315] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1606.467619][T20295] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1606.500759][T20295] Node 0 DMA32: 80*4kB (UME) 15*8kB (ME) 482*16kB (UME) 302*32kB (UME) 280*64kB (UME) 243*128kB (UME) 141*256kB (UME) 84*512kB (UME) 41*1024kB (UM) 22*2048kB (UME) 307*4096kB (M) = 1490456kB
[ 1606.537137][T20315] EXT4-fs (loop4): Remounting filesystem read-only
[ 1606.554815][T13551] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4868: inode #15: block 1: len 3: ext4_ext_map_blocks returned -5
[ 1606.581839][T20295] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 1606.618082][T20295] Node 1 Normal: 253*4kB (UME) 41*8kB (UME) 36*16kB (UME) 50*32kB (UME) 20*64kB (UME) 8*128kB (UME) 2*256kB (UM) 0*512kB 1*1024kB (E) 2*2048kB (UE) 947*4096kB (M) = 3890364kB
[ 1606.640798][T20295] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1606.650969][T20295] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1606.660766][T20295] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1606.671493][T20295] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1606.674206][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1606.700469][T20295] 43380 total pagecache pages
[ 1606.712320][T20295] 0 pages in swap cache
[ 1606.731219][T20295] Free swap  = 124472kB
[ 1606.735455][T20295] Total swap = 124996kB
[ 1606.751490][T20295] 2097051 pages RAM
[ 1606.755342][T20295] 0 pages HighMem/MovableOnly
[ 1606.769766][T20295] 416137 pages reserved
[ 1606.773996][T20295] 0 pages cma reserved
[ 1606.909147][T20295] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1607.130851][T20343] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.3501'.
[ 1607.147828][T20342] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.3501'.
[ 1607.295693][T20348] pimreg: entered allmulticast mode
[ 1607.317322][T20348] pimreg: left allmulticast mode
[ 1607.632432][T20357] loop6: detected capacity change from 0 to 1024
[ 1607.643228][T20357] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1607.662928][T20357] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1607.680855][T20357] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1607.741104][T20357] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1607.779165][T20357] EXT4-fs (loop6): Remounting filesystem read-only
[ 1607.791195][T13551] EXT4-fs warning (device loop6): ext4_convert_unwritten_extents:4868: inode #15: block 1: len 3: ext4_ext_map_blocks returned -5
[ 1607.853420][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1607.943158][T20368] loop1: detected capacity change from 0 to 4096
[ 1607.975594][T20368] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1608.081544][T20368] EXT4-fs (loop1): Online defrag not supported with bigalloc
[ 1608.151310][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1608.319573][T20384] loop4: detected capacity change from 0 to 2048
[ 1608.385862][T20384] Alternate GPT is invalid, using primary GPT.
[ 1608.396016][T20384]  loop4: p2 p3 p7
[ 1609.082133][T20411] loop3: detected capacity change from 0 to 512
[ 1609.141966][T20411] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1609.154706][T20411] ext4 filesystem being mounted at /325/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1609.313214][T20421] loop6: detected capacity change from 0 to 512
[ 1609.336707][T20421] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1609.350480][T20421] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities
[ 1609.404057][T20421] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1609.656233][T20436] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3535'.
[ 1609.699426][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1609.999706][T20445] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3539'.
[ 1610.444664][T20461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3546'.
