last executing test programs:

9m41.773357621s ago: executing program 3 (id=325):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r1 = accept(r0, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xde3ebb5)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000100)={0x0, 0xec29, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
recvmsg$qrtr(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x2020}, 0x38, 0x101)
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

9m40.849470992s ago: executing program 3 (id=335):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

9m39.618552197s ago: executing program 3 (id=341):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000002d40)=0x1, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', <r2=>0x0})
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000340)=0x800, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f00000003c0)={0x2c, 0x0, r2}, 0x10)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x800000000000000, 0x0, 0x0, 0x800, 0x0, 0x8100000}, 0x0, &(0x7f0000000080)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6a9, 0x3ac8}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

9m39.41579055s ago: executing program 3 (id=343):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000880)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xfd, 0x1f4, &(0x7f0000000ac0)="$eJzslc+K01AUxr97U9Opf/duXFhwXJgmqbobsBtXLgTFwYVgcTLDOBlHmixMQcQncO/OhY8hKLjyIWR0o5txpQtBuHL/JLmxaRtqoYLnBz35kpyce3LSfAFBEP8tnz/9OBTfN76sATiJLtrm+FenzOFW/se1b0/f3bi++eLe6w/tQ69TV1OIQrJ567cAvB2cRlpca10NoGu2t8HRxamio4tGbYLBM/o+OO4YHYHhrtEPLX0g8z1vezeOvAcH8ZYUvgyBDKEM/T/7O3rOsGX1Z99Uko1lSjRKsvHeMI5niUHlyE8hRJOrRsm8+R0NODas/orntV3m+Wp+mgAcgdF9MNwqnnA7n40eiXX/Z1t5fV5Zf7JdV0w9tVoBPnHKBbBYQfnX/kfua45wzeOozXGghHrZzwCYVbCzlH5ONH1bpovcmpoko9WgIJY8efk+Zd5esw6XId5c0xPJj4hnel/m/PrrJdyF5lP6k3jFcMHyJ20lL9WnppfuP+4l2fjS7v5wJ9qJHoVh/6p/2fevhD1lRDraluNU/a+j/Ol4Wb/2myRxmYsnwzQdBToW+6GOdY7Llf9xrJ/X+9L7Xbvo++oazPy42kq17kzrhyAIYpWcA8Ox3JeFwXxNIArCmyvukyAIgiAIgiAIgiCIxfkdAAD//6jRTN8=")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
lseek(r2, 0x0, 0x2)

9m39.213718873s ago: executing program 3 (id=344):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000003c00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1}}], 0x1, 0x8000)
r2 = dup(r1)
ioctl$int_in(r1, 0x5421, &(0x7f0000000140)=0x6)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000100)=0xfff, 0x4)
r3 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x10)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d5)

9m38.798589268s ago: executing program 3 (id=346):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x1c, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xfffe}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)

9m38.670340324s ago: executing program 32 (id=346):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x1c, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xfffe}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)

5m58.07620849s ago: executing program 2 (id=1488):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0xffffffd4, 0x0, 0x0, 0x20}}, &(0x7f0000000240)='GPL\x00', 0x1, 0x473, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff60}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r1, 0x12a, 0xfffffffffffffffe}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mlock(&(0x7f0000a38000/0x1000)=nil, 0x1000)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f000043b000/0x1000)=nil, 0xfffffffffffffdb5, &(0x7f0000000080)='\x00\xc9\xf5\x00\x00\x00\x00\x00\x00\x00+\x1ct\xc6\fr\xbaU\xc1\xb2\xd2\xde\xbfk\xc0\x18\x94\xc5&\xec\x03\xa0w\"E\xc9\xf2,K4\x10\xc8\x8cuj\xd3\xf0\xb3\xa9f\xf7\xb7\x17\xdf\xca\xac\x8b\x81K\t\x14^\xc3\xb7<\xa1\x15\v4\xd0\xbe\xa8\x01\x00<:-Y\n<\x1d\xb2\xe0kU\xc0\xc1\x14')
mlock2(&(0x7f0000a32000/0xe000)=nil, 0xe000, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000200)={0x4, 0x0, [{0x80000008, 0x0, 0x0, 0x5}, {0x76b48f433226e54c, 0x5, 0xe, 0x0, 0xcdd, 0x2, 0x810000}, {0xc0000000, 0x0, 0x4, 0x0, 0x0, 0x1}, {0xd, 0x3, 0x6, 0xc, 0x0, 0xa, 0x7fe}]})

5m57.25982347s ago: executing program 2 (id=1490):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
unshare(0x2c060000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f00000002c0), &(0x7f0000000240)=r2}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

5m56.257906347s ago: executing program 2 (id=1495):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
close(0x3)
syz_mount_image$fuse(&(0x7f0000001000), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="3dfdd597659f664340efd00e41f229d540ee393c0e5a18e01cc3e032e4e4d8e9f4f1984e58962ad5ab96a5efd087bf2717203d59298875a40c875c2c34"], 0x3e, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010101}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1, 0x2}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0)=@int=0x2, 0x4)

5m55.151946355s ago: executing program 2 (id=1496):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3", 0x30}], 0x2}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)={0x14, 0x3, 0x6, 0xc03}, 0x14}, 0x1, 0x0, 0x0, 0x10000000}, 0xc081)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900232b8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000200)="c67f0d7df9", 0x4b}], 0x2)

5m54.818553564s ago: executing program 2 (id=1500):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x8a080, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x4, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xc}, {0x6, 0xb}, {0xd, 0xffe0}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_ADMIT_BYTES={0x8, 0x5, 0xc}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x220000e0}, 0x4890)
r4 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, &(0x7f0000000180)="2be067a5e8f8e6", 0x7, 0x10, &(0x7f0000000200)={0x11, 0x15, r3, 0x1, 0x5, 0x6, @remote}, 0x14)

5m53.038091149s ago: executing program 2 (id=1504):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x80000)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
sendmmsg$unix(r3, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x9802}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

5m37.193302534s ago: executing program 33 (id=1504):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x80000)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
sendmmsg$unix(r3, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x9802}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

5m24.379114073s ago: executing program 1 (id=1580):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r4, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x25}]}]}, 0x38}}, 0x4000)

5m22.423846955s ago: executing program 1 (id=1582):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_procfs(0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[], 0x134}}, 0x40008)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)={0x7c, 0x12, 0x1, 0x70bd28, 0x25dfdbfc, {0xf, 0x8, 0x6, 0x7, {0x4e20, 0x4e20, [0x39, 0x4, 0x1ff, 0xc], [0x5, 0xaf58, 0x3, 0x5], 0x0, [0x1, 0x9]}, 0xc000000, 0x80000000}, [@INET_DIAG_REQ_BYTECODE={0x2c, 0x1, "b99e99605c559ce285bbe0a128fedd794ce892fc407634bb3031f200afd06cbf65b4c1d98e1d4db4"}, @INET_DIAG_REQ_BYTECODE={0x4}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8}, 0xc4)
write$binfmt_elf64(r1, &(0x7f0000000f80)=ANY=[], 0x540)

5m20.874426662s ago: executing program 1 (id=1590):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x19, 0x4, 0x4, 0x5}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000380), &(0x7f0000000580)=r3}, 0x20)
syz_emit_ethernet(0xd21, &(0x7f00000007c0)={@local, @empty, @val={@val={0x88a8, 0x6, 0x1}, {0x8100, 0x5, 0x0, 0x2}}, {@mpls_mc={0x8848, {[{0x8001, 0x0, 0x1}, {0x2, 0x0, 0x1}, {}, {0x6, 0x0, 0x1}, {0x278, 0x0, 0x1}], @ipv6=@icmpv6={0x7, 0x6, "b599fd", 0xfffffffffffffe16, 0x3a, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, @local, {[@dstopts={0x2c, 0x0, '\x00', [@calipso={0x7, 0x0, {0x0, 0x0, 0x0, 0x8, [0x2, 0x74, 0x8, 0x7, 0xfffffffffffffffb]}}, @jumbo={0xc2, 0x4, 0x7f}, @enc_lim, @ra={0x5, 0x2, 0x5}, @ra={0x5, 0x2, 0xffff}, @pad1, @generic={0x0, 0x0, "7981fa7043e699fda699cd647f96697531b87088aa9909613a68ae9a9439ae818afe9d9225a38602cec15d1e3ca4eaa54aa882a2013b44e222a1075e96d68764ab1cf349ce127612c5d858806d74c8209351696acf4d4c944f9cc242fac2970ff16157b6cbd447ca57d36f9a27f189ea2cf8383bc80361a9edf9b937c88e389c3de86918875057883b319ef1edf3913a93976ea7eb42673d80d8b0f59852949c1d79fbc8eca04b8e541154aa448f4c3a9c0d187f551241"}, @jumbo={0xc2, 0x4, 0xfffff27c}]}, @fragment={0x87, 0x0, 0x6, 0x0, 0x0, 0x9, 0x68}], @param_prob={0x4, 0x2, 0x0, 0x4200, {0x3, 0x6, "540df0", 0x9, 0x2, 0xff, @local, @loopback, [@fragment={0x28, 0x0, 0x8, 0x0, 0x0, 0x2, 0x67}, @fragment={0x2, 0x0, 0x10, 0x0, 0x0, 0x6, 0x64}, @routing={0x11, 0x8, 0x1, 0x78, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast1, @private1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}]}, @hopopts={0x11}], "b93791224d3c49c10d026f0b724bad4b3e0705813e74680c45ed8e8868e0b193c47827972312431c10405bd4a7e298a4b99dcd95e40b9643f22b5768f22f83f7d0b360"}}}}}}}}, 0x0)

