last executing test programs:

4m4.35298548s ago: executing program 2 (id=1042):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0xfe, &(0x7f00000001c0)=[{&(0x7f00000007c0)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40002400f000100035c0461c1d67f6f94007134cf6edb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x20000800)

4m4.352693022s ago: executing program 2 (id=1043):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xb46, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4000, @fd, 0xd4b, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x473a, 0x74ee, 0x0, 0x0, 0x0)

4m4.271269171s ago: executing program 2 (id=1044):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f00000005c0)=0x1, 0x4)

4m4.270716883s ago: executing program 2 (id=1046):
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x3800813, &(0x7f00000007c0)=ANY=[@ANYBLOB='iocharset=cp1251,utf8,overriderockperm,nojoliet,nojoliet,overriderockperm,dmode=0x0000000000000003,dmode=0x0000000000000002,mode=0x0000000000000080,hide,block=0x0000000000000200,map=acorn,overriderockperm,check=relaxed,gid=', @ANYRESHEX=0x0, @ANYBLOB=',wid=', @ANYRESHEX=0x0, @ANYBLOB=',check=relaxed,overriderockperm,dmode=0x0000000000000050,\x00'], 0x5, 0xa51, &(0x7f0000001240)="$eJzs3ctvXNd9B/DvHZISQ7u24qiuKzjiSK4UxmEpkqqlCl6kEjmSmPJRkBRgoYsojahCEFu3cQs4RoEoQNFVjBZo0UW7M7rqykA2TReFN0W7a1ZdFCj8LwRdqSsG986QHJIzHIrhy8rnQ8zMffzuOec+zj2cmTv3hC+WtVe3jK2tVY99jt/75yMoMSfYrenPP/n04/Lxw6c5lb68U/xLMpiknvQneSMZmJpeXJjrkdCT5EGSz5Iiyek0X/fkQYq/zsub45+l+Mcy365O7TVlelnjl9pxH38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHASFVPT4+MTxanMzN97r96U1HeYml5cKLK2tnPO+jJNP6l6/S5+0jPfpCgfGRxc7+r7jbObs19PUr+YN5tjb1YdkmcwH730+pl3v9JfW1++W2l+Iaf3nuwH3//oyXdWV1e+13FuURxgqU6Y5jFypzE/s7QwM3fzTqM+s7RQv3Ht2viVu7eX6rdnZhtL95eWG3P1qcXGzeWFxfrI1NfrEzduXK03xu4v3Ju/Mz0221ifeP03J8fHr9W/NfZ7jZuLSwvzV741tjR1d2Z2dmb+ThVTzi5jrpcH4u/OLNeXGzfn6vVHj1dXrm4rWV+2Hb9l0ESv9SmDJnsFTY5PTk5MTE5O/LDVe/bGhGvv3Hjn+vh4/3jTy2kNZEfEIR20nCxf6r6bD/4kDvtUa7b/yWxmMp97eS/1jn9Tmc5iFjLXZX7Levt/6Upj12zT1v63Wvn+tvnnyqeLOd8aHezS/ncpy9H9fZDv56M8yXeymtWs5HvHXqKj/buTRuYzk6UsZCZzuVlNqbem1HMj13It4/l27mY4S+nP7cxkNo0s5X6WspxGdURNZTGN3MxyFrKYekYyla+nnoncyI1cTT2NjOV+FnIv87mT6dysUnmUx9V2v7pLGTeCJvYSNLlL0I7GvFv7v2H7Io3t/5zwAqrtupcP4SwO+7PWav9P9Q4dmdoy2n94hQIAAAAO1K//Z145+9p//G9S5KvV9/K3Z2Yb48ddLAAAAOAAVZfrvVm+DJRDX03h/T8AAAC8aIrqN3ZFkqEMN4fWfwnlQwAAAAB4QVTf/59PMbw5wft/AAAAeMH0vsd+z4hidP32v/WHzdeHrYjmWDF0e2a2MTa1MPvuRC5XdxmofmmwI7W+pBiofn7wdi40oy4MNV+HNlMs8xwsoybG3p3I27nYWpGRt8qXt0Y6RE42I7/WjPxae2RftkReLSMB4EV3cZf2eK/t/9sZbUaMnqua/P5zW9rgvqplHdeyAsBJsdHHzv+3ujTr0P6fb94b4Hy39v+3dnn/X0a8lkfDzUsKxvLdvJ/VPMxoWlccDHdKdb03guZlCKM9Pg0Yal2y8NPrtYzu+DxgcGNd22NXMpnRjp8ItKVbrJfhajOu77D2AgAcrYu7tsPr7X/1IXnX9n909/f/bW2uSwoB4CTY6MH+eQeG9x583OsIAGyllQYAAAAAAAAAAAAAAAAAAAAAAAAAAICDt6cb+P/X5WR1dSXZb2cBHQZ++u//+itdY370UjL4PCXcfaCWAynz6SQHsu6HN9CX5Lhy/2aee6lyH5+UTfciDRRPqwr7C6VzzCcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjkSR9HWaXktOJxlPcuXoS3V4nh53AQ5KfX+LFc/yLB/mlYMuDgAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL7vW/f9rab6+1JyU/lpyKcmDJL9/3GV8HoM95j87onKcPH9UPbfd/7+WDGStSH/W1tbWkmJganpxYa48FIrT5fzPP/n04/LRNckfrA/s7FWhTKDMYUvnEq0c2qYMbF3qy9VSQ9MrHzz5s/f/pD59qzowby3fnp2eu7P4O5uBrxc/bnaB0N4Nwnp5/+LSv/1N2+RTrcx/nP5uK7I939tVvtM78/21Tkt3yXcPHq+uTJY5LTfeW/7zP661z3otF5K3RpKRrTn9YfnoktOF7dtzq+JnxV8Vr+Tv86Da/+XWKNaKche9Wq3/lx49Xl0Z++77qw83yvSDxx+2JXAmw0kebq1lPco0XJ1POnqpynWgzHW8CiqfzvZIb1dtKU5sbtct6/Dl6pAZeq51qHdfh0qP7d4q0dXtJVorK8nf/ulXcnnXPX26Q4qXe+TYUfGz4n+Ku/nv/GVb/x+1cv9fSsfa2SGJKrLtSGmft6V61S5trvlk+4xvb0+za63kEPwof5Df3tj/ter8315vJrvUm43z0TfbJnapN+tVq0u9OL21pu6oFy296sXOmvpPr+5oUbbmmrPbWqTW2afbMq1ynm1GdSnnr+YbSf+55zqjfKPHGaXX8vut//9QjOT/8lT/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMlXJH2dpteSS0nOJHm1HK8na9tjnu4jv9pQsZ9iHpj9lPmLp+i6osWzPMuHeeWoSwQAAAAAAADA4bg1/fknn35cPqrv4/vyG7XWnHrSn+RM8XcDU9OLC3M9EhpIHqx/pT/YOaTL5Dwon17eHP+sHHujR37He/kAAHyh/TwAAP//FnluMg==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

4m4.131624743s ago: executing program 2 (id=1049):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003d0007010000000000000000047c000049ff08800c00018006000600"], 0x34}}, 0xc000)

4m3.9710503s ago: executing program 2 (id=1051):
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x800)
ioctl$NBD_PRINT_DEBUG(r0, 0xab06)

4m3.846901617s ago: executing program 32 (id=1051):
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x800)
ioctl$NBD_PRINT_DEBUG(r0, 0xab06)

3m2.097059662s ago: executing program 3 (id=1782):
kexec_load(0x5, 0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x10000}, {0x0, 0x0, 0x3e0000, 0x8000000000}], 0x0)

3m2.027559283s ago: executing program 3 (id=1783):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010006081000418e00000a04fcff", 0x58}], 0x1)

3m2.027311421s ago: executing program 3 (id=1784):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipoib={{0xa}, {0x4}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x47f}]}, 0x3c}}, 0x0)

3m1.935555472s ago: executing program 3 (id=1787):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000180)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c00598f2f223a0a12f76404ad3bd59a04fbd75d1008c039c51a2a013e63af1c9ed7416faa1e2ea98d0f1c7337a5c81920988a4299a77054cdb12285fd7a0e5b43382d962372b73042593a5bd6b7db4a1b3721c62f11018727c29f3a1bd1e554474ea0d1da2a20b205df342a04a34b65e16a23e8e7811a984963073ebcbead85f9e4332bdef4c1ce54a1c6f7a47b75aa95b9e8cb616be40a0000b1309ee426d1803ef09abb9509846c34b9ac0bf109cedbd12c850effda9ae677566159f9c83da7ff6e247e3ac43c0a663c8c83650692e474bac2c047b238601bd5187d6bed82fe2034512ef11b74a98252198c4402bcf3165561157678e9d50831c27d1094a04d8c7607d7164033cda7a8170482"], 0x1, 0x4446, &(0x7f00000088c0)="$eJzs3c9vE9kdAPA3k1ASSiChVKJSpVoqUqu2ihJObYPUEAIhgZSKFlT1YpzEQFonRolT9cAhvSH1VKmHqgdEJW45IQ690j+hlx7Z0x6Qdg97WWklpKxsjxPPxN6YyE427OdzyHjeb/s78/yMNLw4UXm0vJ5bXs8VVnPlxQfrl3J/Lpc2VoohPiQt+z9xeP3TmV5cJ0d97X2T3b56/bf3LoXw36X/v93e3t4OVf2hpfGm159/9mSx+dgQZ+pU223dWrf8IYRwfs+4qvpCCL//TwhRCOFKkjaVHAdDCEOhnnfvyd/u57o0mpdvipfz7+afvpq4OLf17FX79x6F8K/S9372cOWTH/ZNfPSTLnUPAAAAAAAAAAAAAAAAAMAxN3Pn9t3fjI2H11Ho34r2Pq87kxzbPR+73TU/6P2bBQAAAAAAAAAAAAAAAAAAgK+p3ef/c9G5Fs//TyfHyTb1t3/V+zHSO7O/vj19bWw82f892pP/8yTp0yt9YaTFvu/Z/d+vZOq33v99bz8H1Rhfo9/hEMWjzefV/NEQ/p1s/H4hOhWXyuuVnz4ob6wudW0Yx1Y6/vXd+1PRSTb07zT+U5n2e7///3f2XE3V8/vdu8Q+aOn497Ut9+KvUUfxv5qpdxjxP7CBbo7jeErHv7+WNthcYLI+AVTj//f+/eM/nWm/V/E/E0LIRdWx5lIzQHUNU01vt14hLR3/E7W01NSZfJDt7v8vMvG/lmn/qOb/zewXES2l4/+tWlp6Wty9/0fi/e//65n2jyL+1fFv+v7vSDr+J+uJ/akitU/yxdnO5v+ZTPu9iv/dOBnnmSh1BWxF9fR2/18daen4710Q7f7+izta/93I1D+s33+Nfhu//xrT/4+jOB4d7Vp3H5x0/Afblut0/Tebqdfr+X+ytv7joNLxP1VLS6+dh2t/O43/XKb9bPw//nZ3xl1blQw04r87nwydrKc/t/7rSDr+SXDi5hKbtb+19V+0//r/Zqb9o1j/Vce/Gfe21w9FOv6ns9nfnUheVOP/vw6+/29lGvjq+Lf/96b3MWatf2Dp+A+1LVe7/wf2j/98pl6v7/8f9bJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGNgKjkOhygeTZ3H8ehoCFeT8wvhVLRQWMovlMqLf1oPYTpJz4Vz0cNSeaFQyi+vlpeK+UKpVF4M4VqSfz4MROulciW/Unh8faetwehRsbBWWSgWKiGEmST9+2Go0dbCcmWl8DiEcGMn72xcXnv8qLCaX1pe++XY2NhYmN0Zw0hU/EuluFqp917PDWFup+5w1DS4WvbNnbGcjv5Y3lhbLZRq6bea6pTKi4VSU535JO8fYSSqrG2sLhYqxXyp/LDR31GaTI7Ts3d+d+fW+J78+1H9OHW4wwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgPb2e+MU/Qwj99bM4hDDZeBG1Kv/yTfFy/t3801cTF+e2nj1/264cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCX7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEiBqIwAL8ZC2PnMaxC0tlGFNHCiOAJ9BgeRo/iJbyDhYWthQg6A5KdwDa71fc1D/IT3oP5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYzuXdfH87jBEpuu/DiNfHt/f/+XWZz2ft/w/2cCO7c3Uzn18MY3n3tJGflk8fU/5Nvz6fHqIxq5dFT5Z9+lP3HK3e1epb1yhbva/uPY6U+4iYSn6Scu771TUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+Vtn0bUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKwAA///XDB6/")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2101000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x138, 0x4)

3m1.706846848s ago: executing program 3 (id=1788):
r0 = syz_io_uring_setup(0xb, &(0x7f00000002c0)={0x0, 0x200002f, 0x800, 0x1, 0x100020b}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0xc000000, 0x0, 0x0, 0x12})
ioprio_set$uid(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3m1.407370264s ago: executing program 3 (id=1790):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(0x3)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r1, &(0x7f0000000740)='|', 0x1, 0x0, &(0x7f00000007c0)={0xa, 0x4e23, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}, 0x1c)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
shutdown(r1, 0x1)
sendmsg$inet_sctp(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)='\a', 0x1}], 0x1, &(0x7f0000000340)=[@sndrcv={0x30, 0x84, 0x1, {0x2, 0x0, 0x41, 0x808, 0x2, 0xffffffff, 0x3, 0x7fffffff}}], 0x30}, 0x0)

3m1.222340202s ago: executing program 33 (id=1790):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(0x3)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r1, &(0x7f0000000740)='|', 0x1, 0x0, &(0x7f00000007c0)={0xa, 0x4e23, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}, 0x1c)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
shutdown(r1, 0x1)
sendmsg$inet_sctp(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)='\a', 0x1}], 0x1, &(0x7f0000000340)=[@sndrcv={0x30, 0x84, 0x1, {0x2, 0x0, 0x41, 0x808, 0x2, 0xffffffff, 0x3, 0x7fffffff}}], 0x30}, 0x0)

1m59.612648822s ago: executing program 0 (id=2647):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000000000000000000000000000870a000000000000637e00000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x119, &(0x7f00000003c0)=""/281, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000}, 0x94)

1m59.61236478s ago: executing program 0 (id=2648):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x23a, &(0x7f0000000480)={0x0, 0xa101, 0x0, 0x0, 0x2cf}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000002280)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000100)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x33}, 0x7}, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0), 0x104}}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x3f, 0x0, &(0x7f0000000000)="c1188e99b95d02ff4284860586dd", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

1m59.19721112s ago: executing program 0 (id=2649):
capset(&(0x7f00000002c0)={0x20071026}, &(0x7f0000000380)={0x200, 0x7fff, 0x0, 0x0, 0x9, 0x2})
r0 = fanotify_init(0x200, 0x0)
fanotify_mark(r0, 0x71, 0x40000009, 0xffffffffffffffff, 0x0)