[ 1610.519814][T20461] random: crng reseeded on system resumption
[ 1610.529332][T20463] tipc: Started in network mode
[ 1610.550940][T20463] tipc: Node identity 9e1b68f6f6fa, cluster identity 4711
[ 1610.564859][T20463] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1610.590596][T20465] syzkaller0: entered promiscuous mode
[ 1610.611764][T20465] syzkaller0: entered allmulticast mode
[ 1610.744140][   T28] audit: type=1326 audit(1753795244.257:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1610.786760][   T28] audit: type=1326 audit(1753795244.257:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1610.840066][   T28] audit: type=1326 audit(1753795244.257:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1610.849269][T20469] loop4: detected capacity change from 0 to 1024
[ 1610.875980][T20469] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1610.876823][   T28] audit: type=1326 audit(1753795244.257:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1610.910080][   T28] audit: type=1326 audit(1753795244.267:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1610.933496][   T28] audit: type=1326 audit(1753795244.267:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1610.937357][T20469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1610.974024][   T28] audit: type=1326 audit(1753795244.267:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1610.999708][   T28] audit: type=1326 audit(1753795244.267:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1611.023666][   T28] audit: type=1326 audit(1753795244.267:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1611.027654][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1611.047428][   T28] audit: type=1326 audit(1753795244.267:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20466 comm="syz.4.3548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9d8e9a9 code=0x7ffc0000
[ 1611.078424][T20458] tipc: Resetting bearer <eth:syzkaller0>
[ 1611.125690][T20458] tipc: Disabling bearer <eth:syzkaller0>
[ 1611.243285][T20476] netlink: 'syz.1.3551': attribute type 12 has an invalid length.
[ 1611.273803][T20476] netlink: 'syz.1.3551': attribute type 29 has an invalid length.
[ 1611.285769][T20476] netlink: 148 bytes leftover after parsing attributes in process `syz.1.3551'.
[ 1612.251862][T20511] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3566'.
[ 1612.585042][T20518] loop6: detected capacity change from 0 to 1024
[ 1612.594459][T20518] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1612.634325][T20518] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1612.695887][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1612.931214][T20534] loop3: detected capacity change from 0 to 2048
[ 1613.059348][T20534]  loop3: p1 < > p4
[ 1613.073531][T20534] loop3: p4 size 8388608 extends beyond EOD, truncated
[ 1613.417128][T20552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3584'.
[ 1613.648187][T20563] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3590'.
[ 1613.657332][T20563] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3590'.
[ 1613.666729][T20563] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3590'.
[ 1613.675774][T20563] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3590'.
[ 1613.995061][T20574] loop4: detected capacity change from 0 to 512
[ 1614.191734][T20582] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3599'.
[ 1614.215239][T20582] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3599'.
[ 1614.227222][T20582] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3599'.
[ 1614.236251][T20582] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3599'.
[ 1614.452329][T20589] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1614.474039][T20589] syzkaller0: entered promiscuous mode
[ 1614.486705][T20589] syzkaller0: entered allmulticast mode
[ 1614.796592][T20590] loop3: detected capacity change from 0 to 512
[ 1614.827089][T20588] tipc: Resetting bearer <eth:syzkaller0>
[ 1615.065151][T20590] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1615.080111][T20590] ext4 filesystem being mounted at /336/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1615.178508][T20588] tipc: Disabling bearer <eth:syzkaller0>
[ 1615.412830][T20607] loop1: detected capacity change from 0 to 1024
[ 1615.432866][T20607] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1615.487466][T20607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1615.539649][T20611] pimreg: entered allmulticast mode
[ 1615.587518][T20611] pimreg: left allmulticast mode
[ 1615.646302][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1616.152583][T20617] pimreg: entered allmulticast mode
[ 1616.202904][T20617] pimreg: left allmulticast mode
[ 1616.529199][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1616.589604][   T50] Bluetooth: hci0: command 0x0406 tx timeout
[ 1616.680549][T20629] netlink: 'syz.1.3613': attribute type 23 has an invalid length.
[ 1616.884017][T20637] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1617.059091][T20621] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1617.087063][T20621] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1617.093171][T20621] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1617.120784][T20621] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1617.138034][T20621] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1617.155487][T20621] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1617.169989][T20621] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1617.516963][T20652] netlink: 'syz.1.3620': attribute type 30 has an invalid length.
[ 1617.521538][T20648] loop3: detected capacity change from 0 to 2048
[ 1617.524831][T20652] __nla_validate_parse: 4 callbacks suppressed
[ 1617.524844][T20652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3620'.