5m20.813828111s ago: executing program 1 (id=1595):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00444, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbbb, &(0x7f0000001800)="$eJzs3M9rHOUbAPBnJpvf+TbpF1FbBANSFcVt2pQKPbWeRQU9eGxMNiVk+8Mkggk9pPWuHkQ8FKR/guDdXjwJHupB619QxCJFL20PK7M/0jWb3cR0s2PTzwfezPvOO9nneTLZzDuwkwCeWJPZlzTiUEScTSLG6/vTiBio9oYi1mvH3b97eTZrSVQq7/6RRBIR9+5enm28VlLfjtYHQxFx840k/v9Ja9zl1bXFmXK5tFQfH105f+no8uraawvnZ86VzpUunJh+/cT0yenpLtZ6+9IHXz3301svXr3+6dTbXx74IYnTMVafa66jWyZjcuNn0qwQETPdDpaTvno9zXUmhRwTAgCgo7RpDfd0jEdfPFy8jcf3P+eaHAAAANAVlb6ICgAAALDPJe7/AQAAYJ9rfA7g3t3Ls42W7ycSeuvOmYiYqNXfeL65NlOI9ep2KPojYuTPJJofa01q3/bIJrNI3/5Yylps9xzycBcCbrJ+JSKe3er8J9X6J6pPcbfWn0bEVBfiT24a9/r371HqP92F+HnXD8CT6caZ2oWs9fqX1tY/g7XR5utfYYtr127kff1rrP/ut6z/0o31X1+b9d87O4xx+MErN9vNNa//3v/s17ksfrZ9pKL+hTtXIg4Xtqo/2ag/aVP/2R3GGJ29fa3dXFZ/Vm+j9br+yvWII9XVXGv9DUmn/090dH6hXJqqfd3i9VdPdo7ffP6zlsVv3Av0Qnb+R2J35//SDmNMPPP7oXZz29ef/jaQvFftDdT3fDyzsrJ0LGIgebN1//HOuTSOabxGVv/LL3R+/29Vf/Y3Yb3+c8h+e67Ut9n46qaYo0eOf7P7+vdWVv/cLs//5zuM8fV31z7ctGvjzZV3/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HtKIGIskLW7007RYjBiNiKdiJC1fXF55df7iRxfmsrmIiehP5xfKpamIGK+Nk2x8rNp/OD6+aTwdEQcj4ovx4eq4OHuxPJd38QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwYjYixSNJiRKQR8dd4mhaLeWcFAAAAdN1E3gkAAAAAe879PwAAAOx/Lff/hX+MhnqZCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPvSwedv3EoiYv3UcLVlBupz/blmBuy1dGeHjex1HkDv9eWdAJCbQlO/UqlUckwF6DH3+ECyzfxQ25nBrucCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/XS4du3EoiYv3UcLVlBupz/blmBuy1NO8EgNz0dZpMtt0BPMYKeScA5MY9PlBb2T+o1LTOD7X9zsGH3fXdRQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg8TFWbUlajIi02k/TYjHifxExEf3J/ELEVEQciIhfxvsH5xfKpWN5Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDXLa+uLc6Uy6UlHR2dLnaGo2exhutv5jbHDLaf6tDJ+Q8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5WF5dW5wpl0tLy3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORteXVtcaZcLi3tYSfvGgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyM/fAQAA///+hAlq")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3000046, &(0x7f00000000c0), 0x1, 0x55c, &(0x7f00000003c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9uzKVr648JPsxH0eFA32do78pouowmHWsduD24F19kCCIOxHd993H4D/hXDHQwZBR98CVy05suW5M2a7OlWz4fuOWce2967jf3fk/OzUlIAANrLPtTiHg1Ir5NIg5GRJJvG45849jqfisPrk1nSxL1+md/J439snrzfzUftz+vvBIRv38dcaKwvt3q0vJcqVxOF/L6eG3+8nh1afnkxfnSbDqbXpqcmjr9ztTk+++927NYj5/794dP73x0+pujK9//eu/QrSTOxIF8W2sc23C9tTIWY/lzMhJnHttxogeN7SRJvw+ALRnK83wksj7gYAzlWQ+8+L6KiDowoBL5DwOqOQ5o3tv36D74uXH/w9UboPXxD6++NxJ7GvdG+1aSR+6Msvvd0R60n7Xx21+3b2VL9O59CIBNXb8REaeGh9f3f0ne/23dqS72ebwN/R88O3ey8c9b7cY/hbXxT7QZ/+xvk7tb0Sn/j7/cXFO414NmOsrGfx+0Hf+uTVqNDuW1lxpjvpHkwsVymvVt2SEei5HdWX2j+ZzTK3frnba1jv+yJWu/ORbMj+Pe8O5HHzNTqpW2E3Or+zciXms7/k3Wzn/S5vxnz8e5Lts4kt5+o9O2zeN/uuo/R7zZ9vw/nNFKNp6fHG9cD+PNq2K9f24e+aNT+/2OPzv/+zaOfzRpna+tPnkbP+35L+207ZH4o/vrf1fyeaO8K193tVSrLUxE7Eo+Wb9+8uFjm/Xm/ln8x45u3P+1u/73RsQXXcZ/8/Avr3cVf5/O/8wTnf8nL9z9+MsfO7XfXf/3dqN0LF/TTf/X7QFu57kDAAAAAACAnaYQEQciKRTXyoVCsbj6+Y7Dsa9QrlRrJy5UFi/NROO7sqMxUmjOdB9s+TzERP552GZ98rH6VEQciojvhvY26sXpSnmm38EDAAAAAAAAAAAAAAAAAADADrG/w/f/M38O9fvogKfOT37D4No0/3vxS0/AjuT1HwaX/IfB1TH/vQEILzyv/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT586ezZb6yoNr01l95srS4lzlysmZtDpXnF+cLk5XFi4XZyuV2XJanK7Mb/b/ypXK5YnJWLw6XkurtfHq0vL5+cripdr5i/Ol2fR8OvJMogIAAAAAAAAAAAAAAAAAAIDnS3Vpea5ULqcLCgpbKgzvjMNQ6HGh3z0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADz0fwAAAP//s6436w==")
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./bus\x00', 0x0, 0x63d014, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000400)={0x2, 0x4e20, @remote}, 0x10)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000080)={@desc={0x1, 0x0, @desc3}})

5m17.000393544s ago: executing program 1 (id=1602):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x8)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x10, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
mount$9p_virtio(0x0, &(0x7f0000000500)='./file1\x00', 0x0, 0x20, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x800)

5m16.152291909s ago: executing program 1 (id=1613):
timerfd_create(0x8, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="07000000040000008000000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000020000850000001b000000b700000000000000180100002120732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010101}, {0x2, 0x0, @local}, {0x2, 0x4e24, @rand_addr=0x6}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24008855}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f00000000c0)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

5m16.024510056s ago: executing program 34 (id=1613):
timerfd_create(0x8, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="07000000040000008000000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000020000850000001b000000b700000000000000180100002120732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010101}, {0x2, 0x0, @local}, {0x2, 0x4e24, @rand_addr=0x6}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24008855}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f00000000c0)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

19.600276526s ago: executing program 5 (id=2716):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
r4 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r4, &(0x7f00000003c0)=[{&(0x7f0000000280)="111ec20239e272abb2cedf053d666ab4", 0x10}], 0x1, 0x4000001, 0x0)
sendfile(r3, r4, 0x0, 0x8000fb00)

17.636779014s ago: executing program 7 (id=2719):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
connect$tipc(r3, &(0x7f0000000040)=@id, 0x10)
sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x101d0)

17.636234144s ago: executing program 5 (id=2720):
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x4, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x830}, 0x20000040)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x4040040}, 0x20000010)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x6, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000005, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.425562547s ago: executing program 4 (id=2721):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0xfffffff2, 0x225c17d03, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

15.421458286s ago: executing program 5 (id=2723):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getgroups(0x449a065a, 0xfffffffffffffffe)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000040)={0x3, 'sit0\x00', {0x6}, 0x599})
read$FUSE(r0, &(0x7f0000002280)={0x2020}, 0x2020)

12.910377102s ago: executing program 7 (id=2724):
socket$inet6_sctp(0xa, 0x801, 0x84)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x1d, 0x2, 0x6)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xff00000000000000, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b07, &(0x7f0000000440)={'wlan1\x00', @random="8dffffffebff"})

12.908420492s ago: executing program 4 (id=2725):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xcaR4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x1, 0x0, 0x0)

12.907882062s ago: executing program 5 (id=2726):
syz_usb_connect$uac1(0x3, 0xdc, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$packet(0x11, 0x2, 0x300)
socket$inet6(0xa, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x7}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$XFS_IOC_GETBMAPA(r0, 0xc020582c, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4)
sendmmsg$inet6(r3, &(0x7f0000001340)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0xa}}, 0x1c, 0x0}}], 0x1, 0xc040)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000001380)="7201cc576a0c42dc9734b695f6b360bbe06853a4f0703787e506b7a171e18f1a6f2d920a2e56d90e4f", 0x29}], 0x1)