1m58.992669388s ago: executing program 0 (id=2650):
r0 = syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000500)=ANY=[], 0xc, 0xac, &(0x7f0000000100)="$eJzs0jFqwzAUBuBnY7cdu3foDXwHn6BnMB3tzZNLJ9+nlyh07RFygwxZsygYyUP2QAh8H0hPP/8ikP7PP2+xRryvESmlJu2aSPPyNQ7TvLTjMEVEG3+RVWU+Bw+uLs/ZR/4DWz72uatKfzh9f+4rNx+/eT7d7+IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEPV63Wuo+vK8WXbLgEAAP//2Bwh+A==")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
unshare(0x2040400)
syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpriority(0x1, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x8000c61)
getdents64(r0, 0x0, 0x0)

1m58.966175323s ago: executing program 0 (id=2652):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x4, 0x8})
readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4087, 0xff7}], 0x1)

1m58.048758973s ago: executing program 0 (id=2661):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x4000)

1m57.78414074s ago: executing program 34 (id=2661):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x4000)

57.045759172s ago: executing program 5 (id=3573):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000680), &(0x7f00000006c0)='./file0\x00', 0x4, &(0x7f0000000700)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x1, 0x0, 0x0)
unshare(0x22020400)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r1, 0x8004e500, &(0x7f0000000200)=r0)

56.116343842s ago: executing program 5 (id=3596):
unshare(0x2040400)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x8, 0x0, &(0x7f0000000300))

56.03052753s ago: executing program 5 (id=3597):
syz_usb_connect(0x2, 0x24, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0xd6, 0xae, 0x87, 0x20, 0xc0b, 0xa109, 0x17a3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x14, 0x0, 0x0, 0x78, 0x1c, 0x53, 0xff}}]}}]}}, 0x0)

55.036938598s ago: executing program 1 (id=3617):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x1c, r1, 0x305, 0x0, 0x0, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x20000000)

54.972747662s ago: executing program 1 (id=3619):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x6, 0x0, 0x0, 0xffffffffffffffe0}]}, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x5}, 0x94)

54.972476946s ago: executing program 1 (id=3621):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x8000000}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x78}}, 0x0)

54.815995491s ago: executing program 1 (id=3622):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_GET_CHILD_SUBREAPER(0x25)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$chown(0x6, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000c00)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r4, 0x10e, 0x3, &(0x7f00000000c0)=0xffff, 0x4)
write(r4, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
recvmmsg(r4, &(0x7f0000001dc0)=[{{0x0, 0x0, 0xfffffffffffffffe}, 0x4}], 0x1, 0x0, 0x0)

54.814640053s ago: executing program 5 (id=3625):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x402)
writev(r1, &(0x7f0000000880)=[{&(0x7f0000000180)="2998337eab75ba710a8542eda854c07cc39367eb5dfaebe008a27ee0dc455aa8cf521e79c5e4be75a6ae2aa4867026b62f0f53d15e8031c67421a9a1a88a", 0x3e}], 0x1)

53.715225458s ago: executing program 1 (id=3629):
syz_usb_connect$printer(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x2, 0x60, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x7, 0x1, 0x2, 0x3, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x6a, 0x80, 0x80}}, [{{0x9, 0x5, 0x82, 0x2, 0x8, 0x0, 0x5, 0x5}}]}}}]}}]}}, &(0x7f00000001c0)={0x0, 0x0, 0x5, &(0x7f0000000080)={0x5, 0xf, 0x5}, 0x2, [{0x2, &(0x7f0000000100)=@string={0x2}}, {0x6, &(0x7f0000000180)=@string={0x6, 0x3, "e3d555df"}}]})

53.559942627s ago: executing program 4 (id=3631):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$kcm(0x29, 0x2, 0x0)
recvmsg(r0, &(0x7f0000001d40)={0x0, 0x0, 0x0}, 0x20)

53.334174134s ago: executing program 4 (id=3632):
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0xb470)

53.334002694s ago: executing program 4 (id=3633):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="6400000010000000000000000000000006000005050001"], 0x64}}, 0x4800)

53.205762111s ago: executing program 4 (id=3634):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x6e}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

53.20030474s ago: executing program 5 (id=3635):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x4, &(0x7f00000002c0)={@local={0xac, 0x2, 0x44, 0xa}, @private=0x5000000}, 0xc)
getsockopt$inet_opts(r0, 0x0, 0x4, 0x0, &(0x7f0000000000))

52.928602366s ago: executing program 4 (id=3636):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x6}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x3}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
lseek(r5, 0x10000000005, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)

46.672355934s ago: executing program 1 (id=3637):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f00000006c0)="427ceb06c363ea07fcd5c8af1ace", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

40.703685797s ago: executing program 5 (id=3638):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x1, &(0x7f0000000280)=[{0x6, 0x6, 0xfb}]}, 0x10)

39.165039268s ago: executing program 4 (id=3639):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10882008000f00fff3c00e140000001a00ffffba16a0aa1c091dbfa1090000", 0x38}], 0x1}, 0x0)

22.462190412s ago: executing program 35 (id=3638):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x1, &(0x7f0000000280)=[{0x6, 0x6, 0xfb}]}, 0x10)

0s ago: executing program 36 (id=3637):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f00000006c0)="427ceb06c363ea07fcd5c8af1ace", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

kernel console output (not intermixed with test programs):