[ 1617.785937][T20648]  loop3: p1 < > p4
[ 1617.968056][T20648] loop3: p4 size 8388608 extends beyond EOD, truncated
[ 1618.421760][ T5789] Bluetooth: hci2: command 0x041b tx timeout
[ 1618.478826][T20661] loop3: detected capacity change from 0 to 512
[ 1618.540460][T20661] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c118, mo2=0002]
[ 1618.559157][T20661] System zones: 1-12
[ 1618.573131][T20661] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.3623: corrupted in-inode xattr: e_value size too large
[ 1618.596434][T20661] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.3623: couldn't read orphan inode 15 (err -117)
[ 1618.641550][T20661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1619.019941][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1619.137105][ T5789] Bluetooth: hci1: command 0x0406 tx timeout
[ 1619.143275][ T5789] Bluetooth: hci4: command 0x0406 tx timeout
[ 1619.216916][   T50] Bluetooth: hci0: command 0x0406 tx timeout
[ 1619.815906][T20684] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.3627'.
[ 1620.253281][T20696] loop4: detected capacity change from 0 to 512
[ 1620.303464][T20696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1620.316274][T20696] ext4 filesystem being mounted at /217/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1620.432945][T20700] tipc: Started in network mode
[ 1620.438516][T20700] tipc: Node identity 6ac1efb5e83c, cluster identity 4711
[ 1620.447484][T20700] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1620.455734][T20700] syzkaller0: entered promiscuous mode
[ 1620.461520][T20700] syzkaller0: entered allmulticast mode
[ 1620.494392][T20700] tipc: Resetting bearer <eth:syzkaller0>
[ 1620.567597][T20699] tipc: Resetting bearer <eth:syzkaller0>
[ 1620.575059][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1620.621671][T20699] tipc: Disabling bearer <eth:syzkaller0>
[ 1621.011247][T20717] loop4: detected capacity change from 0 to 1024
[ 1621.040929][T20717] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1621.066507][T20719] loop1: detected capacity change from 0 to 1024
[ 1621.085399][T20719] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1621.121103][T20717] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1621.127875][T20719] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1621.146525][T20717] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1621.163878][T20729] loop6: detected capacity change from 0 to 128
[ 1621.216845][   T50] Bluetooth: hci4: command 0x0406 tx timeout
[ 1621.216921][ T5789] Bluetooth: hci1: command 0x0406 tx timeout
[ 1621.231235][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1621.265232][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1621.304725][ T5789] Bluetooth: hci0: command 0x0406 tx timeout
[ 1621.366848][T20731] loop3: detected capacity change from 0 to 512
[ 1621.467070][T20733] loop1: detected capacity change from 0 to 512
[ 1621.525413][T20733] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1621.571224][T20733] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.3646: bg 0: block 248: padding at end of block bitmap is not set
[ 1621.595967][   T28] kauditd_printk_skb: 40 callbacks suppressed
[ 1621.595981][   T28] audit: type=1326 audit(1753795255.107:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20734 comm="syz.4.3648" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f74b9d8e9a9 code=0x0
[ 1621.634317][T20733] Quota error (device loop1): write_blk: dquota write failed
[ 1621.643193][T20733] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1621.663011][T20740] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1621.669227][T20733] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3646: Failed to acquire dquot type 1
[ 1621.692654][T20740] loop4: detected capacity change from 0 to 256
[ 1621.694067][T20733] EXT4-fs (loop1): 1 truncate cleaned up
[ 1621.734723][T20733] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1621.780007][T20733] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[ 1621.798944][T20733] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1621.809513][T20733] Quota error (device loop1): do_check_range: Getting block 1536 out of range 0-5
[ 1621.824104][T20733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3646'.
[ 1621.834963][T20733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3646'.