11.184300454s ago: executing program 4 (id=2729):
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x16, &(0x7f00000002c0)={[{@nobarrier}, {@noflushoncommit}, {@nossd}, {@commit={'commit', 0x3d, 0x3f}}, {@nodatasum}, {@nodiscard}, {@nobarrier}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@noacl}]}, 0x9, 0x5104, &(0x7f0000005480)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75pcNWjiAAAAQF/x/90Xv1qIeT375iDN6089evBc1Xil/N8cLv+P3dJXBQAAANyMI19sf7iqXsr/reHy//htnTUAAACwFO98OPFBVb2U/2dvnP/rSf5fnS/zKx+yTj/Fv0I4NBnCxMLKXFb4ObSf7hYAAACAWyTm9D8/3flD1X6l/D9Xff//eKeDeP1/z/3/Ctf/hzDVW8ju+vdkXgAAAIB7Svl6/nh7/OzJBf2evz/s9f8P/O/gq1XHL+X//cPl/3pxeSuf/wcAAADL8F97/t/20jjVBt3//76P3v2lqn8p/7eHy/9xuab48k7E9+e9yRDWL6zkdxP8Jh5uV1KYHysUOlpJj22xR16YHy8UOuaSHpsnQ3hwYWV/Uvh/LLSTwpW1eeFIUjgdC/n50C0cSwon4pn2+dp8umnh+1jIL7CYj1dQrOleEpH0uNqvx0Lhhj3Odg8OAABwT4nhOc+yY73NkEbZ+dqgHVYP2mFk0A71QTuMJjukO/bbHmZ7C3F7+8zGpT3//8hw+T++Fflz/vpd/x/i9f/5cw271//PxkIjKczHQiu9Y0ArHiMLux/HYzRaeY8r67sFAAAAuKvF7wXqKzwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Ie9e42Rq7oPAH72Od6H1wtJFUKjZJPUOG7i9domD7VUWVOqRqQ064aCqohiY6/J4gU7tikxCpGxiWiEoLRBSj4UYRRFNR+gViAiKSBcpDhC5RFRFQUQKLSGKIiUkkSkCVKoZu89s3fO3Xks9hov/f0k75yZ/3neeXjOvXfOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/n84/JWr/rZZ/OHfnvP0cxeOX7Zv/YUvX3POqY+HMDHzeEcW7ui//tbxn9959l377lt72z1Hz/1wb14uj4eB6p/O/M51sdajS0O4tyOE7jSwajAL9OT3B2N97xkM4ZQwG6iVmOzPSqQNh+/3hXAgzAZqVX2vL4TBQuD8Jx568MZq4pa+EJaHECppG89Wsjb60sAZvVmgPw1s784Cv3ojUwt8tzMLwDGLb4bai/7QRH2G4bnLNXj99Ry3jr210uF1xcRw43w/W7/AnSroTR+YOKanrVQdC6L09jjs3bYI3m2l7Xyzp634RSr/hvLGbKgSOrdMbt105fTu+EhnGB3talTTAj3PT736pc3zSS+a12HswPBxeR3e9NjyO7tWnvfoPauWv3jwI/tfOtZu/qiwSYvphVYJ+Wtu0TyP0bjPk0Xw9it9SxrxpSuEsPXzv/eZZvHS/H+4+fw/vpzjbWdd7ljr60PZ3Dw+MhgTrwxlc3MAAABYNBbDXtPtow98oll9pfn/SHvH/+Mh/3wyn432cAjjM4n9y0I4bebxLHBHbO6SZSG8fyY1UR9YnwQOh/DumcTKWlVJiSWxxEgS+MlQHhhPAkdiYCIJfCsGbk4C18XAoSSwOQYOJ4GzYyBM1Y/j94fycbQd6IuBjdlGPBTPQvjFUGwt2VbP1KoCAAA4TvLZYU/93cK5DseaIU4vD/W1yhDPwG6YoZLUkM5ga9OqhjV0t6qhs1UNtXHvbT78Us0drWounYbRUZ/h1l/+zWdDE6X5/1jz+X9ljo50lI7/h7Bh5m/M3ZlHpmvxjRN1GQAAAIBjMPC/z3+zWbw0/x9v7/z/uE+kq5A5PBJ3Q2xbFsJYfSCr9g/Lgeyo90AeAAAAgMWgdjy+dix8Kr/NTtFO59Pl/BPzzB8P/I/Pmb/38P0bm/W3NP+faO/8//7626wTR2IvvrYshCWFwA9iL6uBGSMx8ONP1gfy8R+JG+CGWFV+YkKtqhtiiY0xMJYEDjQq8cNaidPqA/mTVWt8f20cU3mJQgAAAABOuLg7IB6Xj+f/f+A3a69qVq40/984v/P/Z+bBpdP7pwdCWN0dQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwhnVQeWVvV8vv5/d7rG4BN9WVUxcNoHDr56RjXxzb4QVhcDT37u9o9WE7uTQK3xv+wL4X3V0aaNf2dJ1nhP2vjXl4Tw3kKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEchUKvqY5UQ9gQAFqn4X+mW4oO79ly9bdP09OTOBUzEffh9YevU9OTo5u3TWyoN+rQl6XPdMkbXlsfU7pVvnsmXKLrg7g2D7aRrvxMcK7aV78cvnTiY34/fhXpmxrm2p+7uunTIH/pguYlQ+CbVaMidCzzk/mIls09iqf6YvzcMhCVX7prcOfrFTbt371yT/W03+9rsbzzMlG2rNem26p+rb228PBqulpV4s9tqRbGS1bsv37F6156rV01dvunSyUsnr1jzsbVjZ46tG/v4mauroxrL/rYY6oq5qk6G+sbtbY7rOA719O5CJSfiU0NCQmKxJbYPrGj6f3Jp/r+j+fw/furET/58fYZGx/+H42H+7PHZw/wbY+BAu8f/hxsdza+dGDCSBPbGwF6H+QEAAHh7iJP8uDcz7pX+6crvvNisXGn+v7e93/8fp/X/a0vXn9tomf+VscRYo/X/02X+a+v/7220/n+6zH9t/f8Db8H6/1fWAskm+YX1/wEAgLeDE7f+f8vl/dMLBJQytFzeP71AQClDy2X8271AwLzX/3/2P//qv0MTpfn/ze3N/y3cDwAAACePL//ZVb/TLF6a/x9ob/5/4tf/C43O/x9pFJhotDCg9f8AAABYpBqt/zd8ff/FzcqV5v+H2pv/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYHe1pM2/dyqjr33ybT+VLgTZLFz3/J0fnd/7/4fbm/3W/y7jpseV3dq0879HX71m1/MWDH9n/0uzxfwAAAGDhtLtfAgAAAAAAAAAAAAAAeOs9/x/71jWLl37/HzbMPN7o9//xun/x9wXvrMsda229/l9+//xP37VnZsnCR4ZC+GAxsG3ftlNCfm3+FcXAgxetfFc1sS8tcf9zZ79QTVycBj616tTXqomzksDGuEjiu9NAvKria0uTQFxe8d/TQNweh9JAbx746tJsHB3ptvrpYLatOtJt9fRgCMsKgdq2uncwa6MjHeAtSaA2wC+kgTjAP88DnWmv7hrIehUDg7HobQNZrwAAOGnFb4E9YevU9ORY/Aofb0/vrr+N6pYsu7ZcbUebzT+TL012wd0bBttJd6XfRWevNd4TKtUhrCl9XS1m6ZgZ5fGppcWme2eDIbda7a2zQbnUfDddb+MR9WUjGt28fXpLT8uBr2udZW13yyxrSpOdYpbOmU3aRi1t9KWNEbW5bdrocrzfGUZHu5JcfxCDw6FOq1dEu7/XL67z1+hVUMxzxdH9v2pWX2n+P9ze/L9SHNdr+cUA9sYr6/3dMsv8AwAAwML66vpffyP+++z1Dz/ZLG9p/j/S3vw/7sHKDwVnezsOx+v/718Wwsyl9YezwB2xuUuWhfD+mdRELJFdUP/cWGIsC9wRd5isjCU2TtRXtSQGDiWBnwzlgcNJ4EgM5HspDoZ8V87fD4Xw0ZnUhvoSO2KJ4STwmRgYSQKjMTCWBJbGwHgSeHlpHphIAv8WA2GqflvdvTTfVgAAAPORz7N66u+GdJ53qLtVho5WGfpbZehslaHSKkOjUcT7344ZepKTVzoKmXrSWvuSWkoZ4sXw592vUobww/qcacFS0/H8g9r5Bh31Ge77RHclNFGa/4+1N//vr7/NWj8S5/+z1//LAj+I3ftaPHV8JAZ+/Mn6QL5j4Eic7N5Qq2oiL5FP2m+IJcZjYCQJ7IiB8SSwcUMeOPCu+kA+0641vr/W+FReohAAAACAEy7uIIi7aeL8/7ZdXxloVi6f/4/U5v/j7c3/Y3sDxcaui7UeXRrCvR2zvakFVg1mgbgfYzD+PP49gyGcUtjBUSsx2Z+V6E0aDt/vy36h3ptW9b2+7McH8f75Tzz04I3VxC19ISwv7H2ptfFsJWujLw2c0ZsF+tPA9u4sEPf81ALf7cwCcMxqewXjCyo/1aVmeO5yDV5/b5drgqbDK+0DnSPfXL+5WiilHa75PtWa+T1tTfffctyU3h6HvdsW47tt2Lut+EUq/4byxmyoEjq3TG7ddOX07vhI8ZesJQv0PBd/pdpO+ji8Dve++d62Vkk7MJZ8fIzNXW7u12FHrO6mx5bf2bXyvEfvWbX8xYMf2f9S291oIP5Q+KFr/nXwR4XNu9AqIX/NLbrPkwmfJ4vxv4ERT1sIYcPLX7+hWbx0/H+ivfl/d3I749dxY+5aFsKHChv3kbj5/3hZ9jlYCGSfku8oB7JD7v811PCTEwAAAI632u6O2v6Cqfw2OyE8nSeX80/MM3/cXzE+Z/52+93/1xctbxYvzf83Np//L0m66fi/4/8sEMf/53Sy74pekj6w95h2RZeqY0E4/j+nk/3d5vj/nBz/d/x/Lo7/t+D4/5xO9qet9C1phy9dIYQX/+iBp5vFS/P/He3N/63/N/eifbX1/zY2Wv9vR6P1//Za/w8AAFhQDRaaS+d5pdX7ShnS1ftKGVouENhyiUHr/817/b8XTn/2N6GJ0vx/b3vz//hyGCi2vljW/xvZ0KCqm2Ngh4UBAQAAOBk12kEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAW+u+f/ifLc3iD//2nKefu3D8sn3rL3z5mnNOfTyEqZnHO7JwR//1t47//M6z79p339rb7jl67ocrebme/PZ363LHWl8fCuFA4ZHBmHhlqHpnNnD+p+/a011NPDIUwgeLgW37tp1STXxrKIQVxcCDF618VzWxLy1x/3Nnv1BNXJwGPrXq1NeqibPyQEfa3X9cmnW3I+3ujUtDWFYI1Lp72dL6qmpt/Gke6Ezb+KfBrI0YGIxFvzGYtRED07HE1JIQVneH0JVW9XAlq6orrepfKllVXWlVX66EcFYIoTut6rnerKrudOSP92ZVxcBpHzj46hnVxIHeEFYXA09+7vaPVhNfSAK1xv+iN4T3VV8yaePf7ska70kbv6UnhPeGEHrTEr/szkr0piWe7w7hHYVArfHPd4ewJ/C2ED986j7Rdu25etum6enJnQuY6M3b6gtbp6YnRzdvn95SSfrUSEch/ca1b37sz7z6pc3V2wvu3jDYTro7L9cz0+W1PXV3153svY/96i9WMvt8lOqP+XvDQFhy5a7JnaNf3LR798412d92s6/N/nbl0WxbrVks22pFsZLVuy/fsXrXnqtXTV2+6dLJSyevWPOxtWNnjq0b+/iZq6ujGsv+Nh5qb9tDvf3ED/X07kIlJ+IDQOLEJqqvy5OgGxKLOtFZ9+k2drJ/kJe+6M92tCdUZj6gS9OKYpaOmVEej0GvT4Irjv+gR+L3lJYjWlOaOJSyrG2dZV1pMjGbpS/LMvO9rjQ5LNbUObNJ4/3OMDra1Wg7DNffLW7en6Wbdx6eyjdju2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9jBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1mH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//5DAgkw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x28042, 0x194)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
syz_mount_image$cramfs(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0xa4d004, &(0x7f0000000140)=ANY=[@ANYRES8=r0], 0xfa, 0x161, &(0x7f0000000580)="$eJzs0T9rGnEcx/H37+7nqVSxpRak0Cp0qK0UtNJupXilUqH2oKVLJ6G9/oFKS4XWoRAlZMsgZHXInzUE8gg0OoQEXZInkcUtkNFwd0YT8hS+r+n4fP/c97jXL8ZZxcKrX/Xff9xGw/2See9Uyx9Oer2Sl1vQ3L1SD/r7JfiOpq9h0gYvHsbh64+fbni2c1IC79m+EeQG9QQQ9Wp2UtPWUIgG89kHMDAX98yzO8FskZCf39VgJ4IsD0w34KGlsW/NR1ungAlKWbPknslKJZe+raDZze1sH74bHVSePH7prj4tdx7FUmZuCTaxVWR/+O344orxqPrWqTreFzwv5gsGz478ha0O+k3sL3xSoL19Bv4+i9R9/RGWFaz575rsqTgwWD9z6uHFgf/MDKh093MtFdqqJW8amFntVaazjv+X/gx+hQhCCCGEEEIIIYQQQgghhBBCCCHENecBAAD//zP0Tfw=")
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
r2 = fspick(r1, &(0x7f00000000c0)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
mount_setattr(0xffffffffffffff9c, 0x0, 0x8800, &(0x7f00000000c0)={0x8, 0x100072, 0x80000}, 0x20)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x100000})
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/4\x00')
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r3, 0x4004f506, &(0x7f0000000180))
ioctl$BTRFS_IOC_DEFRAG(r0, 0x50009402, 0x0)