c-816d-cd80a5b93e5d
[  204.412978][ T9758] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  204.442031][ T9758] BTRFS info (device loop3): enabling ssd optimizations
[  204.445068][ T9758] BTRFS info (device loop3): enabling free space tree
[  204.470622][ T8562] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.613123][ T9778] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.621190][ T9778] bond0: (slave rose0): Enslaving as an active interface with an up link
[  205.035244][ T9784] loop0: detected capacity change from 0 to 16384
[  205.089729][ T9784] bcachefs (loop0): starting version 1.13: inode_has_child_snapshots opts=metadata_checksum=xxhash,data_checksum=none,recovery_pass_last=scan_for_btree_nodes,read_only,reconstruct_alloc,version_upgrade=incompatible,nocow
[  205.089754][ T9784]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  205.107431][ T9784] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  205.111088][ T9784] bcachefs (loop0): recovering from clean shutdown, journal seq 18
[  205.114321][ T9784] bcachefs (loop0): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  205.114321][ T9784]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  205.125500][ T9784] bcachefs (loop0): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 1.13: inode_has_child_snapshots
[  205.125500][ T9784] 
[  205.139489][ T9784] bcachefs (loop0): dropping and reconstructing all alloc info
[  205.171111][ T9784] bcachefs (loop0): done starting filesystem
[  205.249928][ T5851] bcachefs (loop0): shutting down
[  205.287716][ T5851] bcachefs (loop0): shutdown complete
[  205.348856][   T33] audit: type=1326 audit(1758278373.813:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.357598][   T33] audit: type=1326 audit(1758278373.813:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.378210][   T33] audit: type=1326 audit(1758278373.833:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.386757][   T33] audit: type=1326 audit(1758278373.833:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.395368][   T33] audit: type=1326 audit(1758278373.833:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.409548][   T33] audit: type=1326 audit(1758278373.833:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.426847][   T33] audit: type=1326 audit(1758278373.833:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.450535][   T33] audit: type=1326 audit(1758278373.833:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.459491][   T33] audit: type=1326 audit(1758278373.833:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.468345][   T33] audit: type=1326 audit(1758278373.833:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9794 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  205.652901][ T9803] syz_tun: entered allmulticast mode
[  205.666048][ T9802] syz_tun: left allmulticast mode
[  205.797319][ T9810] netlink: 'syz.3.1594': attribute type 1 has an invalid length.
[  205.843733][ T9812] loop3: detected capacity change from 0 to 16
[  205.851750][ T9812] erofs (device loop3): mounted with root inode @ nid 36.
[  205.875850][ T9812] evm: overlay not supported
[  206.001633][ T9818] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1597'.
[  206.005214][ T9818] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1597'.
[  206.115905][ T9825] netlink: 'syz.1.1601': attribute type 10 has an invalid length.
[  206.150544][ T9825] 8021q: adding VLAN 0 to HW filter on device team0
[  206.157447][ T9825] bond0: (slave team0): Enslaving as an active interface with an up link
[  206.202730][ T9830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1603'.
[  206.206464][ T9830] netlink: 312 bytes leftover after parsing attributes in process `syz.3.1603'.
[  206.217484][ T9830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1603'.
[  206.462890][ T9846] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  206.467115][ T9846] block device autoloading is deprecated and will be removed.
[  207.601807][ T9865] loop0: detected capacity change from 0 to 4096
[  207.605400][ T9865] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  207.934043][ T9850] loop3: detected capacity change from 0 to 262144
[  207.939804][ T9850] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1611 (9850)
[  207.947666][ T9850] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  207.951843][ T9850] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  207.959193][ T9865] ntfs3(loop0): ino=1a, mi_enum_attr
[  207.961772][ T9865] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  207.967271][ T9865] ntfs3(loop0): ino=1a, mi_enum_attr
[  207.970375][ T9865] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  208.066254][ T9850] BTRFS info (device loop3): enabling ssd optimizations
[  208.068772][ T9850] BTRFS info (device loop3): turning on flush-on-commit
[  208.070991][ T9850] BTRFS info (device loop3): enabling free space tree
[  208.073350][ T9850] BTRFS info (device loop3): doing ref verification
[  208.075963][ T9850] BTRFS info (device loop3): use zlib compression, level 3
[  208.211365][ T8562] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  209.668313][ T5899] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  209.822960][ T5899] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  209.826396][ T5899] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  209.839502][ T5899] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  209.848503][ T5899] usb 1-1: config 220 has no interface number 2
[  209.851037][ T5899] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  209.878751][ T5899] usb 1-1: config 220 interface 0 has no altsetting 0
[  209.884120][ T5899] usb 1-1: config 220 interface 76 has no altsetting 0
[  209.889587][ T5899] usb 1-1: config 220 interface 1 has no altsetting 0
[  209.895470][ T5899] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  209.899840][ T5899] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.902895][ T5899] usb 1-1: Product: syz
[  209.904772][ T5899] usb 1-1: Manufacturer: syz
[  209.906601][ T5899] usb 1-1: SerialNumber: syz
[  210.186483][ T5899] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  210.189539][ T5899] usb 1-1: No valid video chain found.
[  210.191372][ T5899] usb 1-1: selecting invalid altsetting 0
[  210.210477][ T5899] usb 1-1: selecting invalid altsetting 0
[  210.212528][ T5899] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  210.220646][ T5899] usb 1-1: USB disconnect, device number 16
[  210.418107][ T6318] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  210.579245][ T6318] usb 4-1: Using ep0 maxpacket: 32
[  210.590170][ T6318] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  210.593763][ T6318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.608201][ T6318] usb 4-1: config 0 descriptor??
[  210.620818][ T6318] gspca_main: sunplus-2.14.0 probing 041e:400b
[  210.806610][ T9919] loop0: detected capacity change from 0 to 256
[  210.811512][ T9919] exfat: Deprecated parameter 'namecase'
[  210.813941][ T9919] exfat: Bad value for 'errors'
[  211.096075][ T9927] loop0: detected capacity change from 0 to 2048
[  211.130189][ T9927] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.634993][ T6318] gspca_sunplus: reg_w_riv err -71
[  211.637139][ T6318] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  211.643495][ T6318] usb 4-1: USB disconnect, device number 6
[  211.805247][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.120018][ T9955] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1649'.
[  212.129966][ T9955] geneve2: entered promiscuous mode
[  212.132086][ T9955] geneve2: entered allmulticast mode
[  212.135949][ T5879] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 57277 - 0
[  212.140084][ T5879] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 57277 - 0
[  212.143964][ T5879] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 57277 - 0
[  212.147859][ T5879] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 57277 - 0
[  212.681067][   T55] Bluetooth: hci2: unexpected event for opcode 0x2006
[  213.126627][ T9993] trusted_key: syz.1.1666 sent an empty control message without MSG_MORE.
[  213.351734][ T9999] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.1669'.
[  213.532143][T10005] loop0: detected capacity change from 0 to 4096
[  213.542910][T10005] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  213.548404][T10005] ntfs3(loop0): $Volume is corrupted.
[  213.706893][T10013] loop0: detected capacity change from 0 to 2048
[  213.715089][T10015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1676'.
[  213.826179][T10013] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.843629][T10023] netlink: 'syz.3.1678': attribute type 1 has an invalid length.
[  213.846864][T10023] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1678'.
[  213.851012][T10023] netlink: 'syz.3.1678': attribute type 1 has an invalid length.
[  214.469838][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.550820][ T6318] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  214.645028][T10031] fuse: Bad value for 'fd'
[  214.708742][ T6318] usb 4-1: too many configurations: 65, using maximum allowed: 8
[  214.718884][ T6318] usb 4-1: config 0 has no interfaces?
[  214.722331][ T6318] usb 4-1: config 0 has no interfaces?
[  214.725863][ T6318] usb 4-1: config 0 has no interfaces?
[  214.734966][ T6318] usb 4-1: config 0 has no interfaces?
[  214.741592][ T6318] usb 4-1: config 0 has no interfaces?
[  214.746857][ T6318] usb 4-1: config 0 has no interfaces?
[  214.758092][ T6318] usb 4-1: config 0 has no interfaces?
[  214.761770][ T6318] usb 4-1: config 0 has no interfaces?
[  214.773065][ T6318] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  214.776643][ T6318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.790263][ T6318] usb 4-1: config 0 descriptor??
[  215.000099][T10041] fuse: Bad value for 'fd'
[  215.442271][ T5743] usb 4-1: USB disconnect, device number 7
[  215.994381][T10047] loop0: detected capacity change from 0 to 32768
[  216.000250][T10047] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1687 (10047)
[  216.017517][T10047] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  216.021629][T10047] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  216.092751][T10047] BTRFS info (device loop0): setting nodatasum
[  216.095347][T10047] BTRFS info (device loop0): setting nodatacow
[  216.097810][T10047] BTRFS info (device loop0): enabling ssd optimizations
[  216.101041][T10047] BTRFS info (device loop0): turning on sync discard
[  216.103827][T10047] BTRFS info (device loop0): enabling free space tree
[  216.106494][T10047] BTRFS info (device loop0): enabling auto defrag
[  216.158372][T10047] BTRFS info (device loop0): max_inline set to 0
[  216.507522][T10047] BTRFS info (device loop0 state M): max_inline set to 0
[  216.530780][ T5851] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  216.738807][T10076] 8021q: adding VLAN 0 to HW filter on device bond1
[  216.763569][T10076] bond_slave_0: entered promiscuous mode
[  216.766228][T10076] bond_slave_1: entered promiscuous mode
[  216.769561][T10076] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  216.775841][T10076] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  217.041720][T10094] loop0: detected capacity change from 0 to 2048
[  217.137405][T10094] hpfs: filesystem error: improperly stopped; already mounted read-only
[  217.140997][T10094] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  217.144160][T10094] hpfs: filesystem error: sector(s) 'dir_band_bitmap' badly placed at 00000000
[  217.369557][T10103] netlink: 'syz.0.1704': attribute type 16 has an invalid length.
[  217.372547][T10103] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1704'.
[  218.594562][T10125] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  218.786207][T10127] loop3: detected capacity change from 0 to 32768
[  218.880769][T10127] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  218.880785][T10127]   allowing incompatible features above 0.0: (unknown version)
[  218.880790][T10127]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  218.893143][T10127] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  218.895718][T10127] bcachefs (loop3): initializing new filesystem
[  218.902688][T10127] bcachefs (loop3): going read-write
[  218.923086][T10127] bcachefs (loop3): marking superblocks
[  218.938607][T10127] bcachefs (loop3): initializing freespace
[  218.944913][T10127] bcachefs (loop3): done initializing freespace
[  218.950213][T10127] bcachefs (loop3): reading snapshots table
[  218.952579][T10127] bcachefs (loop3): reading snapshots done
[  219.003811][T10127] bcachefs (loop3):  loop3: Superblock write was silently dropped! (seq 0 expected 42)
[  219.008269][T10127] bcachefs (loop3): done starting filesystem
[  219.129212][   T33] kauditd_printk_skb: 7 callbacks suppressed
[  219.129230][   T33] audit: type=1800 audit(1758278387.593:49): pid=10127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1714" name="file1" dev="loop3" ino=4098 res=0 errno=0
[  219.172418][   T33] audit: type=1800 audit(1758278387.633:50): pid=10127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1714" name="file1" dev="loop3" ino=4098 res=0 errno=0
[  219.216724][T10162] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1725'.
[  219.618743][T10127] syz.3.1714 (10127) used greatest stack depth: 17448 bytes left
[  219.758828][ T8562] bcachefs (loop3): shutting down
[  219.761766][ T8562] bcachefs (loop3): going read-only
[  219.766434][ T8562] bcachefs (loop3): finished waiting for writes to stop
[  219.773762][ T8562] bcachefs (loop3): flushing journal and stopping allocators, journal seq 124
[  219.848365][ T8562] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 125
[  219.873932][ T8562] bcachefs (loop3): clean shutdown complete, journal seq 126
[  219.887921][ T8562] bcachefs (loop3): marking filesystem clean
[  220.006689][ T8562] bcachefs (loop3): shutdown complete
[  220.735395][T10184] loop0: detected capacity change from 0 to 64
[  220.785294][ T5851] Trying to free block not in datazone
[  220.792202][ T5851] Trying to free block not in datazone
[  220.795724][ T5851] Trying to free block not in datazone
[  220.797537][ T5851] Trying to free block not in datazone
[  220.800682][ T5851] Trying to free block not in datazone
[  220.802569][ T5851] Trying to free block not in datazone
[  220.804461][ T5851] Trying to free block not in datazone
[  220.806347][ T5851] Trying to free block not in datazone
[  220.813238][ T5851] Trying to free block not in datazone
[  220.817671][ T5851] Trying to free block not in datazone
[  220.820515][ T5851] Trying to free block not in datazone
[  220.822233][ T5851] Trying to free block not in datazone
[  220.824252][ T5851] Trying to free block not in datazone
[  220.828640][ T5851] Trying to free block not in datazone
[  221.509232][T10196] loop0: detected capacity change from 0 to 32768
[  221.565165][T10196] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  221.598914][T10196] XFS (loop0): Ending clean mount
[  221.605919][T10196] XFS (loop0): Quotacheck needed: Please wait.
[  221.652950][T10196] XFS (loop0): Quotacheck: Done.
[  222.274424][T10219] openvswitch: netlink: IP tunnel dst address not specified
[  222.550345][   T96] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  222.598903][   T96] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  223.152492][ T5851] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  223.318555][T10234] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1752'.
[  223.925509][T10246] loop3: detected capacity change from 0 to 512
[  223.933061][T10246] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  223.938529][T10246] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  223.950121][T10246] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  223.953999][T10246] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  223.957039][T10246] System zones: 0-2, 18-18, 34-34
[  223.966655][T10246] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1757: iget: bad i_size value: 360287970189639680
[  223.974436][T10246] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1757: couldn't read orphan inode 15 (err -117)
[  223.982134][T10246] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.080945][T10251] EXT4-fs error (device loop3): ext4_find_dest_de:2052: inode #2: block 3: comm syz.3.1757: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  224.289996][ T8562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.652599][T10276] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1769'.
[  224.656425][T10276] unsupported nlmsg_type 40
[  224.948196][   T96] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  225.219054][   T96] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.241131][   T96] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.244870][   T96] usb 1-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  225.257158][   T96] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.270899][   T96] usb 1-1: config 0 descriptor??
[  225.567714][   T96] usbhid 1-1:0.0: can't add hid device: -71
[  225.579640][   T96] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  225.584479][   T96] usb 1-1: USB disconnect, device number 17
[  225.706655][T10290] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  225.745073][T10292] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1775'.
[  225.775924][T10292] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1775'.
[  225.803454][T10296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1777'.
[  226.353898][T10316] loop3: detected capacity change from 0 to 32768
[  226.370959][T10316] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  226.412696][ T8562] (syz-executor,8562,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  226.677481][ T8562] ocfs2: Unmounting device (7,3) on (node local)
[  226.745681][ T5901] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.750149][ T5901] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.833797][ T5901] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.836987][ T5901] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.916031][ T5901] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.925229][ T5901] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.010954][ T5901] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  227.014854][ T5901] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.121727][ T5901] bridge_slave_1: left allmulticast mode
[  227.124183][ T5901] bridge_slave_1: left promiscuous mode
[  227.126929][ T5901] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.135559][ T5901] bridge_slave_0: left allmulticast mode
[  227.137574][ T5901] bridge_slave_0: left promiscuous mode
[  227.143256][ T5901] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.194268][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  227.200626][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  227.218606][ T5849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  227.242687][ T5849] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  227.251979][ T5849] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  227.358272][   T10] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  227.550390][   T10] usb 1-1: config 0 has an invalid interface number: 113 but max is 0
[  227.553885][   T10] usb 1-1: config 0 has no interface number 0
[  227.574403][   T10] usb 1-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=98.2a
[  227.580459][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.584042][   T10] usb 1-1: Product: syz
[  227.585925][   T10] usb 1-1: Manufacturer: syz
[  227.587910][   T10] usb 1-1: SerialNumber: syz
[  227.596608][   T10] usb 1-1: config 0 descriptor??
[  227.611543][ T5901] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.617519][ T5901] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.622794][ T5901] bond0 (unregistering): Released all slaves