[ 1621.909259][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1622.000464][T20749] loop3: detected capacity change from 0 to 1024
[ 1622.015917][T20749] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1622.047152][T20749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1622.130851][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1622.368495][T20767] loop6: detected capacity change from 0 to 512
[ 1622.401087][T20767] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1622.448033][T20767] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm syz.6.3661: bg 0: block 248: padding at end of block bitmap is not set
[ 1622.473498][T20767] Quota error (device loop6): write_blk: dquota write failed
[ 1622.482468][T20767] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[ 1622.502753][T20767] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.3661: Failed to acquire dquot type 1
[ 1622.520632][T20774] loop3: detected capacity change from 0 to 128
[ 1622.523047][T20767] EXT4-fs (loop6): 1 truncate cleaned up
[ 1622.570333][T20767] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1622.599591][T20767] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[ 1622.620167][T20767] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1622.631211][T20767] Quota error (device loop6): do_check_range: Getting block 1536 out of range 0-5
[ 1622.645815][T20767] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3661'.
[ 1622.659572][T20767] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3661'.
[ 1622.716237][T20781] loop4: detected capacity change from 0 to 512
[ 1622.717898][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1622.731606][T20781] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.3666: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[ 1622.750279][T20781] EXT4-fs error (device loop4): ext4_quota_enable:7132: comm syz.4.3666: Bad quota inode: 3, type: 0
[ 1622.776147][T20781] EXT4-fs warning (device loop4): ext4_enable_quotas:7173: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[ 1622.794398][T20781] EXT4-fs (loop4): mount failed
[ 1622.924314][T20787] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[ 1622.931133][T20787] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1622.946089][T20787] vhci_hcd vhci_hcd.0: Device attached
[ 1622.963925][T20787] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(14)
[ 1622.970563][T20787] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1622.979285][T20787] vhci_hcd vhci_hcd.0: Device attached
[ 1622.987813][T20787] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(16)
[ 1622.994441][T20787] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1623.003165][T20787] vhci_hcd vhci_hcd.0: Device attached
[ 1623.015193][T20787] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1623.032398][T20787] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(20)
[ 1623.039039][T20787] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1623.051179][T20787] vhci_hcd vhci_hcd.0: Device attached
[ 1623.060699][T20787] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(22)
[ 1623.067315][T20787] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1623.076877][T20787] vhci_hcd vhci_hcd.0: Device attached
[ 1623.084977][T20787] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1623.096492][T20787] vhci_hcd vhci_hcd.0: pdev(1) rhport(6) sockfd(27)
[ 1623.103122][T20787] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1623.119879][T20803] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.3669'.
[ 1623.119917][T20787] vhci_hcd vhci_hcd.0: Device attached
[ 1623.149496][T20798] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.3669'.
[ 1623.189395][T20804] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1623.210220][T20787] vhci_hcd vhci_hcd.0: port 0 already used
[ 1623.235137][T20801] vhci_hcd: connection closed
[ 1623.238545][T20799] vhci_hcd: connection closed
[ 1623.244857][T18767] vhci_hcd: stop threads
[ 1623.255142][T18522] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[ 1623.259581][T20788] vhci_hcd: connection closed
[ 1623.263443][T20793] vhci_hcd: connection closed
[ 1623.268801][T20795] vhci_hcd: connection closed
[ 1623.273696][T20790] vhci_hcd: connection closed
[ 1623.280533][T18767] vhci_hcd: release socket
[ 1623.294730][T18767] vhci_hcd: disconnect device
[ 1623.302593][T20789] vhci_hcd: sendmsg failed!, ret=-32 for 48
[ 1623.325822][T18767] vhci_hcd: stop threads
[ 1623.336270][T18767] vhci_hcd: release socket
[ 1623.350803][T18767] vhci_hcd: disconnect device
[ 1623.368065][T18767] vhci_hcd: stop threads
[ 1623.372376][T18767] vhci_hcd: release socket
[ 1623.385103][T18767] vhci_hcd: disconnect device
[ 1623.393422][T18767] vhci_hcd: stop threads
[ 1623.398017][T18767] vhci_hcd: release socket
[ 1623.402746][T18767] vhci_hcd: disconnect device
[ 1623.408090][T18767] vhci_hcd: stop threads
[ 1623.413010][T18767] vhci_hcd: release socket
[ 1623.420367][T18767] vhci_hcd: disconnect device
[ 1623.425838][T18767] vhci_hcd: stop threads
[ 1623.430936][T18767] vhci_hcd: release socket
[ 1623.435563][T18767] vhci_hcd: disconnect device
[ 1623.735160][T20818] loop3: detected capacity change from 0 to 512
[ 1623.919771][T20818] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1623.949124][T20818] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.3675: bg 0: block 248: padding at end of block bitmap is not set
[ 1623.966535][T20818] Quota error (device loop3): write_blk: dquota write failed
[ 1623.974232][T20818] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1623.984362][T20818] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.3675: Failed to acquire dquot type 1
[ 1624.000325][T20818] EXT4-fs (loop3): 1 truncate cleaned up
[ 1624.035177][T20818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1624.054102][T20818] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1624.070474][T20818] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1624.080522][T20818] Quota error (device loop3): do_check_range: Getting block 1536 out of range 0-5
[ 1624.091000][T20831] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.3678'.