11.176812602s ago: executing program 0 (id=2730):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
accept$alg(r0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0x3, 0x300)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz1\x00', {0x1b10, 0x0, 0x1, 0x2}, 0x2f, [0x2, 0x1, 0x704d, 0x1, 0x5, 0x1, 0x2, 0x7db, 0x4, 0xfffffc01, 0xfffffffb, 0x8, 0x1, 0x100, 0xfe, 0x48, 0x7, 0x5, 0x2ca, 0x8, 0x76, 0x8, 0x0, 0x81, 0x40, 0x19b1, 0x8000, 0x7, 0x797, 0x4000000, 0x7, 0x3, 0xe, 0x7, 0x1, 0x1, 0x5, 0xf, 0x7, 0x10001, 0x9, 0x7f, 0x8, 0x6, 0xb, 0x4, 0x6, 0x40, 0x7f, 0x9, 0x1, 0x6, 0x3, 0x2284919, 0x4, 0x5643fa73, 0xfffeffff, 0x6, 0x800, 0x2, 0x8a, 0x6, 0x1, 0x6], [0xfffffed2, 0x7fffffff, 0xffff, 0x8, 0xe62, 0x3, 0x0, 0x9, 0xc33, 0x3, 0x7, 0x800, 0x6c368000, 0x4, 0x1000007, 0x0, 0x10, 0x5, 0x8, 0x8001, 0x3, 0x7fff, 0x9, 0x0, 0x5, 0x4, 0x7, 0x8, 0x40, 0xc10, 0x80000001, 0x3, 0x3, 0x3, 0x7, 0x8, 0x8, 0x5, 0x4, 0x9, 0x5, 0x3, 0x2, 0x3, 0x0, 0x11e, 0xa4, 0x4, 0x5, 0xd69, 0x9, 0xf404, 0xf1, 0x3, 0x3, 0x1, 0x6, 0x6, 0x0, 0x6, 0x8, 0x6, 0x4, 0x1000068], [0x1, 0x1, 0x4, 0xfffffffc, 0x0, 0x7fff, 0x405, 0x9, 0x2, 0xffc, 0x7, 0x4, 0xc, 0x7, 0xa, 0xa, 0x6, 0x4, 0x5, 0x5, 0x2, 0x30000000, 0x644, 0x2, 0xfffffffd, 0x7, 0x5, 0x7f, 0x7ff, 0xd, 0x400, 0xf, 0x41, 0x81, 0xc99, 0x25a, 0x2, 0x0, 0x2, 0x5d9fffa, 0x3ff, 0xff, 0x1, 0x8, 0x10000, 0xe7, 0x200, 0x7af5, 0x0, 0xb, 0x0, 0xffff, 0x7, 0x6, 0x2, 0x81, 0x9, 0x2, 0x7, 0x100, 0x8, 0x0, 0x6, 0x10], [0xffffff80, 0xd5800000, 0x0, 0x4, 0x2, 0x62a, 0x3, 0x407, 0xb343, 0x4, 0x1, 0x8, 0x8000, 0x8, 0xffffff81, 0x80000000, 0x5, 0x3, 0x201, 0xfff, 0x3, 0xfffffffd, 0x3c63, 0x7, 0x6, 0xe6, 0xffffffff, 0x3, 0x2, 0x7, 0x1, 0x7, 0x7, 0x8, 0x1, 0xf, 0x9, 0x17ce, 0x0, 0x3, 0x6fe, 0xe, 0x7, 0x13a, 0x7, 0x0, 0xb757, 0x2, 0x11b, 0x996, 0x54, 0x8c1, 0x0, 0x5, 0x4, 0xf, 0x100, 0x10000400, 0x9, 0x5, 0x3, 0xfffffffb, 0xc, 0x2]}, 0x45c)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xc0}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000640)=<r3=>0x0)
socket$alg(0x26, 0x5, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)

11.166922961s ago: executing program 7 (id=2731):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
clock_gettime(0x2, &(0x7f0000000240))
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x20}}, 0x0)
r1 = socket(0x840000000002, 0x3, 0xff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IFLA_GENEVE_REMOTE={0x8, 0x2, @multicast1}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x41}, 0x20040040)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x700, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x74, 0x4, 0x0, 0x1, [{0x70, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x60, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_NAME={0xc, 0x1, 'physdev\x00'}, @NFTA_MATCH_INFO={0x46, 0x3, "7e6b92c43235dc7e977221f83c3f179e65022fc067b787cd67b6d9983b1bddafbdf6a37da5ed332cd2ee94b31d2ec330ce34cc676c0783a4bcc1e966554b0470581f"}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x20, 0x0, 0x0, {0xa}}}, 0xc8}, 0x1, 0x0, 0x0, 0x4008011}, 0x4000800)
sendmmsg$inet(r1, &(0x7f0000002b80)=[{{&(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000080)=[{&(0x7f00000000c0)="a905000006007464000100000000000000e5c046fd9e1633c6d63b6ac4f8ec1a0303295c0d12843ee4ee1ac5", 0x2c}], 0x1}}], 0x1, 0x24004044)

11.068392082s ago: executing program 5 (id=2732):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r3, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)

11.067903362s ago: executing program 6 (id=2733):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), r3)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, r4, 0x1, 0x8, 0x25dfdbfb, {{}, {}, {0x14, 0x19, {0xffff8000, 0x4}}}}, 0x30}}, 0x2c040090)

9.10390746s ago: executing program 5 (id=2734):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001340)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca6433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84222000000005335001db43a5c000000000000000024000000000000000000e75a812ded5297d531afbf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cbc30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a3830007462b5543f2c1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f401058690350000000000000000000000000025902e4a196fb169780000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a00000000000000000000000000000000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad39e42a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e80b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d575a83f33e75011ed8b48a2f52a03ec09c277b596d5eb491b6b380533be019894e7fc1a414ae38f1f448a7f6423bb12169d6f41665c5edfa3b47acd4d23b826d15361528d7c5a27e1120ca9537c8c8cccbb3ae86a91894372120488b82ecad3538899e53a36844aa515ebdbb1cd69a33b584f8e1c796827703f3894c93dd5a77607cb6c1191b89b303c1381f3e6016bf6c0e710750b43eb9a8fd0d7d71492ac43baec4994396f0fdfe7cecf248b88ba9406c7b8e5ec4882d52a0cd4b9b1c8327e811e6ba2572ff5a59dc8c5c90464aa3942b4a256e8a513155fae5b3ebcc47d2e1a8768c2da219f47595f83239688ef9f55937c9e3447fb532cabc44bd5b805356cf12b89514"], &(0x7f0000000140)='GPL\x00'}, 0x48)
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000040)='./file1\x00', 0x121c488, &(0x7f00000005c0)=ANY=[], 0x1, 0x2d9, &(0x7f0000000200)="$eJzs3T9vG2UcB/DfOc75gMEemBBST6IDU0U6gVgcoVZCZKLyUBggoq2EYguplSLxR7idWFkYGHgFSEgsvIsuvAMkViQ2ilTp0J3v4nNwEzvEQZDPZ+mvz/N8757n8sSxhzz58OXJwZ087j364pfIsiQ6wxjGkyQG0YnGw1gw/DoAgP+yJ0URvxcz6+SSiMg2Ny0AYINW+/nfnZc/Xsi0AIANunX7vXd29/ZuvJtFFjcnXx2Oyk/25b+z/t178XGM4268Fv14GlG9T6g/+Jf1zaIopt28NIirk+nhqExOPnhcX3/3t4gqvxP9GBzFqncbVf7tvRs7VTzvtfLTch7P1/cflvnr0Y8Xj8IL+euzfN7OxyiNV19pzf9a9OPnj+KTGMedahLz/Jc7ef5W8c0fn79fTq/MJ9PDUa8aN1dsXeTXBQAAAAAAAAAAAAAAAAAAAACA/7dreXP4Tn4lrk7Kpvr8na2naT2mHjKYp8r+WZU0Ta3zgUrTIr6bHSm4fZQaLOS78VK3fbAgAAAAAAAAAAAAAAAAAAAAXF4PI2J/PL57/8Gnnx3846I5DaAbEX/eOvuVh62WK3Hy4F59z/3xuFOXC2Mep+2W2GrGJBEnTqNcxDk9ltOK57Jjc26K738oF7jOBbNWyxvLF7h92rpu14/07OtqdtfBfrL8Xr1oWrJ6k3ybRszHpLHivdJndRULG/u0JadLu/prrz19oSqmzxxTJEu2aKt489dZf92SHP/2TKunuvTu23XRih/bGyvt58hm8b+/ViTVaR29Vsvr5/lSBAAAAAAAAAAAAAAAAAAAl978t3/L//202PnoxGin6G10agAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwYeZ//3+NYlqHVxicxv0H//ISAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAT+CgAA///ZVko8")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r3, 0xe0, &(0x7f00000005c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)={r4}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x0, 0x703, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

9.10313453s ago: executing program 0 (id=2744):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_mount_image$fuse(0x0, 0x0, 0x234e047, 0x0, 0x8, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, &(0x7f0000000000)=[{}], 0x4000)

8.946133431s ago: executing program 6 (id=2735):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
connect$tipc(r3, &(0x7f0000000040)=@id, 0x10)
sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x101d0)

6.472314834s ago: executing program 0 (id=2736):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0xfffffff2, 0x225c17d03, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

6.472093504s ago: executing program 7 (id=2737):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000000c0)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480e1211000000e3bd012a128748b429021627e305dd2b7a146efb4400", 0x2e}], 0x1}, 0x4048004)
r4 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r4, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)

6.471963444s ago: executing program 6 (id=2738):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x80001)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, 0x0, 0x0, 0x0)

6.364098684s ago: executing program 4 (id=2739):
recvmsg$unix(0xffffffffffffffff, 0x0, 0x11040)
syz_mount_image$ext4(&(0x7f0000000440)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x82cd, &(0x7f0000000280)={[{@usrquota}, {@auto_da_alloc}]}, 0x0, 0x4bd, &(0x7f0000000a00)="$eJzs3M9rXNUeAPDvvZkk/Z289/res7XaaBWLP5ImrVpQsAqKCwVBF3UlMUlLbdpIE6EtwUYpdSNowb0IbgT/AleuRF0JbnUvhSLdtLoauXPvTCfJzOR3Jk0+H7jNOTNn7jnfOffeOXPO3AawZfVl/yQRuyLit4joiYi0vsD2fMvK3bk1PfLXremRJMrlN/9MspfF7VvTI9WiSfF3Z54pZTtKryZxokG9k5cunx0eHx+7UOQHps69PzB56fJTZ84Nnx47PXZ+6PjxY0cHn31m6OlViTNr0+39H04c2Pfq29dfHzl5/d2fvk0idlSfr49jhZ7rqSWna+/JXI+uUmUbxe66dFJqY0NYku6IyLqrs3L+90TH1T2153ri5Y/b2jhgTZXL5fJQ86dnysAmlkS7WwC0R/WDPvv+W93WaeixIdx8Mf8ClMV9p9jyZ0r5PEh3/t1o9xrV3xcRJ2f+/jLbYsnzEJ1r1CoAYDP7Phv/PNlg/FeK+F9duT3F2lBvRPwrIv4dEf+JiL0R8d/Iy/4/Iu5rXE3fO03q75uTnz/+SW+sILwFZeO/54u1rdnjv9oqWG9Hkdtdib8zOXVmfOxI8Z4cjs7uLD/YcO9JxEz299fPmtVfP/7Ltqz+6liwaMeNUvfs14wOTw2vOPDCzY8i9pcaxZ9E6W4UsS8i9i+zjjOPf3Ng9iMdtdTC8bewCutM5a8iHsv7fybmxF+VtF6fHNgW42NHBqpHxXw//3LtjWb15/Gn0Tr+7SsPtIms/3c0Ov5fqMXfm9Sv107O20XXQnVc+/2Tpt9plnv8dyVvzar84vDU1IXBiK7ktfmP101wV/MXR+++p4cPzY7/lcoCblq5xkXR//dHRHYQPxARD0bEwaLtD0XEwxFxqEX8P770yHtN4z+Yx1893JZ0/K+CrP9HG17/mvX/EhLbij2c/eG7ZvXX+r/aYQ37/1g1U2lU5fq3wCmx2JYu710DAACAe0saEbsiSftr6TTt789/L783dqTjE5NTT5ya+OD8aH6PQG90ptWZrp66+dDB2nxBnh8q5oqvFPmjxbzxFx3bK/n+kYnx0TbHDlvdzogT0eD8z/zR0e7WAWtu3jpauac9DQHWnfs1Yeta/vnvygH3ugXO4nS92gGsP5/isHU1Ov+v1GeSyH8lD2w6Pv9h66qd/58vonDd7V5zb94E7j2tPv/9FAA2N+N/2JKWdV//RkrE1xGtyyQbpalLSny6kpeX1qGFkS7z5aUF+msxia62dMpQR8TsR9L1bEZpsf+rRVwqX2lZpnsR+4k4uavdVycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICV+ycAAP//0dHUZQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x20060400)
r3 = timerfd_create(0x0, 0x80800)
timerfd_gettime(r3, &(0x7f0000000000))