[  227.811435][   T10] snd_usb_variax 1-1:0.113: Line 6 Variax Workbench found
[  227.814235][   T10] usb 1-1: selecting invalid altsetting 1
[  227.816481][   T10] snd_usb_variax 1-1:0.113: set_interface failed
[  227.821838][   T10] snd_usb_variax 1-1:0.113: Line 6 Variax Workbench now disconnected
[  227.825175][   T10] snd_usb_variax 1-1:0.113: probe with driver snd_usb_variax failed with error -22
[  227.831877][   T10] usb 1-1: USB disconnect, device number 18
[  227.986473][ T5901] hsr_slave_0: left promiscuous mode
[  227.992699][ T5901] hsr_slave_1: left promiscuous mode
[  227.995548][ T5901] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  227.998793][ T5901] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.002474][ T5901] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.005521][ T5901] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.037852][ T5901] veth1_macvtap: left promiscuous mode
[  228.040856][ T5901] veth0_macvtap: left promiscuous mode
[  228.043191][ T5901] veth1_vlan: left promiscuous mode
[  228.636229][ T5901] team0 (unregistering): Port device team_slave_1 removed
[  228.679931][ T5901] team0 (unregistering): Port device team_slave_0 removed
[  229.187355][T10330] chnl_net:caif_netlink_parms(): no params data found
[  229.343234][ T5849] Bluetooth: hci0: command tx timeout
[  229.394361][T10330] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.396910][T10330] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.470183][T10330] bridge_slave_0: entered allmulticast mode
[  229.473952][T10330] bridge_slave_0: entered promiscuous mode
[  229.493207][T10330] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.495679][T10330] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.501973][T10330] bridge_slave_1: entered allmulticast mode
[  229.505310][T10330] bridge_slave_1: entered promiscuous mode
[  229.554286][T10330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  229.561354][T10330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  229.681719][T10367] loop0: detected capacity change from 0 to 1024
[  229.924563][T10330] team0: Port device team_slave_0 added
[  229.935921][T10330] team0: Port device team_slave_1 added
[  229.996924][T10330] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.000859][T10330] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.013725][T10330] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.025778][T10330] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.030125][T10330] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.040890][T10330] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.101180][T10330] hsr_slave_0: entered promiscuous mode
[  230.104402][T10330] hsr_slave_1: entered promiscuous mode
[  230.107381][T10330] debugfs: 'hsr0' already exists in 'hsr'
[  230.113798][T10330] Cannot create hsr debugfs directory
[  230.312709][ T5963] hfsplus: b-tree write err: -5, ino 8
[  230.389539][T10377] overlayfs: failed to clone upperpath
[  230.492655][T10330] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  230.510737][T10330] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  230.521024][T10330] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  230.532620][T10330] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  230.636927][T10330] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.659939][T10330] 8021q: adding VLAN 0 to HW filter on device team0
[  230.670810][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.673631][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.728769][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.731121][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.850115][T10404] netlink: 'syz.0.1821': attribute type 21 has an invalid length.
[  230.852625][T10404] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1821'.
[  230.979062][T10330] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.034426][T10421] loop0: detected capacity change from 0 to 1024
[  231.064472][ T5963] hfsplus: b-tree write err: -5, ino 4
[  231.081311][T10424] netlink: 'syz.1.1828': attribute type 64 has an invalid length.
[  231.083842][T10424] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1828'.
[  231.100192][T10424] netlink: 'syz.1.1828': attribute type 64 has an invalid length.
[  231.103421][T10424] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1828'.
[  231.182399][T10330] veth0_vlan: entered promiscuous mode
[  231.193855][T10330] veth1_vlan: entered promiscuous mode
[  231.223524][T10433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1831'.
[  231.245854][T10330] veth0_macvtap: entered promiscuous mode
[  231.252473][T10330] veth1_macvtap: entered promiscuous mode
[  231.265872][T10330] batman_adv: batadv0: Interface activated: batadv_slave_0
[  231.276783][T10330] batman_adv: batadv0: Interface activated: batadv_slave_1
[  231.286093][ T5901] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.292683][ T5901] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.313026][ T5901] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.323203][ T5901] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.420829][ T5849] Bluetooth: hci0: command tx timeout
[  231.433820][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.436787][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.479751][T10427] loop0: detected capacity change from 0 to 40427
[  231.497743][T10427] F2FS-fs (loop0): build fault injection rate: 14
[  231.504949][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.510810][T10427] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  231.515402][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.522522][T10427] F2FS-fs (loop0): invalid crc value
[  231.547783][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  231.565199][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  231.634346][T10427] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  231.637863][T10427] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  231.650625][T10427] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  231.737915][T10454] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1840'.
[  232.156603][T10460] loop4: detected capacity change from 0 to 32768
[  232.173034][T10460] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1843 (10460)
[  232.187498][T10478] nbd_handle_cmd: 2 callbacks suppressed
[  232.187539][T10478] block nbd0: Attempted send on invalid socket
[  232.195934][T10478] blk_print_req_error: 2 callbacks suppressed
[  232.195959][T10478] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  232.202967][T10478] efs: cannot read volume header
[  232.346713][T10460] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  232.357819][T10460] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  232.768235][T10460] BTRFS info (device loop4): enabling ssd optimizations
[  232.774292][T10460] BTRFS info (device loop4): enabling free space tree
[  232.893728][T10330] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  233.500659][ T5849] Bluetooth: hci0: command tx timeout
[  233.803144][T10529] loop0: detected capacity change from 0 to 512
[  233.821134][T10529] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.1865: corrupted in-inode xattr: overlapping e_value 
[  233.838183][T10529] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1865: couldn't read orphan inode 15 (err -117)
[  233.845766][T10529] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.282565][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.560710][   T24] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  234.709288][   T24] usb 1-1: Using ep0 maxpacket: 16
[  234.719708][   T24] usb 1-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  234.719782][T10550] loop4: detected capacity change from 0 to 8
[  234.719807][   T24] usb 1-1: config 1 interface 0 has no altsetting 0
[  234.729353][T10550] SQUASHFS error: zlib decompression failed, data probably corrupt
[  234.733499][T10550] SQUASHFS error: Failed to read block 0x9b: -5
[  234.733637][   T24] usb 1-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice= 0.40
[  234.736118][T10550] SQUASHFS error: Unable to read metadata cache entry [99]
[  234.743766][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.745371][T10550] SQUASHFS error: Unable to read inode 0x104
[  234.746923][   T24] usb 1-1: Product: syz
[  234.758189][   T24] usb 1-1: Manufacturer: syz
[  234.760305][   T24] usb 1-1: SerialNumber: syz
[  234.974797][   T24] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input8
[  234.999315][   T24] usb 1-1: USB disconnect, device number 19
[  235.023759][   T10] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  235.191704][   T10] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  235.194974][   T10] usb 5-1: config 0 has no interface number 0
[  235.197636][   T10] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  235.202029][   T10] usb 5-1: config 0 interface 2 altsetting 2 has an endpoint descriptor with address 0x6D, changing to 0xD
[  235.206587][   T10] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0xD has invalid maxpacket 14309, setting to 64
[  235.212674][   T10] usb 5-1: config 0 interface 2 has no altsetting 0
[  235.220608][   T10] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  235.224397][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.227579][   T10] usb 5-1: Product: syz
[  235.231608][   T10] usb 5-1: Manufacturer: syz
[  235.233774][   T10] usb 5-1: SerialNumber: syz
[  235.238214][   T10] usb 5-1: config 0 descriptor??
[  235.241191][T10550] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  235.244100][T10550] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  235.452569][   T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  235.456872][   T10] usb 5-1: invalid MIDI in EP 0
[  235.501744][   T10] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -22
[  235.507545][   T10] usb 5-1: USB disconnect, device number 2
[  235.578207][ T5849] Bluetooth: hci0: command tx timeout
[  236.008901][T10582] ptrace attach of "/syz-executor exec"[10330] was attempted by "\x22"[10582]
[  236.125696][T10590] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1303
[  236.145459][T10592] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1895'.
[  236.217634][T10598] netlink: 'syz.1.1898': attribute type 11 has an invalid length.
[  236.329888][T10605] loop0: detected capacity change from 0 to 128
[  236.333725][T10605] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  236.353322][T10606] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  236.361446][T10605] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  236.440115][T10606] macvtap1: entered promiscuous mode
[  236.455663][T10606] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  236.831499][T10609] loop4: detected capacity change from 0 to 1764
[  236.835743][T10609] iso9660: Unknown parameter 'u'
[  236.854060][T10609] IPVS: fo: FWM 3 0x00000003 - no destination available
[  236.922217][   T96] IPVS: starting estimator thread 0...
[  237.231663][T10611] IPVS: using max 63 ests per chain, 151200 per kthread
[  237.251997][   T34] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  237.278700][T10613] loop4: detected capacity change from 0 to 128
[  237.307425][T10617] fuse: Bad value for 'fd'
[  237.309279][T10615] loop0: detected capacity change from 0 to 128
[  237.309949][T10615] vfat: Unknown parameter '0xffffffffffffffff01777777777777777777777'
[  237.370649][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.370649][   T34] loop4: rw=1, sector=145, nr_sectors = 16 limit=128
[  237.376300][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.376300][   T34] loop4: rw=1, sector=169, nr_sectors = 8 limit=128
[  237.421224][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.421224][   T34] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[  237.448457][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.448457][   T34] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[  237.480669][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.480669][   T34] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[  237.486049][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.486049][   T34] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[  237.533060][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.533060][   T34] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[  237.541478][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.541478][   T34] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[  237.547618][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.547618][   T34] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[  237.564977][   T34] kworker/u9:1: attempt to access beyond end of device
[  237.564977][   T34] loop4: rw=1, sector=297, nr_sectors = 8 limit=128
[  237.674572][T10626] input: syz0 as /devices/virtual/input/input9
[  238.581919][T10636] loop0: detected capacity change from 0 to 512
[  238.936883][T10646] netlink: 'syz.4.1915': attribute type 9 has an invalid length.
[  239.107913][T10654] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  239.193110][T10662] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  239.825846][T10682] netlink: 212264 bytes leftover after parsing attributes in process `syz.4.1932'.
[  240.195561][T10705] loop4: detected capacity change from 0 to 256
[  240.215394][T10705] FAT-fs (loop4): Directory bread(block 64) failed
[  240.218447][T10705] FAT-fs (loop4): Directory bread(block 65) failed
[  240.221120][T10705] FAT-fs (loop4): Directory bread(block 66) failed
[  240.224234][T10705] FAT-fs (loop4): Directory bread(block 67) failed
[  240.227233][T10705] FAT-fs (loop4): Directory bread(block 68) failed
[  240.236227][T10705] FAT-fs (loop4): Directory bread(block 69) failed
[  240.239036][T10705] FAT-fs (loop4): Directory bread(block 70) failed
[  240.241623][T10705] FAT-fs (loop4): Directory bread(block 71) failed
[  240.244257][T10705] FAT-fs (loop4): Directory bread(block 72) failed
[  240.260995][T10705] FAT-fs (loop4): Directory bread(block 73) failed
[  240.502453][T10721] loop4: detected capacity change from 0 to 4096
[  240.506462][T10721] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  240.535902][T10721] ntfs3(loop4): ino=1a, mi_enum_attr
[  240.538900][T10721] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  240.635307][T10730] netlink: 'syz.1.1956': attribute type 5 has an invalid length.
[  241.035705][T10732] loop0: detected capacity change from 0 to 40427
[  241.039900][T10732] F2FS-fs (loop0): build fault injection rate: 771
[  241.044394][T10732] F2FS-fs (loop0): invalid crc value
[  241.113558][T10732] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  241.119052][T10732] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  241.144981][   T33] audit: type=1800 audit(1758278409.603:51): pid=10732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1957" name="file1" dev="loop0" ino=10 res=0 errno=0
[  241.183123][ T5851] CPU: 1 UID: 0 PID: 5851 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  241.183149][ T5851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  241.183160][ T5851] Call Trace:
[  241.183167][ T5851]  <TASK>
[  241.183175][ T5851]  dump_stack_lvl+0x189/0x250
[  241.183202][ T5851]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.183219][ T5851]  ? __pfx_queue_work_on+0x10/0x10
[  241.183232][ T5851]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  241.183254][ T5851]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  241.183285][ T5851]  f2fs_handle_critical_error+0x37c/0x540
[  241.183312][ T5851]  f2fs_write_end_io+0x886/0xb60
[  241.183343][ T5851]  __submit_merged_bio+0x27a/0x6a0
[  241.183365][ T5851]  __submit_merged_write_cond+0x255/0x530
[  241.183389][ T5851]  f2fs_write_data_pages+0x261d/0x3000
[  241.183426][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  241.183528][ T5851]  ? folios_put_refs+0x559/0x640
[  241.183555][ T5851]  ? __lock_acquire+0xab9/0xd20
[  241.183583][ T5851]  ? do_raw_spin_lock+0x121/0x290
[  241.183607][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[  241.183623][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  241.183637][ T5851]  do_writepages+0x32e/0x550
[  241.183665][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[  241.183685][ T5851]  filemap_fdatawrite+0x199/0x240
[  241.183704][ T5851]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  241.183764][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[  241.183783][ T5851]  f2fs_sync_dirty_inodes+0x31f/0x830
[  241.183819][ T5851]  f2fs_write_checkpoint+0x95a/0x1df0
[  241.183856][ T5851]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  241.183903][ T5851]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  241.183916][ T5851]  ? kfree+0x18e/0x440
[  241.183934][ T5851]  ? kill_f2fs_super+0x298/0x6c0
[  241.183955][ T5851]  kill_f2fs_super+0x2c3/0x6c0
[  241.183975][ T5851]  ? __pfx_kill_f2fs_super+0x10/0x10
[  241.183986][ T5851]  ? radix_tree_delete_item+0x2b6/0x400
[  241.184014][ T5851]  ? shrinker_free+0x2ce/0x3e0
[  241.184031][ T5851]  deactivate_locked_super+0xbc/0x130
[  241.184051][ T5851]  cleanup_mnt+0x425/0x4c0
[  241.184066][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.184082][ T5851]  task_work_run+0x1d4/0x260
[  241.184103][ T5851]  ? __pfx_task_work_run+0x10/0x10
[  241.184118][ T5851]  ? __x64_sys_umount+0x122/0x160
[  241.184140][ T5851]  ? exit_to_user_mode_loop+0x40/0x110
[  241.184163][ T5851]  exit_to_user_mode_loop+0xec/0x110
[  241.184182][ T5851]  do_syscall_64+0x2bd/0x3b0
[  241.184195][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.184207][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.184221][ T5851]  ? exc_page_fault+0x9f/0xf0
[  241.184236][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.184248][ T5851] RIP: 0033:0x7f0894b8fed7
[  241.184263][ T5851] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  241.184274][ T5851] RSP: 002b:00007ffe4f240f08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  241.184290][ T5851] RAX: 0000000000000000 RBX: 00007f0894c11c05 RCX: 00007f0894b8fed7
[  241.184299][ T5851] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe4f240fc0
[  241.184306][ T5851] RBP: 00007ffe4f240fc0 R08: 0000000000000000 R09: 0000000000000000
[  241.184314][ T5851] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe4f242050
[  241.184323][ T5851] R13: 00007f0894c11c05 R14: 000000000003ad9f R15: 00007ffe4f242090
[  241.184349][ T5851]  </TASK>
[  241.198272][ T5851] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  241.607433][T10765] loop0: detected capacity change from 0 to 4096
[  241.611969][T10765] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  241.617132][T10765] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  241.626125][T10765] ntfs3(loop0): volume is dirty and "force" flag is not set!
[  242.526957][T10791] fuse: Bad value for 'fd'
[  242.743643][T10789] loop0: detected capacity change from 0 to 32768
[  242.747602][T10789] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1983 (10789)
[  242.758460][T10789] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  242.762306][T10789] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  242.804709][T10789] BTRFS info (device loop0): enabling ssd optimizations
[  242.807637][T10789] BTRFS info (device loop0): enabling free space tree
[  242.895556][ T5851] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  243.264596][T10830] netlink: 'syz.1.1994': attribute type 12 has an invalid length.
[  243.267498][T10830] netlink: 'syz.1.1994': attribute type 29 has an invalid length.
[  243.273313][T10830] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1994'.
[  243.276978][T10830] netlink: 'syz.1.1994': attribute type 2 has an invalid length.
[  243.280416][T10830] netlink: 'syz.1.1994': attribute type 3 has an invalid length.
[  243.428207][   T24] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  243.588265][   T24] usb 1-1: New USB device found, idVendor=1235, idProduct=000e, bcdDevice=f0.ee