[ 1624.109949][T20818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3675'.
[ 1624.122432][T20818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3675'.
[ 1624.213224][T20826] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.3678'.
[ 1624.967459][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1625.061194][T20842] netlink: 'syz.6.3684': attribute type 30 has an invalid length.
[ 1625.067573][T20839] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3682'.
[ 1625.069258][T20842] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3684'.
[ 1625.156968][T20844] pimreg: entered allmulticast mode
[ 1625.248867][T20846] loop6: detected capacity change from 0 to 2048
[ 1625.368861][T20853] program syz.1.3686 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1625.374919][T20846] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1625.395038][T20853] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1625.980620][T20855] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1625.996026][T20855] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 300 with error 28
[ 1625.996161][T20860] loop1: detected capacity change from 0 to 512
[ 1626.009400][T20855] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1626.009400][T20855] 
[ 1626.044982][T20855] EXT4-fs (loop6): Total free blocks count 0
[ 1626.051291][T20855] EXT4-fs (loop6): Free/Dirty block details
[ 1626.051639][T20860] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1626.057407][T20855] EXT4-fs (loop6): free_blocks=2415919104
[ 1626.069443][T20855] EXT4-fs (loop6): dirty_blocks=304
[ 1626.075193][T20855] EXT4-fs (loop6): Block reservation details
[ 1626.081337][T20855] EXT4-fs (loop6): i_reserved_data_blocks=19
[ 1626.113029][T20860] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.3689: bg 0: block 248: padding at end of block bitmap is not set
[ 1626.141576][T20860] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3689: Failed to acquire dquot type 1
[ 1626.187965][T20860] EXT4-fs (loop1): 1 truncate cleaned up
[ 1626.213188][T20866] loop3: detected capacity change from 0 to 764
[ 1626.223104][T20860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1626.254629][T20866] rock: directory entry would overflow storage
[ 1626.280406][T20866] rock: sig=0x5245, size=8, remaining=5
[ 1626.286814][T20860] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[ 1626.342516][T20860] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1626.367014][T13551] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[ 1626.559828][T20873] loop3: detected capacity change from 0 to 1024
[ 1626.583697][T20875] loop6: detected capacity change from 0 to 512
[ 1626.606415][T20875] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1626.615117][T20873] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1626.663109][T20873] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1626.682693][T20875] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1626.698725][T20875] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1626.791118][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1626.811789][T20874] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[ 1626.975221][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1627.013994][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1627.426703][T13071] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[ 1627.480814][T20892] loop6: detected capacity change from 0 to 512
[ 1627.538110][T20892] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1627.597030][T20892] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1627.658918][T13071] usb 2-1: config 0 has an invalid descriptor of length 195, skipping remainder of the config
[ 1627.686738][T13071] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1627.708052][T13071] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[ 1627.733706][T20892] __quota_error: 3 callbacks suppressed
[ 1627.733723][T20892] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[ 1627.752123][T13071] usb 2-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[ 1627.779229][T13071] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1627.787594][T20892] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 1627.816701][T20892] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.3699: Failed to acquire dquot type 1
[ 1627.853185][T20888] loop3: detected capacity change from 0 to 32768
[ 1627.872986][T20888] XFS: noikeep mount option is deprecated.