2.515373484s ago: executing program 0 (id=2740):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './file0'}, 0xb)
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000480)="d25a9850a9a91163f76c5357f3bbadf2656e10d77f85d1028e60ab4e45b931e71645d3d636e82cfdeaadb674e1693d4a7de63820fefc4f787e272b122ebbff6884", 0x41, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)

2.452291802s ago: executing program 6 (id=2741):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)

2.416839636s ago: executing program 4 (id=2742):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_io_uring_setup(0x4ed, &(0x7f0000000140)={0x0, 0xfec9, 0x0, 0xfffffffc, 0x274}, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, 0x0, 0x1)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, 0x0, 0x1)
socket$key(0xf, 0x3, 0x2)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@private1, @in=@local, 0x0, 0x0, 0x4e22, 0x0, 0x2, 0x0, 0x20, 0x11}, {0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x10, 0x9}, {}, 0x4, 0x0, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x24d2, 0x33}, 0x0, @in=@loopback, 0x3506, 0x0, 0x2, 0xb7, 0x2, 0x7}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)

2.295095023s ago: executing program 7 (id=2743):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x9)
syz_emit_ethernet(0x5a, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001ac0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00aa19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e468eea3fcfcf498278a315f5b87e1c26433a8acd715f5888b2007f00000000000000000100000000000000010015d60605000053350000000034a70c2ab40c7cf5691db43a5c00000000000000f030007ce2c6f800000000000000e75a89faff01218087560cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bef5d7d617da7a6520655a805608df4d431623c850af895abba14f6fbd7fb5e22431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf050000008600a62e96b7cb8e52cbdc2ba9d580609e31c30879d6fce424c2208af6c3784a1975fa657de38a3a32e4fd67ce446adb431d07db79241aca1dd9ba02453bbb5ee8babe1745e645f091231b986e952afdac972f342c6f184777d05d988d6edc71df0100000013a38300cabf2b554380ad215c789bef4cc574109b8df8d9a9db669557b3809d8c396d2c0361629d1822f722ec23812770d72cd00100000078a75dea785be550dbb420287e0789b8c7044f563a1f68d4efe895fdbc463f747c08f5010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b8a0ae6fb5425f1d581961471cdb51f8940290e99ccff4123fad5267fe4a75c11448741f064fc7ce7e62ee4df874e086287547d409baeec9f1538ee25a2a5ccf4a9b604e88e12ff25184d4e3c6f7f623559435b2c505fb711300000000040000000000000000000000000000e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7a49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd029406000000433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671a5767014b09ddbf69b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7b49991be06b950ccd48f4e49833f3c4a02bbd06c84680549f9eb16682ecb722e8ffaca907a3eaaebfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c52108d9c0d50000000000000001af42eb29d54a37be0fdfdcd74c2d859a566ee5c30677173a2592a4617ae08bec07422d52d2ba7271550a5c20e3a8d1c8c8fd3025ff00607b2249ae9a18391e01b21b36169790b8e96f7955754b6b01a75165d3573d1dec5cf1b08b6115b43203a5654cce2277eb4c02ef4817b4cb989ac178895810eff7b697f2dc9b308aa2460e3cb85cdc4833571a62bf310700000000000000cc7f923284230ada8c756096a66119d4b6b2f159585c3cf8e7bfdd619e294b1d21cd491b8cfd4a253856e485fe29c6ad177a9fb078ca905782b9ed3c30675b89a784bb8031cac0de95178a5acff029a0f0fe972df22b20afe95fba722056f94ab15f1cf605c33df627311f1b614684d5d40b88d2a810c489fc40e26af417fbd7754961841974230b98fe4c02cbc41eb1a61a4e9c19ab2362b2f0098b60cc1e4b25d5b3fe540a08e6153dd229c935846240ab79451fb359792b4c7103cd3307744477fa78dbb78512cf497dfef5d97245f4c3b34c6b89f072e381a35d1d7d3e0db5629985889ad49c5c9268d269d1e3c14c0ed4f390cd88353fd387fa"], &(0x7f0000000140)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x11, 0x0, &(0x7f0000000180)="5486bbac43bbf8e44dcdd0e6b689f0ca47", 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.172293721s ago: executing program 6 (id=2745):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
pipe2$9p(&(0x7f00000001c0), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pipe2$9p(&(0x7f0000000300), 0x80)
r0 = syz_io_uring_setup(0x462, &(0x7f0000000280)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_WRITE_FIXED={0x5, 0x43, 0x0, @fd, 0x11e, 0x5, 0x0, 0x5, 0x0, {0x3}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x42, 0x4, r3, 0x0, 0x0, 0x0, 0x80000, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1.328570005s ago: executing program 0 (id=2746):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r3, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)

1.307632561s ago: executing program 4 (id=2747):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
connect$tipc(r3, &(0x7f0000000040)=@id, 0x10)
sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x101d0)

832.083333ms ago: executing program 6 (id=2748):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0)

4.399501ms ago: executing program 0 (id=2749):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x2, 0x5, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@mcast2, 0x4e24, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffffffff8001, 0xfffffffffffffffe}, {0x0, 0x0, 0x200000000000, 0xb}, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3}}, 0xb8}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
sendmsg$inet(r3, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x3e8)

0s ago: executing program 7 (id=2750):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000005c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x298, 0x128, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x200, 0x230, 0x230, 0x200, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'bond_slave_1\x00', 'veth1_to_team\x00'}, 0x0, 0xe0, 0x128, 0x0, {0x1000000}, [@common=@unspec=@quota={{0x38}, {0x1, 0x0, 0x0, {0x3}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x2, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2f8)

kernel console output (not intermixed with test programs):