[  243.591264][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.612517][   T24] usb 1-1: config 0 descriptor??
[  243.618120][   T33] audit: type=1800 audit(1758278412.073:52): pid=10845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2001" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  243.626479][   T24] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  243.648319][   T24] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -2
[  243.780518][T10850] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  243.784091][T10850] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  243.827697][ T5900] usb 1-1: USB disconnect, device number 20
[  244.367694][T10860] netlink: 'syz.0.2009': attribute type 29 has an invalid length.
[  244.374158][T10860] netlink: 'syz.0.2009': attribute type 29 has an invalid length.
[  244.686931][T10873] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  244.690572][   T24] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  244.856495][   T24] usb 1-1: config index 0 descriptor too short (expected 63186, got 210)
[  244.860138][   T24] usb 1-1: config 0 has an invalid interface number: 106 but max is 0
[  244.863298][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  244.867269][   T24] usb 1-1: config 0 has no interface number 0
[  244.870002][   T24] usb 1-1: config 0 interface 106 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  244.873823][   T24] usb 1-1: config 0 interface 106 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  244.882433][   T24] usb 1-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  244.887367][   T24] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  244.891441][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.896692][   T24] usb 1-1: config 0 descriptor??
[  244.928580][   T24] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  245.109358][ T5901] usb 1-1: Failed to submit usb control message: -71
[  245.112172][ T5901] usb 1-1: unable to send the bmi data to the device: -71
[  245.114467][ T5901] usb 1-1: unable to get target info from device
[  245.116785][ T5900] usb 1-1: USB disconnect, device number 21
[  245.120231][ T5901] usb 1-1: could not get target info (-71)
[  245.123226][ T5901] usb 1-1: could not probe fw (-71)
[  245.908885][   T24] usb 1-1: new low-speed USB device number 22 using dummy_hcd
[  246.060245][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  246.064540][   T24] usb 1-1: config 1 interface 0 altsetting 7 endpoint 0x81 has invalid maxpacket 1024, setting to 8
[  246.070828][   T24] usb 1-1: config 1 interface 0 altsetting 7 endpoint 0x82 is Bulk; changing to Interrupt
[  246.074764][   T24] usb 1-1: config 1 interface 0 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  246.081362][   T24] usb 1-1: config 1 interface 0 has no altsetting 0
[  246.143377][   T24] usb 1-1: string descriptor 0 read error: -22
[  246.145317][   T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  246.155410][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.165311][T10898] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  246.167634][T10911] netlink: 45 bytes leftover after parsing attributes in process `syz.1.2030'.
[  246.169350][T10898] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  246.176725][T10898] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  246.184645][   T24] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  246.378836][T10917] overlayfs: failed to clone upperpath
[  246.665433][   T24] usb 1-1: USB disconnect, device number 22
[  247.221463][T10938] pim6reg: entered allmulticast mode
[  247.385117][T10949] gtp0: entered promiscuous mode
[  247.447865][T10953] loop0: detected capacity change from 0 to 2048
[  247.456512][T10953] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  247.469915][   T33] audit: type=1800 audit(1758278415.933:53): pid=10953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2051" name="bus" dev="loop0" ino=1436 res=0 errno=0
[  247.479172][   T33] audit: type=1800 audit(1758278415.933:54): pid=10953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2051" name="file1" dev="loop0" ino=1415 res=0 errno=0
[  247.576125][T10965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2054'.
[  247.782429][T10980] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.824158][T10985] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2063'.
[  247.827367][T10985] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2063'.
[  247.831487][T10985] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2063'.
[  247.835802][T10985] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2063'.
[  247.839914][T10985] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2063'.
[  247.950276][T10978] loop0: detected capacity change from 0 to 32768
[  248.886373][T11033] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2087'.
[  249.230533][T11055] veth1_to_bond: entered allmulticast mode
[  249.240569][T11055] veth1_to_bond: left allmulticast mode
[  249.294345][T11061] loop0: detected capacity change from 0 to 2048
[  249.312192][T11061] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  249.317478][T11064] overlayfs: failed to clone upperpath
[  249.331323][T11065] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  249.376945][T11061] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952
[  249.380640][T11061] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  249.392275][T11061] Remounting filesystem read-only
[  249.393891][T11061] NILFS (loop0): error -5 truncating bmap (ino=15)
[  249.423400][ T5851] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  249.624163][T11085] loop0: detected capacity change from 0 to 256
[  249.654720][T11085] FAT-fs (loop0): Directory bread(block 64) failed
[  249.657275][T11085] FAT-fs (loop0): Directory bread(block 65) failed
[  249.668440][T11085] FAT-fs (loop0): Directory bread(block 66) failed
[  249.671066][T11085] FAT-fs (loop0): Directory bread(block 67) failed
[  249.673667][T11085] FAT-fs (loop0): Directory bread(block 68) failed
[  249.682672][T11085] FAT-fs (loop0): Directory bread(block 69) failed
[  249.685285][T11085] FAT-fs (loop0): Directory bread(block 70) failed
[  249.698256][T11085] FAT-fs (loop0): Directory bread(block 71) failed
[  249.700888][T11085] FAT-fs (loop0): Directory bread(block 72) failed
[  249.703380][T11085] FAT-fs (loop0): Directory bread(block 73) failed
[  249.733503][T11089] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2113'.
[  250.320064][T11114] loop0: detected capacity change from 0 to 32768
[  250.332804][T11114] jfs_strtoUCS: char2uni returned -22.
[  250.336938][T11114] charset = cp936, char = 0xe9
[  250.551239][   T33] audit: type=1326 audit(1758278419.013:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11123 comm="syz.0.2130" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0894b8eba9 code=0x7ffc0000
[  250.569426][   T33] audit: type=1326 audit(1758278419.013:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11123 comm="syz.0.2130" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0894b8eba9 code=0x7ffc0000
[  250.598249][   T33] audit: type=1326 audit(1758278419.033:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11123 comm="syz.0.2130" exe="/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f0894b8eba9 code=0x7ffc0000
[  250.606681][   T33] audit: type=1326 audit(1758278419.033:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11123 comm="syz.0.2130" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0894b8eba9 code=0x7ffc0000
[  250.633609][   T33] audit: type=1326 audit(1758278419.033:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11123 comm="syz.0.2130" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0894b8eba9 code=0x7ffc0000
[  250.943029][T11150] loop0: detected capacity change from 0 to 2048
[  250.954438][T11150] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  250.960892][T11150] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  251.143366][T11157] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2146'.
[  251.882810][T11179] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2156'.
[  252.314291][T11201] loop0: detected capacity change from 0 to 64
[  252.329022][T11201] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  253.000436][   T96] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  253.158261][   T96] usb 1-1: Using ep0 maxpacket: 32
[  253.168487][   T96] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  253.196974][   T96] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.217754][   T96] usb 1-1: config 0 descriptor??
[  253.227032][   T96] gspca_main: nw80x-2.14.0 probing 055f:d001
[  253.865335][   T96] gspca_nw80x: reg_r err -71
[  253.867319][   T96] nw80x 1-1:0.0: probe with driver nw80x failed with error -71
[  253.967287][   T96] usb 1-1: USB disconnect, device number 23
[  254.299872][T11263] vcan0: tx drop: invalid da for name 0x00000000000000c7
[  254.430714][T11273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2201'.
[  254.435784][T11273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2201'.
[  255.741266][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  255.743776][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  255.891883][T11303] loop0: detected capacity change from 0 to 512
[  255.934371][T11303] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.939216][T11303] ext4 filesystem being mounted at /679/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.981058][T11303] EXT4-fs error (device loop0): ext4_get_first_dir_block:3529: inode #12: comm syz.0.2213: Directory hole found for htree leaf block 0
[  256.015020][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.165663][T11319] netlink: 10 bytes leftover after parsing attributes in process `syz.4.2219'.
[  256.202776][T11321] loop0: detected capacity change from 0 to 128
[  256.334895][T11325] netlink: 'syz.4.2222': attribute type 2 has an invalid length.
[  256.338367][T11325] netlink: 'syz.4.2222': attribute type 11 has an invalid length.
[  256.341647][T11325] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2222'.
[  257.227348][T11366] xt_socket: unknown flags 0xe4
[  257.413367][T11376] bond3: entered allmulticast mode
[  257.415441][T11376] 8021q: adding VLAN 0 to HW filter on device bond3
[  257.661729][   T33] audit: type=1326 audit(1758278426.123:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  257.688105][   T33] audit: type=1326 audit(1758278426.123:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  257.696956][   T33] audit: type=1326 audit(1758278426.143:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  257.715923][   T33] audit: type=1326 audit(1758278426.143:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f547fb8ebe3 code=0x7ffc0000
[  257.736262][   T33] audit: type=1326 audit(1758278426.143:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f547fb8d65f code=0x7ffc0000
[  257.750625][   T33] audit: type=1326 audit(1758278426.143:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f547fb8ec37 code=0x7ffc0000
[  257.760794][   T33] audit: type=1326 audit(1758278426.183:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f547fb8d510 code=0x7ffc0000
[  257.770806][   T33] audit: type=1326 audit(1758278426.183:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f547fb8d80a code=0x7ffc0000
[  257.782393][   T33] audit: type=1326 audit(1758278426.183:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  257.792051][   T33] audit: type=1326 audit(1758278426.183:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11394 comm="syz.1.2252" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  258.147361][T11411] loop0: detected capacity change from 0 to 32768
[  258.152715][T11411] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2259 (11411)
[  258.160860][T11411] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  258.164890][T11411] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  258.200042][T11411] BTRFS info (device loop0): enabling ssd optimizations
[  258.202693][T11411] BTRFS info (device loop0): enabling free space tree
[  258.270853][ T5851] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  258.680665][T11457] loop0: detected capacity change from 0 to 4096
[  258.683981][T11457] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  258.687628][T11457] ntfs3(loop0): ino=2, mi_enum_attr
[  258.689972][T11457] ntfs3(loop0): Failed to load $LogFile (-22).
[  258.988296][   T96] usb 1-1: new full-speed USB device number 24 using dummy_hcd
[  259.140359][   T96] usb 1-1: config 0 has no interfaces?
[  259.143549][   T96] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  259.147258][   T96] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  259.151110][   T96] usb 1-1: Manufacturer: syz
[  259.155652][   T96] usb 1-1: config 0 descriptor??
[  259.363782][   T10] usb 1-1: USB disconnect, device number 24
[  260.292571][T11503] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2294'.
[  260.337008][T11507] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2296'.
[  260.342074][T11507] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2296'.
[  260.352752][T11507] erspan0: entered promiscuous mode
[  260.355317][T11507] gretap0: entered promiscuous mode
[  261.763573][T11541] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2310'.
[  262.664309][T11555] loop0: detected capacity change from 0 to 64
[  262.740933][T11559] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  262.894011][T11565] U9: renamed from lo (while UP)
[  262.939393][T11570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2324'.
[  263.058243][T11578] loop0: detected capacity change from 0 to 4096
[  266.569442][ T5849] Bluetooth: hci2: command 0x0406 tx timeout
[  267.289162][T11645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2355'.
[  267.294212][T11645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2355'.
[  267.299130][T11645] netlink: 'syz.0.2355': attribute type 18 has an invalid length.
[  267.302191][T11645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2355'.
[  268.888491][T11677] loop0: detected capacity change from 0 to 40427
[  268.892115][T11677] F2FS-fs (loop0): Fix alignment : internally, start(4096) end(16896) block(12288)
[  268.895311][T11677] F2FS-fs (loop0): Image doesn't support compression
[  268.898597][T11677] F2FS-fs (loop0): invalid crc value
[  268.988093][T11677] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  268.996821][T11677] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  269.631890][T11703] overlayfs: failed to clone upperpath
[  270.134693][T11709] netlink: 'syz.4.2382': attribute type 21 has an invalid length.
[  270.138080][T11709] netlink: 'syz.4.2382': attribute type 6 has an invalid length.
[  270.141404][T11709] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2382'.
[  270.146593][T11709] netlink: 'syz.4.2382': attribute type 21 has an invalid length.
[  270.149851][T11709] netlink: 'syz.4.2382': attribute type 6 has an invalid length.
[  270.155458][T11709] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2382'.
[  270.498612][T11723] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  272.182303][ T5900] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  272.357204][ T5900] usb 1-1: unable to get BOS descriptor or descriptor too short
[  272.365133][ T5900] usb 1-1: not running at top speed; connect to a high speed hub
[  272.369498][ T5900] usb 1-1: config 4 has an invalid interface number: 111 but max is 0
[  272.376054][ T5900] usb 1-1: config 4 has no interface number 0
[  272.378542][ T5900] usb 1-1: config 4 interface 111 has no altsetting 0
[  272.384367][ T5900] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  272.388672][ T5900] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.391852][ T5900] usb 1-1: Product: syz
[  272.393989][ T5900] usb 1-1: Manufacturer: syz
[  272.396682][ T5900] usb 1-1: SerialNumber: syz
[  272.629850][ T5900] pvrusb2: Hardware description: Terratec Grabster AV400
[  272.642518][ T5900] pvrusb2: **********
[  272.644263][ T5900] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  272.648103][ T5900] pvrusb2: Important functionality might not be entirely working.
[  272.650692][ T5900] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  272.663608][ T5900] pvrusb2: **********
[  272.666402][ T5900] usb 1-1: selecting invalid altsetting 0
[  272.672541][ T5900] usb 1-1: USB disconnect, device number 25
[  272.676120][ T5900] pvrusb2: Device being rendered inoperable
[  272.857704][ T3574] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.860704][ T3574] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.959957][T11790] netlink: 'syz.1.2419': attribute type 21 has an invalid length.
[  272.963597][T11790] netlink: 'syz.1.2419': attribute type 1 has an invalid length.
[  272.968371][T11790] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2419'.
[  273.633639][T11812] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2430'.
[  273.638089][T11802] loop0: detected capacity change from 0 to 32768
[  273.641642][T11802] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2425 (11802)
[  273.648974][T11802] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  273.652808][T11802] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  273.724399][T11802] BTRFS info (device loop0): enabling ssd optimizations
[  273.727225][T11802] BTRFS info (device loop0): enabling free space tree
[  273.857773][ T5851] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  274.213892][T11837] loop0: detected capacity change from 0 to 4096
[  274.224335][T11837] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  274.576539][T11847] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2440'.
[  274.587998][T11847] netlink: zone id is out of range
[  274.590001][T11847] netlink: zone id is out of range
[  274.593322][T11847] netlink: zone id is out of range
[  274.595357][T11847] netlink: zone id is out of range
[  274.597274][T11847] netlink: zone id is out of range
[  274.616902][T11847] netlink: zone id is out of range
[  274.618933][T11847] netlink: zone id is out of range
[  274.622837][T11847] netlink: zone id is out of range
[  274.624808][T11847] netlink: zone id is out of range
[  274.787550][T11839] loop0: detected capacity change from 0 to 40427
[  274.796363][T11839] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  274.799881][T11839] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  274.811482][T11839] F2FS-fs (loop0): invalid crc value
[  274.903911][T11839] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  274.911145][T11839] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  274.913944][T11839] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  275.911633][T11870] loop0: detected capacity change from 0 to 32768
[  275.938731][T11870] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  275.990985][T11870] XFS (loop0): Ending clean mount
[  276.023932][ T5851] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  276.219553][T11886] option changes via remount are deprecated (pid=11885 comm=syz.0.2451)
[  276.301312][T11889] input: syz0 as /devices/virtual/input/input10
[  276.610062][   T96] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  276.782949][   T96] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  276.786213][   T96] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  276.789719][   T96] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  276.794104][   T96] usb 1-1: config 220 has no interface number 2
[  276.796822][   T96] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  276.802051][   T96] usb 1-1: config 220 interface 0 has no altsetting 0
[  276.804880][   T96] usb 1-1: config 220 interface 76 has no altsetting 0
[  276.807607][   T96] usb 1-1: config 220 interface 1 has no altsetting 0
[  276.813083][   T96] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  276.816531][   T96] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.819542][   T96] usb 1-1: Product: syz
[  276.821199][   T96] usb 1-1: Manufacturer: syz