[ 1627.884686][T13071] usb 2-1: config 0 descriptor??
[ 1627.980898][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1627.982244][T20888] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1628.109802][T20888] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[ 1628.158632][T13071] usb 2-1: string descriptor 0 read error: -71
[ 1628.174426][T20888] XFS (loop3): Starting recovery (logdev: internal)
[ 1628.179855][T13071] usb 2-1: USB disconnect, device number 2
[ 1628.198955][T20905] input: syz1 as /devices/virtual/input/input5
[ 1628.246534][T20888] XFS (loop3): Ending recovery (logdev: internal)
[ 1628.308548][   T28] audit: type=1800 audit(1753795261.827:254): pid=20888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3697" name="file1" dev="loop3" ino=4422 res=0 errno=0
[ 1628.426708][T18522] vhci_hcd: vhci_device speed not set
[ 1628.514990][T16919] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1628.783065][T20908] loop1: detected capacity change from 0 to 1024
[ 1628.804883][T20908] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1628.868240][T20908] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1628.887505][T20908] ext4 filesystem being mounted at /298/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1628.972794][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1629.087314][T20913] loop4: detected capacity change from 0 to 512
[ 1629.120012][T20915] loop1: detected capacity change from 0 to 128
[ 1629.127038][T20913] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1629.142620][T20915] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1629.163082][T20913] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.3704: bg 0: block 248: padding at end of block bitmap is not set
[ 1629.180186][T20915] ext4 filesystem being mounted at /299/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1629.197921][T20913] Quota error (device loop4): write_blk: dquota write failed
[ 1629.211158][T20913] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 1629.228159][T20913] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3704: Failed to acquire dquot type 1
[ 1629.242909][T20913] EXT4-fs (loop4): 1 truncate cleaned up
[ 1629.254267][T20913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1629.272211][T20913] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[ 1629.292328][T20913] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1629.303397][T20913] Quota error (device loop4): do_check_range: Getting block 1536 out of range 0-5
[ 1629.303720][T17241] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1629.319454][T20913] __nla_validate_parse: 4 callbacks suppressed
[ 1629.319469][T20913] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3704'.
[ 1629.369566][T20913] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3704'.
[ 1629.469960][T20930] syz.1.3707[20930] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1629.470122][T20930] syz.1.3707[20930] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1629.819915][T10027] usb usb36-port1: attempt power cycle
[ 1630.498652][T10027] usb usb36-port1: unable to enumerate USB device
[ 1632.364689][T18155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1634.432895][T20977] loop1: detected capacity change from 0 to 512
[ 1634.465358][T20977] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1634.551172][T20977] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.3720: bg 0: block 248: padding at end of block bitmap is not set
[ 1634.601224][T20977] Quota error (device loop1): write_blk: dquota write failed
[ 1634.618052][T20977] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1634.644244][T20977] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3720: Failed to acquire dquot type 1
[ 1634.690584][T20977] EXT4-fs (loop1): 1 truncate cleaned up
[ 1635.075785][T20977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1635.153191][T20977] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[ 1635.206935][T20977] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1635.251022][T20977] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3720'.
[ 1635.251294][T20981] Quota error (device loop1): do_check_range: Getting block 1536 out of range 0-5
[ 1635.290548][T20977] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3720'.