189.308217][ T6866] netlink: 'syz.4.764': attribute type 3 has an invalid length.
[  189.523372][ T6873] infiniband syz1: set active
[  189.538047][ T6873] infiniband syz1: set active
[  189.620630][ T6873] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.667741][ T6873] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.671116][ T6878] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  189.888983][ T6882] loop2: detected capacity change from 0 to 8
[  189.914849][ T6874] netlink: 'syz.4.766': attribute type 16 has an invalid length.
[  189.972277][ T6874] netlink: 'syz.4.766': attribute type 17 has an invalid length.
[  190.067112][ T6882] SQUASHFS error: lzo decompression failed, data probably corrupt
[  190.066711][ T6874] infiniband syz1: set active
[  190.092088][ T6874] infiniband syz1: set active
[  190.098585][ T6882] SQUASHFS error: Failed to read block 0x91: -5
[  190.111704][ T6882] SQUASHFS error: Unable to read metadata cache entry [8f]
[  190.112157][ T6874] infiniband syz1: set active
[  190.129937][ T6882] SQUASHFS error: Unable to read inode 0x11f
[  190.196430][ T6874] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  190.267668][ T6879] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  190.329399][ T6880] sch_tbf: burst 6281 is lower than device lo mtu (65550) !
[  190.378367][ T6882] netlink: 'syz.2.768': attribute type 4 has an invalid length.
[  190.433853][ T6882] netlink: 'syz.2.768': attribute type 4 has an invalid length.
[  191.371011][ T4225] Bluetooth: hci1: command 0x0406 tx timeout
[  191.650289][ T5993] Bluetooth: hci2: command 0x0406 tx timeout
[  191.681994][ T6892] netlink: 104 bytes leftover after parsing attributes in process `syz.0.769'.
[  191.709686][ T5993] Bluetooth: hci4: command 0x0406 tx timeout
[  191.747569][ T5993] Bluetooth: hci3: command 0x0406 tx timeout
[  191.850725][ T6895] netlink: 24 bytes leftover after parsing attributes in process `syz.2.773'.
[  192.616247][ T6909] netlink: 24 bytes leftover after parsing attributes in process `syz.4.777'.
[  193.531746][ T6736] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  193.791486][ T6736] usb 2-1: Using ep0 maxpacket: 32
[  193.916348][ T6736] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.941607][ T6736] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  193.972854][ T6736] usb 2-1: New USB device found, idVendor=0458, idProduct=706e, bcdDevice=35.64
[  193.998329][ T6736] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.048010][ T6736] usb 2-1: config 0 descriptor??
[  194.384491][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  194.390903][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  194.454477][ T4225] usb 2-1: USB disconnect, device number 6
[  195.036833][ T6938] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  196.394892][ T6952] netlink: 'syz.5.794': attribute type 1 has an invalid length.
[  196.490078][ T6954] bond2: (slave gretap1): making interface the new active one
[  196.561135][ T6954] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  196.614554][ T6952] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  197.074396][ T6966] fuse: Bad value for 'fd'
[  199.859514][ T6986] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  202.301811][ T4230] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  202.838281][ T4230] usb 6-1: Using ep0 maxpacket: 32
[  202.962429][ T4230] usb 6-1: config 0 has no interfaces?
[  203.753225][ T4230] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  203.762892][ T4230] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  203.771110][ T4230] usb 6-1: Product: syz
[  203.775815][ T4230] usb 6-1: Manufacturer: syz
[  203.780446][ T4230] usb 6-1: SerialNumber: syz
[  203.788499][ T4230] usb 6-1: config 0 descriptor??
[  206.142296][ T6731] usb 6-1: USB disconnect, device number 3
[  209.265647][ T7057] netlink: 40 bytes leftover after parsing attributes in process `syz.4.825'.
[  209.275071][ T7057] (unnamed net_device) (uninitialized): peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  209.315514][ T7057] netlink: 40 bytes leftover after parsing attributes in process `syz.4.825'.
[  209.324731][ T7057] bond3: peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  209.563546][   T26] audit: type=1326 audit(2000000007.180:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  210.108783][   T26] audit: type=1326 audit(2000000007.200:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  210.887049][   T26] audit: type=1326 audit(2000000007.200:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  210.931118][   T26] audit: type=1326 audit(2000000007.200:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  212.221906][   T26] audit: type=1326 audit(2000000007.200:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  213.405875][   T26] audit: type=1326 audit(2000000007.200:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  213.542316][   T26] audit: type=1326 audit(2000000007.200:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  213.669434][   T26] audit: type=1326 audit(2000000007.200:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  213.909760][   T26] audit: type=1326 audit(2000000007.200:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  215.120961][ T7119] netlink: 12 bytes leftover after parsing attributes in process `syz.1.841'.
[  216.390840][   T26] audit: type=1326 audit(2000000007.200:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  217.425854][   T26] audit: type=1326 audit(2000000007.200:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  217.488137][ T7116] netlink: set zone limit has 8 unknown bytes
[  217.607909][ T7135] netlink: 104 bytes leftover after parsing attributes in process `syz.1.844'.
[  217.755656][   T26] audit: type=1326 audit(2000000007.200:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  217.816970][   T26] audit: type=1326 audit(2000000007.200:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  218.877446][   T26] audit: type=1326 audit(2000000007.200:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  218.928239][ T7147] input: syz1 as /devices/virtual/input/input9
[  219.225268][   T26] audit: type=1326 audit(2000000007.200:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  219.250739][   T26] audit: type=1326 audit(2000000007.200:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  219.280364][   T26] audit: type=1326 audit(2000000007.200:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  219.303275][   T26] audit: type=1326 audit(2000000007.200:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  219.325784][   T26] audit: type=1326 audit(2000000007.200:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.5.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  219.352253][ T7145] bridge0: port 3(syz_tun) entered blocking state
[  219.453805][ T7145] bridge0: port 3(syz_tun) entered disabled state
[  219.486424][ T7145] device syz_tun entered promiscuous mode
[  219.612505][ T7156] loop5: detected capacity change from 0 to 4096
[  219.621138][ T7160] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.637974][ T7160] batman_adv: batadv0: Removing interface: batadv_slave_0
[  219.897691][ T7156] ntfs3: loop5: ntfs_set_state r=3 failed, -22.
[  219.964280][ T3052] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22.
[  219.980073][ T5275] ntfs3: loop5: ntfs_set_state r=3 failed, -22.
[  219.997850][ T5275] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  220.008512][ T5275] ntfs3: loop5: ntfs_set_state r=3 failed, -22.
[  220.023301][  T144] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22.
[  220.974485][ T5275] ntfs3: loop5: ntfs_evict_inode r=3 failed, -22.
[  221.138889][ T7173] netlink: 4 bytes leftover after parsing attributes in process `syz.5.855'.
[  221.239785][ T7180] netlink: 104 bytes leftover after parsing attributes in process `syz.5.859'.
[  221.813257][ T7206] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  222.484189][ T7215] overlayfs: failed to clone upperpath
[  223.196805][ T7237] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  224.443229][ T7252] ODEBUG: Out of memory. ODEBUG disabled
[  224.499361][ T7253] loop1: detected capacity change from 0 to 512
[  224.629271][ T7253] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  224.706071][ T7253] ext4 filesystem being mounted at /170/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  225.001255][ T7266] loop5: detected capacity change from 0 to 2048
[  225.063323][ T7139] Alternate GPT is invalid, using primary GPT.
[  225.073170][ T7139]  loop5: p2 p3 p7
[  226.034911][ T7266] Alternate GPT is invalid, using primary GPT.
[  226.050222][ T7266]  loop5: p2 p3 p7
[  226.091447][ T7248] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.099012][ T7248] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.551056][ T7248] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  227.604512][ T7248] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.206314][ T7248] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  228.216179][ T7248] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  228.234361][ T7248] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  228.243820][ T7248] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  228.320003][ T7290] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  228.406682][ T3561] Alternate GPT is invalid, using primary GPT.
[  228.416950][ T3561]  loop5: p2 p3 p7
[  230.354785][ T7152] udevd[7152]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory
[  231.682299][ T7277] udevd[7277]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  231.985053][ T7335] loop1: detected capacity change from 0 to 2048
[  232.059486][ T7335] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  232.082443][ T7342] netlink: 830 bytes leftover after parsing attributes in process `syz.0.913'.
[  232.124919][ T7342] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.913'.
[  232.134771][ T7342] bridge_slave_1: default FDB implementation only supports local addresses
[  232.187549][ T7335] netlink: 182 bytes leftover after parsing attributes in process `syz.1.911'.
[  232.345414][ T7353] bond1: (slave erspan0): Releasing active interface
[  232.403564][ T7353] device bridge_slave_0 left promiscuous mode
[  232.421219][ T7353] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.450387][ T7353] device bridge_slave_1 left promiscuous mode
[  232.456850][ T7353] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.474570][ T7353] bond0: (slave bond_slave_0): Releasing backup interface
[  232.487978][ T7353] bond0: (slave bond_slave_1): Releasing backup interface
[  232.511798][ T7353] team0: Port device team_slave_0 removed
[  232.527672][ T7353] team0: Port device team_slave_1 removed
[  232.534420][ T7353] batman_adv: batadv0: Removing interface: batadv_slave_0
[  232.547792][ T7353] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.559095][ T7353] bond1: (slave veth3): Releasing active interface
[  232.593784][ T7353] bond2: (slave gretap1): Releasing active interface
[  232.646789][ T7357] team0: Mode changed to "broadcast"
[  232.675436][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.687534][ T7359] bond3: (slave batadv_slave_1): Enslaving as a backup interface with a down link
[  232.697354][ T7360] netlink: 4 bytes leftover after parsing attributes in process `syz.5.917'.
[  232.970727][ T7371] syz.1.921 (7371): attempted to duplicate a private mapping with mremap.  This is not supported.
[  233.167537][ T7371] loop1: detected capacity change from 0 to 256
[  233.275106][ T7375] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  234.140860][ T7371] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  235.048121][ T7389] loop5: detected capacity change from 0 to 32768
[  235.116884][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888060596400: rx timeout, send abort
[  235.625468][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888060596400: abort rx timeout. Force session deactivation
[  235.990272][ T7389] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.927 (7389)
[  236.005454][ T7402] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  236.071036][ T7407] netlink: 4 bytes leftover after parsing attributes in process `syz.4.933'.
[  236.104697][ T7407] rdma_rxe: ignoring netdev event = 10 for syz_tun
[  236.112138][ T7389] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  236.123882][ T7389] BTRFS info (device loop5): force clearing of disk cache
[  236.215184][ T7407] infiniband syz1: set down
[  236.288435][ T7389] BTRFS info (device loop5): metadata ratio 0
[  236.300595][ T7389] BTRFS info (device loop5): enabling ssd optimizations
[  236.308006][ T7389] BTRFS info (device loop5): using spread ssd allocation scheme
[  236.316324][ T7389] BTRFS info (device loop5): using free space tree
[  236.339906][ T7389] BTRFS info (device loop5): has skinny extents
[  236.349116][ T5021] smc: removing ib device syz1
[  236.371912][ T1324] infiniband syz1: ib_query_port failed (-19)
[  236.438257][ T7417] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  237.915379][ T7439] fuse: Bad value for 'fd'
[  238.945690][ T7329] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by udevd (7329)
[  238.958524][ T7389] BTRFS error (device loop5): open_ctree failed: -12
[  240.142029][ T7458] netlink: 8 bytes leftover after parsing attributes in process `syz.5.944'.
[  240.205984][ T7462] netlink: 8 bytes leftover after parsing attributes in process `syz.5.944'.
[  240.369683][ T7469] netlink: 12 bytes leftover after parsing attributes in process `syz.5.948'.
[  240.572576][ T7475] loop5: detected capacity change from 0 to 256
[  240.976487][ T7479] loop5: detected capacity change from 0 to 128
[  241.047119][ T7479] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  241.089075][ T7478] netlink: 52 bytes leftover after parsing attributes in process `syz.5.951'.
[  241.116750][ T7478] netlink: 8 bytes leftover after parsing attributes in process `syz.5.951'.
[  242.054306][ T7492] overlayfs: failed to clone upperpath
[  242.264217][ T7507] APIC base relocation is unsupported by KVM
[  242.488497][ T7519] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  242.502408][ T7519] netlink: 4 bytes leftover after parsing attributes in process `syz.5.964'.
[  244.866687][ T7561] sch_fq: defrate 53322 ignored.
[  245.168402][ T7580] netlink: 'syz.4.983': attribute type 8 has an invalid length.
[  246.161801][ T7584] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  246.195819][ T7596] netlink: 'syz.5.988': attribute type 1 has an invalid length.
[  246.253725][ T7596] 8021q: adding VLAN 0 to HW filter on device bond3
[  246.279335][ T7600] bond3: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms
[  246.411567][ T7596] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  247.651539][ T7609] loop1: detected capacity change from 0 to 512
[  247.818912][ T7609] EXT4-fs (loop1): Ignoring removed oldalloc option
[  247.820713][ T6731] Bluetooth: hci0: command 0x0406 tx timeout
[  247.839948][ T7609] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  247.889419][ T7609] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.990: inode has both inline data and extents flags
[  247.961279][ T7609] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.990: couldn't read orphan inode 15 (err -117)
[  247.978210][ T7609] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,oldalloc,noload,resgid=0x0000000000000000,dioread_nolock,,errors=continue. Quota mode: none.
[  247.999838][ T7449] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  248.064556][ T7609] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 7952 vs 220 free clusters
[  248.379988][ T7449] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  248.388661][ T7449] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  248.415116][ T7449] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  248.424962][ T7449] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  248.559848][ T7449] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  248.579861][ T7449] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  248.588011][ T7449] usb 6-1: Product: syz
[  248.609609][ T7449] usb 6-1: Manufacturer: syz
[  248.651867][ T7449] cdc_wdm 6-1:1.0: skipping garbage
[  248.657111][ T7449] cdc_wdm 6-1:1.0: skipping garbage
[  248.686484][ T7449] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  248.699778][ T7449] cdc_wdm 6-1:1.0: Unknown control protocol
[  248.859611][ T7449] usb 6-1: USB disconnect, device number 4
[  249.125543][ T6731] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  249.370396][ T6731] usb 2-1: Using ep0 maxpacket: 16
[  249.492183][ T6731] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.499706][ T7449] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  249.520980][ T6731] usb 2-1: config 0 interface 0 has no altsetting 0
[  249.555771][ T6731] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  249.581272][ T6731] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.625648][ T6731] usb 2-1: config 0 descriptor??

syzkaller[  249.920457][ T7449] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32