[  276.823247][   T96] usb 1-1: SerialNumber: syz
[  277.052937][   T96] usb 1-1: selecting invalid altsetting 0
[  277.055578][   T96] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  277.058216][   T96] usb 1-1: No valid video chain found.
[  277.079697][   T96] usb 1-1: selecting invalid altsetting 0
[  277.082119][   T96] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  277.088444][   T96] usb 1-1: USB disconnect, device number 26
[  277.688158][T11944] mmap: syz.4.2476 (11944) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  278.270037][T11955] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2483'.
[  278.273722][T11955] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2483'.
[  278.619661][T11967] loop0: detected capacity change from 0 to 760
[  278.632209][T11967] isofs_fill_super: root inode is not a directory. Corrupted media?
[  278.764885][   T33] audit: type=1326 audit(1758278446.224:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11980 comm="syz.4.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cce58eba9 code=0x7ffc0000
[  278.784909][   T33] audit: type=1326 audit(1758278446.234:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11980 comm="syz.4.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cce58eba9 code=0x7ffc0000
[  278.796883][   T33] audit: type=1326 audit(1758278446.243:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11980 comm="syz.4.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f3cce58eba9 code=0x7ffc0000
[  278.807023][   T33] audit: type=1326 audit(1758278446.243:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11980 comm="syz.4.2496" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3cce58eba9 code=0x0
[  279.564740][T12012] netlink: 'syz.1.2506': attribute type 4 has an invalid length.
[  280.226063][T12047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2523'.
[  280.232354][ T5900] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  280.386670][T12061] 9pnet_fd: Insufficient options for proto=fd
[  280.405213][ T5900] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  280.408882][ T5900] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.418741][ T5900] usb 1-1: Product: syz
[  280.420384][ T5900] usb 1-1: Manufacturer: syz
[  280.422085][ T5900] usb 1-1: SerialNumber: syz
[  280.451532][ T5900] usb 1-1: config 0 descriptor??
[  280.457933][ T5900] gspca_main: sq905c-2.14.0 probing 2770:9052
[  281.106723][ T5900] gspca_sq905c: sq905c_command: usb_control_msg failed (-71)
[  281.110186][ T5900] sq905c 1-1:0.0: probe with driver sq905c failed with error -71
[  281.116526][ T5900] usb 1-1: USB disconnect, device number 27
[  281.454877][T12112] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2556'.
[  281.689890][T12130] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  281.985630][   T96] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  282.146463][   T96] usb 1-1: too many configurations: 67, using maximum allowed: 8
[  282.163311][   T96] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  282.166395][   T96] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.171185][   T96] usb 1-1: Product: syz
[  282.172879][   T96] usb 1-1: Manufacturer: syz
[  282.174675][   T96] usb 1-1: SerialNumber: syz
[  282.186620][   T96] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  282.227972][ T5899] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  282.569793][T12158] overlayfs: failed to resolve './file0': -2
[  282.673476][T12132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.678608][T12132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.899135][ T5900] usb 1-1: USB disconnect, device number 28
[  283.262477][T12169] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2581'.
[  283.265820][T12169] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2581'.
[  283.268853][T12169] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2581'.
[  283.272263][T12169] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2581'.
[  283.621392][ T5899] usb 1-1: Service connection timeout for: 256
[  283.627429][ T5899] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services
[  283.634851][ T5899] ath9k_htc: Failed to initialize the device
[  283.637588][ T5900] usb 1-1: ath9k_htc: USB layer deinitialized
[  284.821372][T12231] loop0: detected capacity change from 0 to 512
[  284.825602][T12231] EXT4-fs (loop0): Test dummy encryption mode enabled
[  284.828606][T12231] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  284.856412][T12231] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.2609: bad orphan inode 131083
[  284.863747][T12231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.858374][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.948494][   T96] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  286.165590][   T96] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  286.168004][   T96] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  286.220843][   T96] hid-generic 0000:0004:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  287.953460][T12290] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2632'.
[  287.957001][T12290] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2632'.
[  287.971466][T12292] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  288.038322][T12295] netlink: 'syz.4.2634': attribute type 46 has an invalid length.
[  288.163478][T12303] tipc: Started in network mode
[  288.168157][T12303] tipc: Node identity 9a0daefc8aed, cluster identity 4711
[  288.171300][T12303] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  288.176941][T12303] tipc: Disabling bearer <eth:syzkaller0>
[  288.985945][T12331] loop0: detected capacity change from 0 to 65
[  288.993853][T12331] BFS-fs: bfs_fill_super(): NOTE: filesystem loop0 was created with 512 inodes, the real maximum is 511, mounting anyway
[  290.160352][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.169736][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 57277 - 0
[  290.265749][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.269445][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 57277 - 0
[  290.658601][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.662490][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 57277 - 0
[  290.681001][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  290.685637][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  290.692283][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  290.696188][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  290.701742][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  290.744870][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.748816][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 57277 - 0
[  290.890533][   T13] bridge_slave_1: left allmulticast mode
[  290.892897][   T13] bridge_slave_1: left promiscuous mode
[  290.894830][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.898698][   T13] bridge_slave_0: left allmulticast mode
[  290.900852][   T13] bridge_slave_0: left promiscuous mode
[  290.903912][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.919497][   T13] bond_slave_0: left promiscuous mode
[  290.922209][   T13] bond_slave_1: left promiscuous mode
[  291.139448][T12372] ptrace attach of "/syz-executor exec"[10330] was attempted by "/syz-executor exec"[12372]
[  291.423241][   T13] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[  291.430167][   T13] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  291.442149][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.448909][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.453626][   T13] bond0 (unregistering): Released all slaves
[  291.586677][   T13] bond1 (unregistering): Released all slaves
[  291.658739][   T13] tipc: Left network mode
[  291.681757][T12362] chnl_net:caif_netlink_parms(): no params data found
[  291.847643][T12385] netlink: 'syz.4.2673': attribute type 3 has an invalid length.
[  291.852048][T12385] netlink: 'syz.4.2673': attribute type 3 has an invalid length.
[  291.908101][T12362] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.911245][T12362] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.914244][T12362] bridge_slave_0: entered allmulticast mode
[  291.918037][T12362] bridge_slave_0: entered promiscuous mode
[  291.921775][T12362] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.924236][T12362] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.926656][T12362] bridge_slave_1: entered allmulticast mode
[  291.930213][T12362] bridge_slave_1: entered promiscuous mode
[  291.968567][   T13] hsr_slave_0: left promiscuous mode
[  291.973627][   T13] hsr_slave_1: left promiscuous mode
[  291.976050][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  291.978726][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  291.982471][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  291.985153][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  292.000770][   T13] veth1_macvtap: left promiscuous mode
[  292.003286][   T13] veth0_macvtap: left promiscuous mode
[  292.005562][   T13] veth1_vlan: left promiscuous mode
[  292.007469][   T13] veth0_vlan: left promiscuous mode
[  292.578419][   T13] team0 (unregistering): Port device team_slave_1 removed
[  292.629045][   T13] team0 (unregistering): Port device team_slave_0 removed
[  292.937369][ T5849] Bluetooth: hci2: command tx timeout
[  293.112999][T12391] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  293.121716][T12362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  293.138056][T12362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  293.183955][T12362] team0: Port device team_slave_0 added
[  293.188482][T12362] team0: Port device team_slave_1 added
[  293.233289][T12362] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.238978][T12362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.252042][T12362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  293.259612][T12362] batman_adv: batadv0: Adding interface: batadv_slave_1
[  293.262398][T12362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.274776][T12362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  293.364913][T12362] hsr_slave_0: entered promiscuous mode
[  293.368745][T12362] hsr_slave_1: entered promiscuous mode
[  293.672679][T12362] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  293.678912][T12362] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  293.687772][T12362] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  293.694211][T12362] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  293.786284][T12362] 8021q: adding VLAN 0 to HW filter on device bond0
[  293.808879][T12362] 8021q: adding VLAN 0 to HW filter on device team0
[  293.821383][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.824121][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.835635][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.838334][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  294.007896][T12362] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.197134][T12362] veth0_vlan: entered promiscuous mode
[  294.204550][T12362] veth1_vlan: entered promiscuous mode
[  294.239762][T12362] veth0_macvtap: entered promiscuous mode
[  294.245785][T12362] veth1_macvtap: entered promiscuous mode
[  294.264962][T12362] batman_adv: batadv0: Interface activated: batadv_slave_0
[  294.277888][T12362] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.285853][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.294052][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.304729][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.312537][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.409705][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.417996][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.455932][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.459428][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.758821][T12473] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized
[  295.167295][ T5849] Bluetooth: hci2: command tx timeout
[  295.610547][ T5849] Bluetooth: hci0: link tx timeout
[  295.613086][ T5849] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  297.380115][ T5849] Bluetooth: hci2: command tx timeout
[  297.501018][T12548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2740'.
[  297.808037][ T5849] Bluetooth: hci0: command 0x0406 tx timeout
[  298.386243][   T33] audit: type=1326 audit(1758278464.493:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12551 comm="syz.4.2742" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3cce58eba9 code=0x0
[  298.552893][T12564] /dev/nullb0: Can't lookup blockdev
[  298.946110][T12574] netlink: 'syz.1.2753': attribute type 3 has an invalid length.
[  299.604625][   T55] Bluetooth: hci2: command tx timeout
[  299.986491][T12602] netlink: 'syz.4.2765': attribute type 10 has an invalid length.
[  300.007151][T12602] team0: Port device netdevsim0 added
[  300.247634][T12614] netlink: 'syz.5.2771': attribute type 4 has an invalid length.
[  300.262734][T12614] netlink: 'syz.5.2771': attribute type 4 has an invalid length.
[  300.551248][T12618] loop5: detected capacity change from 0 to 32768
[  300.563267][T12618] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  300.576101][   T33] audit: type=1800 audit(1758278466.625:75): pid=12618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2772" name="file1" dev="loop5" ino=17058 res=0 errno=0
[  301.025247][T12634] overlayfs: failed to clone upperpath
[  301.416584][T12362] ocfs2: Unmounting device (7,5) on (node local)
[  302.720342][T12680] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  302.724017][T12680] overlayfs: missing 'lowerdir'
[  303.253176][T12707] overlayfs: missing 'workdir'
[  303.478428][T12723] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2821'.
[  303.507479][T12725] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2822'.
[  304.227919][T12762] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2840'.
[  304.390253][T12772] netlink: 'syz.5.2845': attribute type 3 has an invalid length.
[  304.403754][T12772] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2845'.
[  305.482839][T12803] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2859'.
[  306.381996][T12825] vlan0: entered allmulticast mode
[  306.417477][T12827] futex_wake_op: syz.1.2869 tries to shift op by 32; fix this program
[  306.761662][T12854] netlink: 'syz.5.2882': attribute type 29 has an invalid length.
[  306.765996][T12854] netlink: 'syz.5.2882': attribute type 29 has an invalid length.
[  306.777206][T12854] netlink: 508 bytes leftover after parsing attributes in process `syz.5.2882'.
[  307.361857][T12866] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2887'.
[  307.482122][T12869] loop5: detected capacity change from 0 to 1024
[  307.490665][T12869] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  307.521332][T12869] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2888: Invalid block bitmap block 0 in block_group 0
[  307.532585][T12869] EXT4-fs (loop5): Remounting filesystem read-only
[  307.536376][T12869] Quota error (device loop5): write_blk: dquota write failed
[  307.540379][T12869] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  307.544417][T12869] EXT4-fs (loop5): 1 orphan inode deleted
[  307.548394][T12869] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.709813][T12880] lo: entered allmulticast mode
[  307.794181][    C1] net_ratelimit: 14 callbacks suppressed
[  307.794218][    C1] mroute: pending queue full, dropping entries
[  307.799572][    C1] mroute: pending queue full, dropping entries
[  307.809640][T12880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2892'.
[  307.818625][T12879] lo: left allmulticast mode
[  308.092560][T12891] bridge2: entered allmulticast mode
[  308.283882][T12901] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.287793][T12901] bridge_slave_1: left allmulticast mode
[  308.290142][T12901] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.300876][T12901] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  308.440203][T12909] openvswitch: netlink: Message has 16 unknown bytes.
[  308.506299][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.709604][T12930] netlink: 'syz.1.2914': attribute type 12 has an invalid length.
[  308.712880][T12930] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.2914'.
[  310.517772][T13008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2949'.
[  310.529850][ T6318] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  310.690440][ T6318] usb 6-1: Using ep0 maxpacket: 32
[  310.702828][ T6318] usb 6-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  310.706391][ T6318] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.723974][ T6318] usb 6-1: config 0 descriptor??
[  310.727656][ T6318] gspca_main: nw80x-2.14.0 probing 055f:d001
[  311.067603][T13047] netlink: 'syz.1.2967': attribute type 20 has an invalid length.
[  311.084088][T13049] netlink: 'syz.4.2968': attribute type 3 has an invalid length.
[  311.092778][T13049] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.2968'.
[  311.273411][T13059] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2973'.
[  312.562790][ T6318] gspca_nw80x: reg_w err -71
[  312.568484][ T6318] nw80x 6-1:0.0: probe with driver nw80x failed with error -71
[  312.667359][ T6318] usb 6-1: USB disconnect, device number 2
[  313.183783][T13080] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  313.234676][T13084] netlink: 'syz.5.2982': attribute type 1 has an invalid length.
[  313.279455][T13088] loop5: detected capacity change from 0 to 164
[  313.846765][T13119] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2993'.
[  313.904170][T13119] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  313.910131][T13119] team0: Device ipvlan2 is already an upper device of the team interface
[  315.049051][T13153] raw_sendmsg: syz.1.3012 forgot to set AF_INET. Fix it!
[  317.639910][T13230] loop5: detected capacity change from 0 to 128
[  317.658932][T13230] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  317.663353][T13230] hpfs: filesystem error: improperly stopped
[  317.665874][T13230] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  317.668867][T13230] hpfs: You really don't want any checks? You are crazy...
[  317.674500][T13230] hpfs: hpfs_map_sector(): read error
[  317.676797][T13230] hpfs: code page support is disabled
[  317.680780][T13230] hpfs: hpfs_map_4sectors(): unaligned read
[  317.683540][T13230] hpfs: hpfs_map_4sectors(): unaligned read
[  317.685856][T13230] hpfs: filesystem error: unable to find root dir
[  318.570961][T13270] syz.1.3067: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  318.577243][T13270] CPU: 1 UID: 0 PID: 13270 Comm: syz.1.3067 Not tainted syzkaller #0 PREEMPT(full) 
[  318.577263][T13270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  318.577272][T13270] Call Trace:
[  318.577280][T13270]  <TASK>
[  318.577288][T13270]  dump_stack_lvl+0x189/0x250
[  318.577316][T13270]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.577337][T13270]  ? __pfx__printk+0x10/0x10
[  318.577357][T13270]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  318.577375][T13270]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  318.577395][T13270]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  318.577414][T13270]  warn_alloc+0x214/0x310
[  318.577436][T13270]  ? stack_depot_save_flags+0x40/0x860
[  318.577458][T13270]  ? __pfx_warn_alloc+0x10/0x10
[  318.577482][T13270]  ? kasan_save_track+0x4f/0x80
[  318.577501][T13270]  ? xskq_create+0x56/0x170
[  318.577513][T13270]  ? xsk_init_queue+0xb0/0x110
[  318.577529][T13270]  ? xsk_setsockopt+0x4dc/0x8d0
[  318.577546][T13270]  ? do_sock_setsockopt+0x17c/0x1b0
[  318.577561][T13270]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  318.577575][T13270]  ? do_syscall_64+0xfa/0x3b0
[  318.577590][T13270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.577610][T13270]  __vmalloc_node_range_noprof+0x125/0x12f0