[ 1635.440463][T20992] syz.6.3724[20992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1635.440758][T20992] syz.6.3724[20992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1635.717808][T20997] loop3: detected capacity change from 0 to 128
[ 1638.432630][T17241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1639.194394][T21035] syz.6.3739[21035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1639.194671][T21035] syz.6.3739[21035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1639.579728][T21039] pimreg: entered allmulticast mode
[ 1639.629873][T21038] pimreg: left allmulticast mode
[ 1639.686723][T21041] smc: net device bond0 applied user defined pnetid SYZ0
[ 1639.701049][T21041] smc: net device bond0 erased user defined pnetid SYZ0
[ 1640.090731][T21057] loop6: detected capacity change from 0 to 1024
[ 1640.134697][T21057] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1640.181578][T21054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1640.199646][T21054] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1640.210843][T21054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1640.223393][T21054] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1640.232381][T21057] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1640.296163][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1640.405232][T21069] smc: net device bond0 applied user defined pnetid SYZ0
[ 1640.413760][T21069] smc: net device bond0 erased user defined pnetid SYZ0
[ 1640.666487][T21072] loop6: detected capacity change from 0 to 4096
[ 1640.721839][T21072] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1640.804153][T21072] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1641.007601][T21072] EXT4-fs (loop6): Online defrag not supported with bigalloc
[ 1641.277852][T18611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1641.976303][T21090] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3760'.
[ 1641.988857][T21090] netlink: 'syz.3.3760': attribute type 30 has an invalid length.
[ 1641.996901][T21090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3760'.
[ 1642.017741][T21090] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3760'.
[ 1642.030952][T21090] netlink: 'syz.3.3760': attribute type 30 has an invalid length.
[ 1642.041960][T21090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3760'.
[ 1642.152570][T21092] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3761'.
[ 1642.540702][T21104] pimreg: entered allmulticast mode
[ 1642.551300][T21106] syz.6.3757[21106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1642.551594][T21106] syz.6.3757[21106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1642.565790][T21104] pimreg: left allmulticast mode
[ 1642.778796][T21108] loop3: detected capacity change from 0 to 1024
[ 1642.797150][T21108] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1642.853279][T21108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1642.936701][T16919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1643.169046][T21116] loop1: detected capacity change from 0 to 40427
[ 1643.190770][T21116] F2FS-fs (loop1): invalid crc value
[ 1643.218568][T21116] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1643.245996][T21116] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1643.544488][T21122] ------------[ cut here ]------------
[ 1643.550330][T21122] kernel BUG at fs/f2fs/segment.c:3481!
[ 1643.556139][T21122] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1643.562225][T21122] CPU: 0 PID: 21122 Comm: syz.1.3769 Not tainted 6.6.100-syzkaller #0
[ 1643.570388][T21122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1643.580448][T21122] RIP: 0010:f2fs_allocate_data_block+0x3f0c/0x3f50
[ 1643.586967][T21122] Code: 21 fe 48 8b 54 24 30 e9 c6 eb ff ff e8 3d 68 ca fd 48 c7 c7 f0 cb 2f 8d 4c 89 f6 e8 0e e7 95 00 e9 e2 eb ff ff e8 24 68 ca fd <0f> 0b e8 1d 68 ca fd 0f 0b e8 16 68 ca fd 0f 0b e8 0f 68 ca fd 0f