syzkaller login: [  249.939662][ T7449] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  249.959623][ T7449] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  249.978944][ T7449] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.149934][ T7449] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  250.172067][ T7449] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  250.180570][ T6731] hid-generic 0003:1E71:2009.0001: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  250.199725][ T7449] usb 6-1: Product: syz
[  250.206148][ T7659] mmap: syz.0.1004 (7659) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  250.219817][ T7449] usb 6-1: Manufacturer: syz
[  250.292104][ T7449] cdc_wdm 6-1:1.0: skipping garbage
[  250.297405][ T7449] cdc_wdm 6-1:1.0: skipping garbage
[  250.320617][ T7449] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  250.346101][ T7449] cdc_wdm 6-1:1.0: Unknown control protocol
[  250.520759][ T7663] overlayfs: failed to clone upperpath
[  250.645414][ T7449] usb 2-1: USB disconnect, device number 7
[  251.530447][ T7449] usb 6-1: USB disconnect, device number 5
[  251.944396][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802ac6e800: rx timeout, send abort
[  251.956752][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802ac6e800: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  252.898417][ T7711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'.
[  253.044764][ T7718] bond3: option mode: unable to set because the bond device has slaves
[  253.081890][ T7718] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  253.095196][ T7718] bond3: (slave macvlan2): Enslaving as a backup interface with an up link
[  253.429201][ T7732] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1033'.
[  253.489676][ T7734] bond2: option mode: unable to set because the bond device has slaves
[  254.574918][ T7741] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1036'.
[  254.726402][ T7741] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1036'.
[  255.822203][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.828572][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  255.874230][ T7762] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1042'.
[  255.900618][ T7762] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  255.910315][ T7762] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  255.919208][ T7762] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  255.928238][ T7762] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  255.949185][ T7762] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1042'.
[  256.002363][ T7762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1042'.
[  256.039137][ T7762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1042'.
[  256.137779][ T7774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1046'.
[  256.436281][ T7781] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  261.670342][ T7830] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  261.693374][ T7830] loop5: detected capacity change from 0 to 8
[  261.735582][ T7830] SQUASHFS error: zlib decompression failed, data probably corrupt
[  261.750535][ T7830] SQUASHFS error: Failed to read block 0x9b: -5
[  261.757307][ T7830] SQUASHFS error: Unable to read metadata cache entry [99]
[  261.772311][ T7830] SQUASHFS error: Unable to read inode 0x127
[  262.192915][ T7854] loop5: detected capacity change from 0 to 16
[  262.435151][ T7854] erofs: (device loop5): mounted with root inode @ nid 36.
[  266.401618][ T7918] overlayfs: failed to clone upperpath
[  266.586254][ T7928] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  266.604694][ T7928] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1093'.
[  269.239628][ T7449] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  269.480081][ T7449] usb 2-1: Using ep0 maxpacket: 32
[  269.630697][ T7449] usb 2-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  269.644411][ T7449] usb 2-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[  269.833584][ T7449] usb 2-1: New USB device found, idVendor=0763, idProduct=1041, bcdDevice=da.59
[  269.845323][ T7449] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.861236][ T7449] usb 2-1: Product: syz
[  269.865473][ T7449] usb 2-1: Manufacturer: syz
[  269.877683][ T7449] usb 2-1: SerialNumber: syz
[  270.485800][ T7449] usb 2-1: USB disconnect, device number 8
[  270.824843][ T7987] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  270.868920][ T7987] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  271.026970][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1116'.
[  271.123228][ T7449] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  271.500148][ T7449] usb 6-1: unable to get BOS descriptor or descriptor too short
[  271.714227][ T8011] 8021q: adding VLAN 0 to HW filter on device bond4
[  271.744179][ T7449] usb 6-1: unable to read config index 0 descriptor/start: -71
[  271.751991][ T7449] usb 6-1: can't read configurations, error -71
[  273.727683][ T8035] kexec: Could not allocate control_code_buffer
[  275.240307][ T8065] overlayfs: failed to clone upperpath
[  275.810917][ T8087] tipc: Failed to remove unknown binding: 66,0,0/0:2643488216/2643488218
[  275.819425][ T8087] tipc: Failed to remove unknown binding: 66,0,0/0:2643488216/2643488217
[  275.853171][ T6731] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  275.874862][ T8090] tipc: Failed to remove unknown binding: 66,0,0/0:2643488216/2643488218
[  275.901534][ T8090] tipc: Failed to remove unknown binding: 66,0,0/0:2643488216/2643488217
[  277.669811][ T6731] usb 6-1: config 0 has no interfaces?
[  277.724122][ T8103] overlayfs: failed to clone upperpath
[  277.750224][ T6731] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  277.772421][ T6731] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  277.809927][ T8105] No such timeout policy "syz1"
[  277.818253][ T6731] usb 6-1: SerialNumber: syz
[  277.884622][ T6731] usb 6-1: config 0 descriptor??
[  278.084483][ T8118] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1163'.
[  278.145609][    T7] usb 6-1: USB disconnect, device number 8
[  280.784864][ T8158] netlink: 'syz.0.1176': attribute type 21 has an invalid length.
[  280.867324][ T8158] netlink: 'syz.0.1176': attribute type 6 has an invalid length.
[  280.896384][ T8158] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1176'.
[  283.065069][ T8195] 8021q: adding VLAN 0 to HW filter on device bond1
[  283.096352][ T8195] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  283.115692][ T8195] bond1: (slave macvlan2): making interface the new active one
[  283.135610][ T8195] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[  283.158220][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  287.825436][ T8250] loop1: detected capacity change from 0 to 256
[  287.863329][ T8253] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1210'.
[  287.925884][ T8253] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1210'.
[  288.014927][ T8257] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  291.962939][ T7447] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  292.020711][ T8322] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  292.239811][ T7447] usb 2-1: Using ep0 maxpacket: 16
[  292.399952][ T7447] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  292.467426][ T7447] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  292.496135][ T7447] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  293.519875][ T7447] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  293.528976][ T7447] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  293.538831][ T8346] capability: warning: `syz.4.1243' uses 32-bit capabilities (legacy support in use)
[  293.549899][ T7447] usb 2-1: Manufacturer: syz
[  293.576505][ T7447] usb 2-1: config 0 descriptor??
[  294.511302][ T8374] udc-core: couldn't find an available UDC or it's busy
[  294.802501][ T8374] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  295.210130][ T8391] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1256'.
[  296.260070][ T6731] usb 2-1: USB disconnect, device number 9
[  296.670666][ T8425] netlink: 1319 bytes leftover after parsing attributes in process `syz.4.1267'.
[  296.834889][   T26] kauditd_printk_skb: 22 callbacks suppressed
[  296.834904][   T26] audit: type=1326 audit(2000000350.445:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8429 comm="syz.1.1270" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7c70302799 code=0x0
[  299.413857][ T8501] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  299.427886][ T8503] netlink: 'syz.2.1297': attribute type 4 has an invalid length.
[  299.478261][ T8505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1298'.
[  299.521951][ T8505] device syz_tun left promiscuous mode
[  299.528050][ T8505] bridge0: port 3(syz_tun) entered disabled state
[  299.729703][ T5993] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  301.061929][ T5993] usb 2-1: Using ep0 maxpacket: 32
[  301.165421][   T26] audit: type=1326 audit(2000000354.775:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8530 comm="syz.2.1307" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c1eff8799 code=0x0
[  301.200740][ T5993] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  301.209377][ T5993] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  301.239818][ T5993] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  301.248956][ T5993] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  301.268761][ T5993] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  301.286407][ T5993] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  301.300275][ T5993] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  301.309484][ T5993] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.328552][ T5993] usb 2-1: config 0 descriptor??
[  301.693777][ T5993] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  302.876366][ T5993] usb 2-1: USB disconnect, device number 10
[  302.932471][ T5993] usblp0: removed
[  302.967750][ T8562] netlink: 'syz.2.1318': attribute type 1 has an invalid length.
[  303.050216][ T8562] 8021q: adding VLAN 0 to HW filter on device bond2
[  303.203204][ T8560] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1320'.
[  303.292132][ T8566] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  303.321057][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  306.433351][ T8640] loop1: detected capacity change from 0 to 1024
[  306.570437][ T8640] hfsplus: invalid btree flag
[  306.576171][ T8640] hfsplus: failed to load extents file
[  306.633783][ T8640] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  307.869501][ T8653] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1346'.
[  309.267326][ T8683] tipc: Failed to remove unknown binding: 66,0,0/4:3010631250/3010631252
[  309.281190][ T8689] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1354'.
[  309.297211][ T8683] tipc: Failed to remove unknown binding: 66,0,0/4:3010631250/3010631251
[  309.319019][ T8691] tipc: Failed to remove unknown binding: 66,0,0/4:3010631250/3010631252
[  309.344415][ T8691] tipc: Failed to remove unknown binding: 66,0,0/4:3010631250/3010631251
[  309.844619][ T8716] sock: sock_set_timeout: `syz.4.1362' (pid 8716) tries to set negative timeout
[  311.156060][ T8733] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1368'.
[  312.799733][ T7447] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  313.053096][ T7447] usb 2-1: Using ep0 maxpacket: 32
[  313.169892][ T7447] usb 2-1: config 0 has an invalid interface number: 83 but max is 0
[  313.181567][ T7447] usb 2-1: config 0 has no interface number 0
[  313.196006][ T7447] usb 2-1: config 0 interface 83 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  313.390012][ T7447] usb 2-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=d8.11
[  313.414551][ T7447] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.457518][ T7447] usb 2-1: Product: syz
[  313.507627][ T7447] usb 2-1: Manufacturer: syz
[  313.539720][ T7447] usb 2-1: SerialNumber: syz
[  314.372681][ T7447] usb 2-1: config 0 descriptor??
[  314.487181][ T7447] redrat3 2-1:0.83: Couldn't find all endpoints
[  314.629465][ T8745] udc-core: couldn't find an available UDC or it's busy
[  314.652184][ T8745] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  314.695833][ T5993] usb 2-1: USB disconnect, device number 11
[  317.271739][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  317.278295][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  319.145927][ T8858] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1416'.
[  324.098168][ T8919] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  324.105983][ T8919] IPv6: NLM_F_CREATE should be set when creating new route
[  329.746573][   T26] audit: type=1326 audit(2000000383.355:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.0.1442" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efdaf608799 code=0x0
[  329.809717][   T26] audit: type=1326 audit(2000000383.395:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  329.861733][   T26] audit: type=1326 audit(2000000383.395:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  329.890977][   T26] audit: type=1326 audit(2000000383.395:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  329.937891][   T26] audit: type=1326 audit(2000000383.395:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  330.032131][   T26] audit: type=1326 audit(2000000383.395:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  330.074334][   T26] audit: type=1326 audit(2000000383.395:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  330.096920][   T26] audit: type=1326 audit(2000000383.395:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  330.147300][   T26] audit: type=1326 audit(2000000383.395:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  330.378697][   T26] audit: type=1326 audit(2000000383.395:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8952 comm="syz.4.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  331.195399][ T8977] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1452'.
[  333.600225][ T9005] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1457'.
[  338.023250][ T9040] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1470'.
[  338.095698][ T9040] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1470'.
[  338.159976][ T9040] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.167363][ T9040] bridge0: port 2(bridge_slave_1) entered listening state
[  338.174852][ T9040] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.181987][ T9040] bridge0: port 1(bridge_slave_0) entered listening state
[  338.262100][ T9040] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1470'.
[  338.387724][ T9040] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.395047][ T9040] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.490967][ T9044] device bridge_slave_1 left promiscuous mode
[  338.499391][ T9044] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.558636][ T9044] device bridge_slave_0 left promiscuous mode
[  338.589890][ T9044] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.685157][ T9072] netlink: 'syz.5.1479': attribute type 10 has an invalid length.
[  340.733816][ T9072] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1479'.
[  340.765706][ T9072] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  340.830581][ T9074] debugfs: Directory 'netdev:nicvf0' with parent 'phy13' already present!
[  340.849359][ T9075] bond0: (slave bond_slave_0): Releasing backup interface
[  340.913066][ T9075] bond0: (slave bond_slave_1): Releasing backup interface
[  340.973802][ T9075] team0: Port device team_slave_0 removed
[  341.022474][ T9075] team0: Port device team_slave_1 removed
[  341.055670][ T9075] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.094926][ T9075] bond3: (slave batadv_slave_1): Releasing backup interface
[  341.129277][ T9075] bond3: (slave batadv_slave_1): the permanent HWaddr of slave - aa:aa:aa:aa:aa:3f - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  341.220119][ T9075] bond1: (slave geneve2): Releasing active interface
[  342.119787][ T9075] bond3: (slave macvlan2): Releasing backup interface
[  344.323413][ T9130] device syzkaller0 entered promiscuous mode
[  344.417525][ T9138] fuse: Unknown parameter '4'
[  344.802844][ T9135] netlink: 'syz.4.1493': attribute type 3 has an invalid length.
[  344.825021][ T9138] sctp: [Deprecated]: syz.2.1495 (pid 9138) Use of int in max_burst socket option deprecated.
[  344.825021][ T9138] Use struct sctp_assoc_value instead
[  345.461605][ T9142] netlink: 'syz.4.1493': attribute type 10 has an invalid length.
[  345.572559][ T9142] 8021q: adding VLAN 0 to HW filter on device team0
[  345.597114][ T9142] bond0: (slave team0): Enslaving as an active interface with an up link
[  346.051890][ T9152] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  346.463511][ T9157] bond3 (unregistering): (slave ip6gretap1): Releasing backup interface
[  346.890607][ T9157] bond3 (unregistering): Released all slaves