[  318.577650][T13270]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  318.577670][T13270]  ? xskq_create+0x56/0x170
[  318.577685][T13270]  ? __kasan_kmalloc+0x93/0xb0
[  318.577705][T13270]  vmalloc_user_noprof+0xad/0xf0
[  318.577722][T13270]  ? xskq_create+0xbf/0x170
[  318.577732][T13270]  xskq_create+0xbf/0x170
[  318.577745][T13270]  xsk_init_queue+0xb0/0x110
[  318.577765][T13270]  xsk_setsockopt+0x4dc/0x8d0
[  318.577783][T13270]  ? __pfx_xsk_setsockopt+0x10/0x10
[  318.577798][T13270]  ? __pfx_aa_sk_perm+0x10/0x10
[  318.577819][T13270]  ? aa_sock_opt_perm+0xff/0x1b0
[  318.577832][T13270]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  318.577844][T13270]  ? __pfx_xsk_setsockopt+0x10/0x10
[  318.577861][T13270]  do_sock_setsockopt+0x17c/0x1b0
[  318.577879][T13270]  __x64_sys_setsockopt+0x13f/0x1b0
[  318.577900][T13270]  do_syscall_64+0xfa/0x3b0
[  318.577915][T13270]  ? lockdep_hardirqs_on+0x9c/0x150
[  318.577930][T13270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.577941][T13270]  ? exc_page_fault+0x9f/0xf0
[  318.577956][T13270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.577967][T13270] RIP: 0033:0x7f547fb8eba9
[  318.577982][T13270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.577994][T13270] RSP: 002b:00007f5480991038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  318.578011][T13270] RAX: ffffffffffffffda RBX: 00007f547fdd5fa0 RCX: 00007f547fb8eba9
[  318.578022][T13270] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  318.578031][T13270] RBP: 00007f547fc11e19 R08: 0000000000000004 R09: 0000000000000000
[  318.578040][T13270] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  318.578047][T13270] R13: 00007f547fdd6038 R14: 00007f547fdd5fa0 R15: 00007ffdec66ad48
[  318.578068][T13270]  </TASK>
[  318.578074][T13270] Mem-Info:
[  318.578127][T13270] active_anon:30206 inactive_anon:0 isolated_anon:0
[  318.578127][T13270]  active_file:13464 inactive_file:38880 isolated_file:0
[  318.578127][T13270]  unevictable:1768 dirty:311 writeback:0
[  318.578127][T13270]  slab_reclaimable:10669 slab_unreclaimable:54524
[  318.578127][T13270]  mapped:18351 shmem:28305 pagetables:904
[  318.578127][T13270]  sec_pagetables:0 bounce:0
[  318.578127][T13270]  kernel_misc_reclaimable:0
[  318.578127][T13270]  free:244411 free_pcp:23626 free_cma:0
[  318.578206][T13270] Node 0 active_anon:66636kB inactive_anon:0kB active_file:26260kB inactive_file:22320kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:43352kB dirty:1156kB writeback:0kB shmem:61288kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:3872kB pagetables:2156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  318.578246][T13270] Node 1 active_anon:54188kB inactive_anon:0kB active_file:27596kB inactive_file:133200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:30052kB dirty:88kB writeback:0kB shmem:51932kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7704kB pagetables:1460kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  318.578283][T13270] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  318.578319][T13270] lowmem_reserve[]: 0 811 811 811 811
[  318.578348][T13270] Node 0 DMA32 free:290044kB boost:0kB min:33660kB low:42072kB high:50484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:66636kB inactive_anon:0kB active_file:26260kB inactive_file:22320kB unevictable:3536kB writepending:1156kB present:1556484kB managed:830888kB mlocked:0kB bounce:0kB free_pcp:48220kB local_pcp:20224kB free_cma:0kB
[  318.578387][T13270] lowmem_reserve[]: 0 0 0 0 0
[  318.578417][T13270] Node 1 DMA32 free:458616kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  318.578456][T13270] lowmem_reserve[]: 0 0 854 854 854
[  318.578486][T13270] Node 1 Normal free:213624kB boost:0kB min:36612kB low:45764kB high:54916kB reserved_highatomic:0KB free_highatomic:0KB active_anon:54188kB inactive_anon:0kB active_file:27596kB inactive_file:133200kB unevictable:3536kB writepending:88kB present:1048576kB managed:874952kB mlocked:0kB bounce:0kB free_pcp:46284kB local_pcp:28228kB free_cma:0kB
[  318.578528][T13270] lowmem_reserve[]: 0 0 0 0 0
[  318.578557][T13270] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  318.578719][T13270] Node 0 DMA32: 643*4kB (UME) 647*8kB (UME) 291*16kB (UME) 95*32kB (UME) 48*64kB (UM) 39*128kB (UM) 15*256kB (ME) 35*512kB (UME) 15*1024kB (ME) 10*2048kB (UME) 51*4096kB (M) = 290004kB
[  318.578858][T13270] Node 1 DMA32: 2*4kB (M) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 1*128kB (M) 2*256kB (M) 2*512kB (M) 2*1024kB (M) 2*2048kB (M) 110*4096kB (M) = 458616kB
[  318.578989][T13270] Node 1 Normal: 2699*4kB (UME) 30*8kB (ME) 14*16kB (UME) 175*32kB (UME) 118*64kB (UME) 48*128kB (UME) 33*256kB (UM) 15*512kB (UME) 5*1024kB (UM) 7*2048kB (UM) 36*4096kB (UM) = 213596kB
[  318.579163][T13270] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  318.579176][T13270] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  318.579188][T13270] 80606 total pagecache pages
[  318.579196][T13270] 0 pages in swap cache
[  318.579202][T13270] Free swap  = 124996kB
[  318.579209][T13270] Total swap = 124996kB
[  318.579216][T13270] 786301 pages RAM
[  318.579223][T13270] 0 pages HighMem/MovableOnly
[  318.579229][T13270] 241347 pages reserved
[  318.579235][T13270] 0 pages cma reserved
[  318.922505][T13289] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.3075'.
[  318.922546][T13289] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  318.922562][T13289] openvswitch: netlink: Message has 8454 unknown bytes.
[  319.088220][T13298] loop5: detected capacity change from 0 to 4096
[  320.248433][T13349] loop5: detected capacity change from 0 to 64
[  321.096975][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  321.102268][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  321.505491][   T24] libceph: connect (1)[c::]:6789 error -101
[  321.508062][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  321.563294][   T24] libceph: connect (1)[c::]:6789 error -101
[  321.566228][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  321.606358][   T24] libceph: connect (1)[c::]:6789 error -101
[  321.608737][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  321.788913][   T24] libceph: connect (1)[c::]:6789 error -101
[  321.791285][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  321.842025][   T24] libceph: connect (1)[c::]:6789 error -101
[  321.844523][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  321.883347][   T24] libceph: connect (1)[c::]:6789 error -101
[  321.887572][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  322.198934][   T33] audit: type=1326 audit(1758278486.858:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13416 comm="syz.4.3131" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3cce58eba9 code=0x0
[  322.332251][   T24] libceph: connect (1)[c::]:6789 error -101
[  322.334695][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  322.370127][T13376] ceph: No mds server is up or the cluster is laggy
[  322.371023][T13379] ceph: No mds server is up or the cluster is laggy
[  322.372764][T13384] ceph: No mds server is up or the cluster is laggy
[  322.396439][   T24] libceph: connect (1)[c::]:6789 error -101
[  322.398964][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  322.428666][   T24] libceph: connect (1)[c::]:6789 error -101
[  322.431391][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  322.533836][T13422] loop5: detected capacity change from 0 to 256
[  322.538347][T13422] FAT-fs (loop5): bogus number of directory entries (4095)
[  322.541219][T13422] FAT-fs (loop5): Can't find a valid FAT filesystem
[  322.553538][   T33] audit: type=1326 audit(1758278487.185:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13421 comm="syz.5.3133" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6380f8eba9 code=0x0
[  322.690427][T13429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3136'.
[  323.250433][T13445] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  323.864777][   T33] audit: type=1326 audit(1758278488.420:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz.1.3154" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  323.874304][   T33] audit: type=1326 audit(1758278488.420:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz.1.3154" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  323.896997][   T33] audit: type=1326 audit(1758278488.429:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz.1.3154" exe="/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  323.901159][T13471] loop5: detected capacity change from 0 to 512
[  323.905826][   T33] audit: type=1326 audit(1758278488.429:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz.1.3154" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  323.916470][   T33] audit: type=1326 audit(1758278488.429:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13468 comm="syz.1.3154" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  323.940086][T13471] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  323.943338][T13471] System zones: 1-12
[  323.952927][T13471] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.3155: error while reading EA inode 32 err=-116
[  323.963989][T13471] EXT4-fs (loop5): Remounting filesystem read-only
[  323.966558][T13471] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  323.971866][T13471] EXT4-fs (loop5): 1 orphan inode deleted
[  323.975615][T13471] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.007790][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.347747][T13541] 9pnet_fd: Insufficient options for proto=fd
[  325.653227][T13559] mac80211_hwsim hwsim11 wlan0: entered promiscuous mode
[  325.662388][T13559] macsec1: entered promiscuous mode
[  325.664932][T13559] macsec1: entered allmulticast mode
[  325.667174][T13559] mac80211_hwsim hwsim11 wlan0: entered allmulticast mode
[  325.687014][T13559] macsec2: entered promiscuous mode
[  325.690540][T13559] macsec2: entered allmulticast mode
[  326.266224][   T10] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  326.426604][   T10] usb 6-1: Using ep0 maxpacket: 16
[  326.432283][   T10] usb 6-1: config 4 has an invalid interface number: 9 but max is 0
[  326.440152][   T10] usb 6-1: config 4 has no interface number 0
[  326.442750][   T10] usb 6-1: config 4 interface 9 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  326.446764][   T10] usb 6-1: config 4 interface 9 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 167
[  326.453508][   T10] usb 6-1: config 4 interface 9 has no altsetting 0
[  326.460669][   T10] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[  326.464623][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.467885][   T10] usb 6-1: Product: syz
[  326.471849][   T10] usb 6-1: Manufacturer: syz
[  326.473866][   T10] usb 6-1: SerialNumber: syz
[  326.481786][T13576] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  326.485438][T13576] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  326.504127][   T10] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  326.719960][   T13] usb 6-1: Failed to submit usb control message: -71
[  326.724485][   T10] usb 6-1: USB disconnect, device number 3
[  326.728386][   T13] usb 6-1: unable to send the bmi data to the device: -71
[  326.733155][   T13] usb 6-1: unable to get target info from device
[  326.735865][   T13] usb 6-1: could not get target info (-71)
[  326.741599][   T13] usb 6-1: could not probe fw (-71)
[  327.262710][T13600] 9pnet_fd: Insufficient options for proto=fd
[  327.405356][T13606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3214'.
[  327.586250][T13613] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  327.630856][T13613] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3216'.
[  327.685878][T13615] capability: warning: `syz.4.3218' uses 32-bit capabilities (legacy support in use)
[  328.404616][T13628] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  328.802334][T13634] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3227'.
[  328.808537][T13634] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3227'.
[  328.813670][   T55] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260
[  330.612828][   T33] audit: type=1326 audit(1758278494.725:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="syz.5.3251" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6380f8eba9 code=0x7ffc0000
[  330.625381][   T33] audit: type=1326 audit(1758278494.725:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="syz.5.3251" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6380f8eba9 code=0x7ffc0000
[  330.636807][   T33] audit: type=1326 audit(1758278494.725:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="syz.5.3251" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6380f8eba9 code=0x7ffc0000
[  330.647850][   T33] audit: type=1326 audit(1758278494.725:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6380f8eba9 code=0x7ffc0000
[  330.656668][   T33] audit: type=1326 audit(1758278494.725:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6380f8eba9 code=0x7ffc0000
[  330.668219][   T33] audit: type=1326 audit(1758278494.725:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6380f8eba9 code=0x7ffc0000
[  330.680460][   T33] audit: type=1326 audit(1758278494.725:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6380f8eba9 code=0x7ffc0000
[  331.261555][T13718] netlink: 27 bytes leftover after parsing attributes in process `syz.4.3263'.
[  331.452267][T13722] block nbd5: Device being setup by another task
[  331.456293][T13721] block nbd5: NBD_DISCONNECT
[  331.460560][T13721] block nbd5: Send disconnect failed -22
[  331.474736][T13721] loop5: detected capacity change from 0 to 512
[  331.485396][T13721] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.490412][T13721] ext4 filesystem being mounted at /132/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  332.184819][T13719] block nbd5: Disconnected due to user request.
[  332.188386][T13719] block nbd5: shutting down sockets
[  332.217294][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.947733][ T5743] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  333.118789][ T5743] usb 6-1: Using ep0 maxpacket: 16
[  333.122413][ T5743] usb 6-1: config 1 has an invalid interface number: 105 but max is 0
[  333.125328][ T5743] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  333.128994][ T5743] usb 6-1: config 1 has no interface number 0
[  333.131785][ T5743] usb 6-1: config 1 interface 105 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[  333.134801][ T5743] usb 6-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  333.139615][ T5743] usb 6-1: config 1 interface 105 has no altsetting 0
[  333.144475][ T5743] usb 6-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.08
[  333.148104][ T5743] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.151206][ T5743] usb 6-1: Product: syz
[  333.152615][ T5743] usb 6-1: Manufacturer: syz
[  333.154478][ T5743] usb 6-1: SerialNumber: syz
[  333.367529][T13790] netlink: 'syz.1.3297': attribute type 4 has an invalid length.
[  333.370440][T13790] netlink: 'syz.1.3297': attribute type 4 has an invalid length.
[  333.382748][ T5743] aqc111 6-1:1.105: probe with driver aqc111 failed with error -22
[  333.527122][T13797] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3301'.
[  333.530125][T13797] netlink: 84 bytes leftover after parsing attributes in process `syz.1.3301'.
[  333.605111][ T6318] usb 6-1: USB disconnect, device number 4
[  333.754984][T13810] Invalid ELF header magic: != ELF
[  334.489215][T13844] loop5: detected capacity change from 0 to 16
[  334.492365][T13844] erofs (device loop5): mounted with root inode @ nid 36.
[  334.502654][T13844] erofs (device loop5): readahead error at folio 2 @ nid 89
[  334.505431][T13844] erofs (device loop5): readahead error at folio 1 @ nid 89
[  334.527088][T13844] erofs (device loop5): read error -117 @ 1 of nid 89
[  334.532127][   T33] audit: type=1800 audit(1758278498.391:90): pid=13844 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3320" name="file3" dev="loop5" ino=89 res=0 errno=0
[  334.646494][T13850] netlink: 116 bytes leftover after parsing attributes in process `syz.4.3322'.
[  334.989041][T13869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3332'.
[  336.365095][T13912] loop5: detected capacity change from 0 to 256
[  336.376007][T13912] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  336.413014][T13912] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008)
[  336.416995][T13912] exFAT-fs (loop5): Filesystem has been set read-only
[  336.527275][T13918] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3352'.
[  336.579517][T13922] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3356'.
[  336.769412][T13939] program syz.5.3363 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  336.859551][T13943] loop5: detected capacity change from 0 to 4096
[  336.969911][T13948] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  336.976543][T13945] ptrace attach of "/syz-executor exec"[13946] was attempted by "/syz-executor exec"[13945]
[  337.061472][T13943] NILFS error (device loop5): nilfs_dotdot: directory #12 missing '.'
[  337.078434][T13950] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3368'.
[  337.115240][T13943] Remounting filesystem read-only
[  337.199541][T12362] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer
[  338.054153][T13987] loop5: detected capacity change from 0 to 1024
[  338.070247][T13987] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  338.074420][T13987] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  338.078147][T13987] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  338.085345][T13987] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.3384: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  338.095722][T13987] EXT4-fs (loop5): no journal found
[  338.097781][T13987] EXT4-fs (loop5): can't get journal size
[  338.105422][T13987] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  338.151735][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.728470][T13996] loop5: detected capacity change from 0 to 131072
[  338.735286][T13996] F2FS-fs (loop5): Invalid log sectorsize (67108873)
[  338.737844][T13996] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  338.742726][T13996] F2FS-fs (loop5): invalid crc value
[  338.963482][T13996] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  338.968947][T13996] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  338.971745][T13996] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  341.136743][ T5743] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  341.318587][ T5743] usb 6-1: Using ep0 maxpacket: 16
[  341.327211][ T5743] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  341.331711][ T5743] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  341.336005][ T5743] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  341.342173][ T5743] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  341.347191][ T5743] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  341.356058][ T5743] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  341.359714][ T5743] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  341.364105][ T5743] usb 6-1: Manufacturer: syz
[  341.368410][ T5743] usb 6-1: config 0 descriptor??
[  341.662160][ T5743] rc_core: IR keymap rc-hauppauge not found
[  341.664514][ T5743] Registered IR keymap rc-empty
[  341.667109][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.682153][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.705149][ T5743] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  341.709914][ T5743] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input11