[ 1643.606593][T21122] RSP: 0018:ffffc90004baf850 EFLAGS: 00010287
[ 1643.612666][T21122] RAX: ffffffff83bb2d5c RBX: 0000000000000201 RCX: 0000000000080000
[ 1643.620650][T21122] RDX: ffffc9000f6d5000 RSI: 00000000000402dc RDI: 00000000000402dd
[ 1643.628629][T21122] RBP: 0000000000000200 R08: ffff88805c1ed45f R09: 1ffff1100b83da8b
[ 1643.636606][T21122] R10: dffffc0000000000 R11: ffffed100b83da8c R12: 1ffff92000975f7c
[ 1643.644577][T21122] R13: 0000000000000000 R14: 0000000000003c01 R15: dffffc0000000000
[ 1643.652575][T21122] FS:  00007fb1b0f1b6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1643.661517][T21122] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1643.668102][T21122] CR2: 000000110c28ff9e CR3: 00000000660d3000 CR4: 00000000003506f0
[ 1643.676077][T21122] Call Trace:
[ 1643.679356][T21122]  <TASK>
[ 1643.682298][T21122]  ? f2fs_mark_inode_dirty_sync+0x120/0x1f0
[ 1643.688213][T21122]  f2fs_map_blocks+0x1697/0x3c00
[ 1643.693183][T21122]  ? f2fs_get_block_locked+0xe0/0xe0
[ 1643.698477][T21122]  ? __up_read+0x280/0x670
[ 1643.702910][T21122]  ? up_read+0x20/0x20
[ 1643.706982][T21122]  ? f2fs_allocate_pinning_section+0x1af/0x590
[ 1643.713140][T21122]  f2fs_expand_inode_data+0x5c2/0x970
[ 1643.718522][T21122]  ? f2fs_insert_range+0x3d0/0x3d0
[ 1643.723636][T21122]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1643.729276][T21122]  ? f2fs_fallocate+0x404/0x8a0
[ 1643.734131][T21122]  f2fs_fallocate+0x416/0x8a0
[ 1643.738810][T21122]  vfs_fallocate+0x58e/0x700
[ 1643.743401][T21122]  __x64_sys_fallocate+0xc1/0x110
[ 1643.748430][T21122]  do_syscall_64+0x55/0xb0
[ 1643.752845][T21122]  ? clear_bhb_loop+0x40/0x90
[ 1643.757518][T21122]  ? clear_bhb_loop+0x40/0x90
[ 1643.762191][T21122]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1643.768085][T21122] RIP: 0033:0x7fb1b018e9a9
[ 1643.772501][T21122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1643.792121][T21122] RSP: 002b:00007fb1b0f1b038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1643.800541][T21122] RAX: ffffffffffffffda RBX: 00007fb1b03b6160 RCX: 00007fb1b018e9a9
[ 1643.808520][T21122] RDX: 000000000000fc01 RSI: 0000000000000000 RDI: 0000000000000009
[ 1643.816489][T21122] RBP: 00007fb1b0210d69 R08: 0000000000000000 R09: 0000000000000000
[ 1643.824461][T21122] R10: 00000000001000f4 R11: 0000000000000246 R12: 0000000000000000
[ 1643.832431][T21122] R13: 0000000000000000 R14: 00007fb1b03b6160 R15: 00007ffce701e598
[ 1643.840413][T21122]  </TASK>
[ 1643.843440][T21122] Modules linked in:
[ 1643.848783][T21122] ---[ end trace 0000000000000000 ]---
[ 1643.854280][T21122] RIP: 0010:f2fs_allocate_data_block+0x3f0c/0x3f50
[ 1643.861889][T21122] Code: 21 fe 48 8b 54 24 30 e9 c6 eb ff ff e8 3d 68 ca fd 48 c7 c7 f0 cb 2f 8d 4c 89 f6 e8 0e e7 95 00 e9 e2 eb ff ff e8 24 68 ca fd <0f> 0b e8 1d 68 ca fd 0f 0b e8 16 68 ca fd 0f 0b e8 0f 68 ca fd 0f
[ 1643.881633][T21122] RSP: 0018:ffffc90004baf850 EFLAGS: 00010287
[ 1643.887838][T21122] RAX: ffffffff83bb2d5c RBX: 0000000000000201 RCX: 0000000000080000
[ 1643.896877][T21122] RDX: ffffc9000f6d5000 RSI: 00000000000402dc RDI: 00000000000402dd
[ 1643.904900][T21122] RBP: 0000000000000200 R08: ffff88805c1ed45f R09: 1ffff1100b83da8b
[ 1643.913182][T21122] R10: dffffc0000000000 R11: ffffed100b83da8c R12: 1ffff92000975f7c
[ 1643.921225][T21122] R13: 0000000000000000 R14: 0000000000003c01 R15: dffffc0000000000
[ 1643.929243][T21122] FS:  00007fb1b0f1b6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1643.938279][T21122] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1643.944884][T21122] CR2: 000000110c28ff9e CR3: 00000000660d3000 CR4: 00000000003506f0
[ 1643.952922][T21122] Kernel panic - not syncing: Fatal exception
[ 1643.959183][T21122] Kernel Offset: disabled
[ 1643.963491][T21122] Rebooting in 86400 seconds..