[  341.716156][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.737798][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.758456][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.778463][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.800869][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.821211][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.857416][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.885895][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.918577][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.949426][ T5743] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  341.975786][ T5743] mceusb 6-1:0.0: Registered  with mce emulator interface version 1
[  341.978961][ T5743] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  342.796270][T14091] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3427'.
[  343.086811][T14102] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.3431'.
[  343.090437][T14102] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3431'.
[  344.021273][ T6318] usb 6-1: USB disconnect, device number 5
[  344.483964][T14120] loop5: detected capacity change from 0 to 40427
[  344.494562][T14120] F2FS-fs (loop5): Fix alignment : internally, start(4096) end(16896) block(12288)
[  344.501213][T14120] F2FS-fs (loop5): invalid crc value
[  344.504509][T14120] F2FS-fs (loop5): Current segment's next free block offset is inconsistent with bitmap, logtype:5, segno:2, type:0, next_blkoff:0, blkofs:1
[  344.516149][T14120] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-117)
[  344.687591][T14145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3450'.
[  346.336239][T14219] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  346.461695][T14234] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3489'.
[  346.728132][ T5900] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  346.888330][ T5900] usb 6-1: Using ep0 maxpacket: 16
[  346.892199][ T5900] usb 6-1: config 255 has an invalid interface number: 10 but max is 0
[  346.895434][ T5900] usb 6-1: config 255 has no interface number 0
[  346.897997][ T5900] usb 6-1: config 255 interface 10 has no altsetting 0
[  346.904014][ T5900] usb 6-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice=17.ad
[  346.908955][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.912121][ T5900] usb 6-1: Product: syz
[  346.914114][ T5900] usb 6-1: Manufacturer: syz
[  346.915972][ T5900] usb 6-1: SerialNumber: syz
[  347.146257][ T5900] usb 6-1: USB disconnect, device number 6
[  347.571956][T14284] netlink: 'syz.1.3511': attribute type 1 has an invalid length.
[  347.578622][T14284] netlink: 'syz.1.3511': attribute type 2 has an invalid length.
[  347.608197][T14286] 9pnet_fd: Insufficient options for proto=fd
[  347.650051][T14290] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3514'.
[  347.658285][T14290] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3514'.
[  347.709902][T14294] overlayfs: empty lowerdir
[  347.811175][T14303] loop5: detected capacity change from 0 to 4096
[  347.815882][T14303] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  347.836650][T14303] ntfs3(loop5): ino=19, mi_enum_attr
[  347.855198][T14303] ntfs3(loop5): failed to convert "c46c" to macromanian
[  347.858285][T14303] ntfs3(loop5): ino=20, mi_enum_attr
[  349.361686][T14335] loop5: detected capacity change from 0 to 2048
[  349.376170][T14335] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  349.418893][T14335] bio_check_eod: 4 callbacks suppressed
[  349.418928][T14335] syz.5.3534: attempt to access beyond end of device
[  349.418928][T14335] loop5: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  349.421935][T14337] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  349.436511][T14341] netlink: 666 bytes leftover after parsing attributes in process `syz.4.3536'.
[  349.450640][T14335] syz.5.3534: attempt to access beyond end of device
[  349.450640][T14335] loop5: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[  349.461801][T14335] NILFS (loop5): I/O error reading meta-data file (ino=6, block-offset=0)
[  349.606255][T14351] loop5: detected capacity change from 0 to 512
[  349.617998][T14351] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.3539: iget: bad i_size value: 38620345925642
[  349.625533][T14351] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3539: couldn't read orphan inode 15 (err -117)
[  349.631919][T14351] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.677058][T14359] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3545'.
[  349.715813][T14362] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.3539: bg 0: block 5: invalid block bitmap
[  349.734823][T14362] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 980 with error 28
[  349.740163][T14362] EXT4-fs (loop5): This should not happen!! Data will be lost
[  349.740163][T14362] 
[  349.746490][T14362] EXT4-fs (loop5): Total free blocks count 0
[  349.748869][T14362] EXT4-fs (loop5): Free/Dirty block details
[  349.751428][T14362] EXT4-fs (loop5): free_blocks=0
[  349.753798][T14362] EXT4-fs (loop5): dirty_blocks=980
[  349.755863][T14362] EXT4-fs (loop5): Block reservation details
[  349.758201][T14362] EXT4-fs (loop5): i_reserved_data_blocks=980
[  349.809249][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.917041][T14374] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  349.943547][T14374] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  350.689481][T14423] overlayfs: failed to clone lowerpath
[  351.264231][T14430] netlink: 'syz.1.3574': attribute type 21 has an invalid length.
[  351.266941][T14430] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3574'.
[  351.421076][   T33] audit: type=1326 audit(1758278514.190:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.429520][   T33] audit: type=1326 audit(1758278514.190:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.440135][   T33] audit: type=1326 audit(1758278514.209:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.450491][   T33] audit: type=1326 audit(1758278514.209:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.459367][   T33] audit: type=1326 audit(1758278514.209:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.467481][   T33] audit: type=1326 audit(1758278514.218:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.477658][   T33] audit: type=1326 audit(1758278514.218:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.488163][   T33] audit: type=1326 audit(1758278514.218:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.495155][   T33] audit: type=1326 audit(1758278514.218:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.502908][   T33] audit: type=1326 audit(1758278514.218:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14437 comm="syz.1.3578" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547fb8eba9 code=0x7ffc0000
[  351.591197][T14446] netlink: 'syz.1.3582': attribute type 12 has an invalid length.
[  351.779073][T14464] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3591'.
[  352.308620][   T24] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  352.471861][   T24] usb 6-1: config 2 has an invalid interface number: 20 but max is 0
[  352.475232][   T24] usb 6-1: config 2 has no interface number 0
[  352.479766][   T24] usb 6-1: New USB device found, idVendor=0c0b, idProduct=a109, bcdDevice=17.a3
[  352.482588][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.485015][   T24] usb 6-1: Product: syz
[  352.486393][   T24] usb 6-1: Manufacturer: syz
[  352.487829][   T24] usb 6-1: SerialNumber: syz
[  352.711880][   T24] ums-datafab 6-1:2.20: USB Mass Storage device detected
[  352.717871][   T24] ums-datafab 6-1:2.20: Quirks match for vid 0c0b pid a109: 1
[  352.747439][   T24] ums-sddr55 6-1:2.20: USB Mass Storage device detected
[  352.808624][   T24] usb 6-1: USB disconnect, device number 7
[  353.708997][   T10] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  353.869475][   T10] usb 6-1: Using ep0 maxpacket: 8
[  353.876652][   T10] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  353.880974][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.896769][   T10] pvrusb2: Hardware description: Terratec Grabster AV400
[  353.899731][   T10] pvrusb2: **********
[  353.901814][   T10] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  353.905717][   T10] pvrusb2: Important functionality might not be entirely working.
[  353.908934][   T10] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  353.922191][   T10] pvrusb2: **********
[  354.127827][ T2397] pvrusb2: Invalid write control endpoint
[  354.182647][ T2397] pvrusb2: Invalid write control endpoint
[  354.186036][ T2397] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  354.190354][ T2397] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  354.194166][ T2397] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  354.198004][ T2397] pvrusb2: Device being rendered inoperable
[  354.205812][ T2397] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  354.209157][ T2397] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  354.219593][ T2397] pvrusb2: Attached sub-driver cx25840
[  354.225152][ T2397] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  354.229270][ T2397] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  354.325073][T14546] openvswitch: netlink: IPv6 tunnel dst address is zero
[  354.335438][   T10] usb 6-1: USB disconnect, device number 8
[  354.817112][T14557] netlink: 'syz.4.3633': attribute type 1 has an invalid length.
[  365.574702][    C1] sched: DL replenish lagged too much
[  383.536722][ T5849] Bluetooth: hci0: command 0x0406 tx timeout
[  387.997840][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  388.010575][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  426.612689][    C0] ------------[ cut here ]------------
[  426.616297][    C0] workqueue: cannot queue hci_cmd_timeout on wq hci2
[  426.619119][    C0] WARNING: CPU: 0 PID: 26 at kernel/workqueue.c:2256 __queue_work+0xd38/0xfb0
[  426.622666][    C0] Modules linked in:
[  426.625200][    C0] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  426.629633][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  426.633617][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  426.636078][    C0] RIP: 0010:__queue_work+0xd38/0xfb0
[  426.638113][    C0] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 53 0f 99 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 20 e1 89 8b 4c 89 fa e8 99 39 f9 ff 90 <0f> 0b 90 90 e9 1a f5 ff ff e8 8a 9c 35 00 90 0f 0b 90 e9 dd fc ff
[  426.645308][    C0] RSP: 0018:ffffc90000007bb0 EFLAGS: 00010046
[  426.647822][    C0] RAX: eddbee37ccccf000 RBX: 0000000000000100 RCX: ffff88801caa0000
[  426.651051][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  426.654184][    C0] RBP: 1ffff11022483738 R08: ffff88804b024253 R09: 1ffff1100960484a
[  426.657351][    C0] R10: dffffc0000000000 R11: ffffed100960484b R12: dffffc0000000000
[  426.660447][    C0] R13: ffff8880326d4988 R14: 0000000000000008 R15: ffff88811241b978
[  426.663555][    C0] FS:  0000000000000000(0000) GS:ffff8880b8615000(0000) knlGS:0000000000000000
[  426.667039][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  426.669540][    C0] CR2: 00007ff7aaab8060 CR3: 0000000026c1a000 CR4: 00000000000006f0
[  426.672489][    C0] Call Trace:
[  426.673556][    C0]  <IRQ>
[  426.674580][    C0]  call_timer_fn+0x17e/0x5f0
[  426.676435][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  426.678672][    C0]  ? call_timer_fn+0xbe/0x5f0
[  426.680579][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  426.682550][    C0]  ? do_raw_spin_unlock+0x4d/0x240
[  426.684544][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  426.686839][    C0]  __run_timer_base+0x646/0x860
[  426.688800][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  426.690897][    C0]  ? try_to_wake_up+0x7f5/0x12b0
[  426.692858][    C0]  run_timer_softirq+0xb7/0x180
[  426.694793][    C0]  handle_softirqs+0x286/0x870
[  426.696706][    C0]  ? do_softirq+0xec/0x180
[  426.698402][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  426.700351][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  426.702809][    C0]  do_softirq+0xec/0x180
[  426.704489][    C0]  </IRQ>
[  426.705846][    C0]  <TASK>
[  426.707539][    C0]  ? __pfx_do_softirq+0x10/0x10
[  426.709463][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  426.711119][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[  426.713106][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  426.715410][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  426.717880][    C0]  ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  426.720350][    C0]  ? worker_thread+0x8a0/0xda0
[  426.722199][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  426.723805][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xf93/0x2ae0
[  426.725895][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  426.728325][    C0]  ? __lock_acquire+0xab9/0xd20
[  426.730143][    C0]  ieee80211_iface_work+0x85f/0x12d0
[  426.732263][    C0]  cfg80211_wiphy_work+0x2bb/0x470
[  426.734318][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  426.736591][    C0]  process_scheduled_works+0xae1/0x17b0
[  426.738812][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  426.741186][    C0]  worker_thread+0x8a0/0xda0
[  426.743051][    C0]  kthread+0x711/0x8a0
[  426.744695][    C0]  ? __pfx_worker_thread+0x10/0x10
[  426.746791][    C0]  ? __pfx_kthread+0x10/0x10
[  426.748637][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  426.750641][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.752672][    C0]  ? __pfx_kthread+0x10/0x10
[  426.754377][    C0]  ret_from_fork+0x439/0x7d0
[  426.756204][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  426.758153][    C0]  ? __switch_to_asm+0x39/0x70
[  426.760030][    C0]  ? __switch_to_asm+0x33/0x70
[  426.761940][    C0]  ? __pfx_kthread+0x10/0x10
[  426.763788][    C0]  ret_from_fork_asm+0x1a/0x30
[  426.765714][    C0]  </TASK>
[  426.766989][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  426.769790][    C0] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  426.773375][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  426.777175][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  426.779630][    C0] Call Trace:
[  426.780969][    C0]  <IRQ>
[  426.782122][    C0]  dump_stack_lvl+0x99/0x250
[  426.783980][    C0]  ? __asan_memcpy+0x40/0x70
[  426.785819][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.787876][    C0]  ? __pfx__printk+0x10/0x10
[  426.789697][    C0]  vpanic+0x281/0x750
[  426.791262][    C0]  ? __pfx__printk+0x10/0x10
[  426.793056][    C0]  ? __pfx_vpanic+0x10/0x10
[  426.794855][    C0]  ? is_bpf_text_address+0x292/0x2b0
[  426.796962][    C0]  panic+0xb9/0xc0
[  426.798488][    C0]  ? __pfx_panic+0x10/0x10
[  426.800303][    C0]  __warn+0x31b/0x4b0
[  426.801914][    C0]  ? __queue_work+0xd38/0xfb0
[  426.803814][    C0]  ? __queue_work+0xd38/0xfb0
[  426.805694][    C0]  report_bug+0x2be/0x4f0
[  426.807415][    C0]  ? __queue_work+0xd38/0xfb0
[  426.809270][    C0]  ? __queue_work+0xd38/0xfb0
[  426.811159][    C0]  ? __queue_work+0xd3a/0xfb0
[  426.812963][    C0]  handle_bug+0x84/0x160
[  426.814387][    C0]  exc_invalid_op+0x1a/0x50
[  426.816195][    C0]  asm_exc_invalid_op+0x1a/0x20
[  426.818133][    C0] RIP: 0010:__queue_work+0xd38/0xfb0
[  426.820138][    C0] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 53 0f 99 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 20 e1 89 8b 4c 89 fa e8 99 39 f9 ff 90 <0f> 0b 90 90 e9 1a f5 ff ff e8 8a 9c 35 00 90 0f 0b 90 e9 dd fc ff
[  426.827547][    C0] RSP: 0018:ffffc90000007bb0 EFLAGS: 00010046
[  426.829906][    C0] RAX: eddbee37ccccf000 RBX: 0000000000000100 RCX: ffff88801caa0000
[  426.833001][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  426.836131][    C0] RBP: 1ffff11022483738 R08: ffff88804b024253 R09: 1ffff1100960484a
[  426.839254][    C0] R10: dffffc0000000000 R11: ffffed100960484b R12: dffffc0000000000
[  426.842342][    C0] R13: ffff8880326d4988 R14: 0000000000000008 R15: ffff88811241b978
[  426.845423][    C0]  call_timer_fn+0x17e/0x5f0
[  426.847162][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  426.849358][    C0]  ? call_timer_fn+0xbe/0x5f0
[  426.851264][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  426.853145][    C0]  ? do_raw_spin_unlock+0x4d/0x240
[  426.855115][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  426.857361][    C0]  __run_timer_base+0x646/0x860
[  426.859334][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  426.861429][    C0]  ? try_to_wake_up+0x7f5/0x12b0
[  426.863356][    C0]  run_timer_softirq+0xb7/0x180
[  426.865339][    C0]  handle_softirqs+0x286/0x870
[  426.867018][    C0]  ? do_softirq+0xec/0x180
[  426.868643][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  426.870733][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  426.873200][    C0]  do_softirq+0xec/0x180
[  426.874901][    C0]  </IRQ>
[  426.876077][    C0]  <TASK>
[  426.877266][    C0]  ? __pfx_do_softirq+0x10/0x10
[  426.879184][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  426.881306][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[  426.883362][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  426.885518][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  426.888034][    C0]  ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  426.890451][    C0]  ? worker_thread+0x8a0/0xda0
[  426.892375][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  426.894357][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xf93/0x2ae0
[  426.896815][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  426.899391][    C0]  ? __lock_acquire+0xab9/0xd20
[  426.901316][    C0]  ieee80211_iface_work+0x85f/0x12d0
[  426.903399][    C0]  cfg80211_wiphy_work+0x2bb/0x470
[  426.905402][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  426.907558][    C0]  process_scheduled_works+0xae1/0x17b0
[  426.909577][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  426.911946][    C0]  worker_thread+0x8a0/0xda0
[  426.913774][    C0]  kthread+0x711/0x8a0
[  426.915307][    C0]  ? __pfx_worker_thread+0x10/0x10
[  426.917327][    C0]  ? __pfx_kthread+0x10/0x10
[  426.919150][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  426.921178][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.923109][    C0]  ? __pfx_kthread+0x10/0x10
[  426.925003][    C0]  ret_from_fork+0x439/0x7d0
[  426.926911][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  426.928976][    C0]  ? __switch_to_asm+0x39/0x70
[  426.930857][    C0]  ? __switch_to_asm+0x33/0x70
[  426.932680][    C0]  ? __pfx_kthread+0x10/0x10
[  426.934509][    C0]  ret_from_fork_asm+0x1a/0x30
[  426.936405][    C0]  </TASK>
[  426.938329][    C0] Kernel Offset: disabled
[  426.939957][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:43:15  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000050 RBX=0000000000000050 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90000007350
R8 =ffff88801ff10237 R9 =1ffff11003fe2046 R10=dffffc0000000000 R11=ffffffff854faab0
R12=dffffc0000000000 R13=ffffffff99b008d9 R14=ffffffff99df5440 R15=0000000000000000
RIP=ffffffff854fab2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8615000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff7aaab8060 CR3=0000000026c1a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000000000af RBX=ffffffff8e13a0e0 RCX=ffffffff93497310 RDX=0000000000000005
RSI=0000000000000007 RDI=ffff888109313980 RBP=0000000000000000 RSP=ffffc900001e0508
R8 =0000000000000000 R9 =0000000000000000 R10=ffffc900001e0758 R11=ffffffff81ac4b00
R12=0000000000000002 R13=0000000000000005 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff819d7382 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c15000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff7ab708740 CR3=0000000026c1a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 00007f99caa2dcd8
XMM02=0000000000000015 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000016 0000000000000000 XMM05=9403040400419003 0608004180033280
XMM06=04139a1000000200 0e80040800000017 XMM07=0004018000000000 c278d609f4ffff00
XMM08=000bfeefa0000000 0000000000000016 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