[  349.514778][ T9198] overlayfs: failed to clone upperpath
[  351.145058][ T9208] loop1: detected capacity change from 0 to 512
[  353.551542][ T9212] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1515'.
[  354.078513][ T9208] EXT4-fs warning (device loop1): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop1.
[  354.266599][ T9213] bridge0: port 1(veth5) entered blocking state
[  354.278853][ T9213] bridge0: port 1(veth5) entered disabled state
[  354.325434][ T9213] device veth5 entered promiscuous mode
[  354.567213][ T9213] bridge0: port 1(veth5) entered blocking state
[  354.573620][ T9213] bridge0: port 1(veth5) entered forwarding state
[  355.810075][ T5042] bridge0: port 1(veth5) entered disabled state
[  355.949617][ T9241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1521'.
[  356.060215][ T9221] bridge0: port 2(veth7) entered blocking state
[  356.076777][ T9221] bridge0: port 2(veth7) entered disabled state
[  356.096506][ T9221] device veth7 entered promiscuous mode
[  356.792172][ T9221] bridge0: port 2(veth7) entered blocking state
[  356.798536][ T9221] bridge0: port 2(veth7) entered forwarding state
[  356.812672][ T9241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1521'.
[  356.836078][  T144] bridge0: port 2(veth7) entered disabled state
[  358.960937][ T9263] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  363.200753][ T9291] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1534'.
[  363.420066][ T9291] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1534'.
[  363.435147][ T9291] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1534'.
[  363.889728][ T9295] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1535'.
[  364.723034][ T9305] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  364.731364][ T9305] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  364.739965][ T9305] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  365.009190][ T5993] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  366.108136][ T9319] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1542'.
[  366.902270][ T5993] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  366.954805][ T5993] usb 2-1: config 0 has no interfaces?
[  366.989933][ T5993] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  367.005132][ T5993] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.019787][ T7449] Bluetooth: hci4: command 0x0409 tx timeout
[  367.037067][ T5993] usb 2-1: config 0 descriptor??
[  367.061746][ T9310] chnl_net:caif_netlink_parms(): no params data found
[  367.123187][ T9327] tipc: Started in network mode
[  367.128498][ T9327] tipc: Node identity 4, cluster identity 4711
[  367.148644][ T9327] tipc: Node number set to 4
[  367.253865][ T9334] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1548'.
[  367.304892][ T9310] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.318653][ T9310] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.329756][ T9310] device bridge_slave_0 entered promiscuous mode
[  367.338850][ T9310] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.346226][ T9310] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.354843][ T9310] device bridge_slave_1 entered promiscuous mode
[  367.362525][ T5993] usb 2-1: USB disconnect, device number 12
[  367.406702][ T9310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  367.445654][ T9310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  367.494837][ T9310] team0: Port device team_slave_0 added
[  367.507667][ T9310] team0: Port device team_slave_1 added
[  367.587204][ T9310] batman_adv: batadv0: Adding interface: batadv_slave_0
[  367.616302][ T9310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.659382][ T9310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.673047][ T9310] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.681250][ T9310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.709981][ T9310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.755692][ T9310] device hsr_slave_0 entered promiscuous mode
[  367.763695][ T9310] device hsr_slave_1 entered promiscuous mode
[  367.781461][ T9310] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  367.789272][ T9310] Cannot create hsr debugfs directory
[  368.080364][ T9348] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  368.985845][ T9310] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  369.094099][ T9310] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  369.142780][ T7449] Bluetooth: hci4: command 0x041b tx timeout
[  369.192731][ T9310] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  369.220863][ T9310] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  369.868255][ T9310] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.924693][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  369.933739][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  369.946191][ T9310] 8021q: adding VLAN 0 to HW filter on device team0
[  369.972944][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  370.070500][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  370.105001][ T5042] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.112395][ T5042] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.167234][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  370.246295][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  370.255537][ T5042] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.262862][ T5042] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.279282][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  370.289005][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  371.490672][ T7293] Bluetooth: hci4: command 0x040f tx timeout
[  371.687777][ T9310] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  371.713161][ T9372] netlink: 'syz.5.1558': attribute type 27 has an invalid length.
[  371.725953][ T9310] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  371.739982][ T9360] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1565'.
[  371.773801][ T9360] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  371.782917][ T9360] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  371.791804][ T9360] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  371.800630][ T9360] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  371.814650][ T9360] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1565'.
[  371.824804][ T9363] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1565'.
[  371.855778][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  371.907706][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  371.950800][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  371.960273][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  371.977255][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  371.987676][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  371.997273][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  372.006506][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  372.016716][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  372.040190][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  372.048737][ T5021] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  372.062461][ T9373] tipc: Cannot configure node identity twice
[  372.068553][ T9363] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1565'.
[  373.532815][ T7449] Bluetooth: hci4: command 0x0419 tx timeout
[  373.794800][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  373.805460][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  373.825093][ T9310] 8021q: adding VLAN 0 to HW filter on device batadv0
[  374.798287][ T9426] netlink: 'syz.4.1573': attribute type 27 has an invalid length.
[  375.886948][ T9414] loop1: detected capacity change from 0 to 40427
[  375.913050][ T6315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  375.926644][ T6315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  375.984855][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  376.004012][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  376.160464][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  376.208333][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  376.247524][ T9310] device veth0_vlan entered promiscuous mode
[  376.271763][ T9310] device veth1_vlan entered promiscuous mode
[  376.944192][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  376.965619][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  377.140837][ T9310] device veth0_macvtap entered promiscuous mode
[  377.210168][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  377.229810][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  377.296525][ T6312] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  378.180113][ T9310] device veth1_macvtap entered promiscuous mode
[  378.312942][ T6315] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  378.344733][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.365225][ T9476] netlink: 'syz.0.1585': attribute type 27 has an invalid length.
[  378.379828][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.418833][ T9310] batman_adv: batadv0: Interface activated: batadv_slave_0
[  378.448132][ T6315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  378.470387][ T6315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  378.497464][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.538358][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.621549][ T9310] batman_adv: batadv0: Interface activated: batadv_slave_1
[  378.709346][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  378.718126][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  379.021713][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  379.202948][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  379.713444][ T9310] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.744511][ T9310] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.762184][ T9310] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.777529][ T9310] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.938331][ T6315] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.957892][ T6315] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.000733][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  380.079317][ T9499] loop1: detected capacity change from 0 to 4096
[  380.098330][ T6315] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.120870][ T6315] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.131247][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  380.153828][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  380.153844][   T26] audit: type=1804 audit(2000000945.768:80): pid=9498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1592" name="bus" dev="ramfs" ino=48670 res=1 errno=0
[  380.880396][   T26] audit: type=1804 audit(2000000946.498:81): pid=9498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1592" name="bus" dev="ramfs" ino=48670 res=1 errno=0
[  380.968065][ T9499] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,noblock_validity,,errors=continue. Quota mode: writeback.
[  382.148838][ T9520] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1598'.
[  382.178248][ T9520] device veth7 left promiscuous mode
[  382.184382][ T9520] bridge0: port 2(veth7) entered disabled state
[  382.203873][ T9520] device veth5 left promiscuous mode
[  382.212101][ T9520] bridge0: port 1(veth5) entered disabled state
[  383.656959][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.674448][ T9527] netlink: 'syz.6.1601': attribute type 27 has an invalid length.
[  383.773473][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.840115][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.861979][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.892083][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.929870][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.944205][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.958831][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  383.982374][ T9541] netlink: 'syz.0.1605': attribute type 1 has an invalid length.
[  383.993661][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  384.008996][ T9541] netlink: 146340 bytes leftover after parsing attributes in process `syz.0.1605'.
[  384.023140][ T4186] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  385.459658][   T26] audit: type=1326 audit(2000000951.048:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f823b0b5799 code=0x7ffc0000
[  385.487158][ T9568] loop6: detected capacity change from 0 to 512
[  385.522005][   T26] audit: type=1326 audit(2000000951.048:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f823b0b5799 code=0x7ffc0000
[  385.580109][   T26] audit: type=1326 audit(2000000951.058:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f823b0b5799 code=0x7ffc0000
[  385.608689][ T9568] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  385.619666][   T26] audit: type=1326 audit(2000000951.058:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f823b0b5799 code=0x7ffc0000
[  386.229674][   T26] audit: type=1326 audit(2000000951.058:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f823b0b5799 code=0x7ffc0000
[  386.260694][ T9568] Quota error (device loop6): do_check_range: Getting dqdh_next_free 256 out of range 0-7
[  386.309939][ T9568] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  386.354782][   T26] audit: type=1326 audit(2000000951.058:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f823b0b5799 code=0x7ffc0000
[  386.380498][ T9568] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1617: Failed to acquire dquot type 1
[  386.413758][   T26] audit: type=1326 audit(2000000951.058:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f823b0b5502 code=0x7ffc0000
[  386.446677][   T26] audit: type=1326 audit(2000000951.058:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9567 comm="syz.6.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f823b075fce code=0x7ffc0000
[  386.500677][ T9568] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #16: comm syz.6.1617: corrupted inode contents
[  386.550093][ T9568] EXT4-fs error (device loop6): ext4_dirty_inode:6058: inode #16: comm syz.6.1617: mark_inode_dirty error
[  386.596585][ T9568] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #16: comm syz.6.1617: corrupted inode contents
[  386.676384][ T9588] overlayfs: failed to clone upperpath
[  386.694510][ T9568] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #16: comm syz.6.1617: mark_inode_dirty error
[  386.728882][ T9588] overlayfs: failed to clone upperpath
[  386.730346][ T9568] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #16: comm syz.6.1617: corrupted inode contents
[  386.821955][ T9590] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  387.484794][ T9568] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  387.507925][ T9568] EXT4-fs error (device loop6): ext4_do_update_inode:5222: inode #16: comm syz.6.1617: corrupted inode contents
[  387.541052][ T9582] chnl_net:caif_netlink_parms(): no params data found
[  387.550078][ T9568] EXT4-fs error (device loop6): ext4_truncate:4279: inode #16: comm syz.6.1617: mark_inode_dirty error
[  387.570116][ T9568] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  387.586603][ T9596] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  387.594932][ T9596] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  387.603503][ T9596] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  387.617307][ T9568] EXT4-fs (loop6): 1 truncate cleaned up
[  387.625014][ T9568] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  387.639081][ T9568] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  387.663870][ T9568] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.1617: Failed to acquire dquot type 1
[  388.237295][ T9582] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.246079][ T9582] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.261617][ T9582] device bridge_slave_0 entered promiscuous mode
[  388.284366][ T9607] netlink: 'syz.6.1624': attribute type 6 has an invalid length.
[  388.898061][ T6736] Bluetooth: hci1: command 0x0409 tx timeout
[  388.923596][ T9582] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.957092][ T9582] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.872722][ T9582] device bridge_slave_1 entered promiscuous mode
[  390.934575][ T9582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  390.937178][ T9628] sctp: [Deprecated]: syz.0.1631 (pid 9628) Use of int in max_burst socket option.
[  390.937178][ T9628] Use struct sctp_assoc_value instead
[  390.958759][ T6736] Bluetooth: hci1: command 0x041b tx timeout
[  390.975607][ T9582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  391.064293][ T9582] team0: Port device team_slave_0 added
[  391.084887][ T9582] team0: Port device team_slave_1 added
[  391.126568][ T9582] batman_adv: batadv0: Adding interface: batadv_slave_0
[  391.139823][ T9582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.473237][ T9582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  392.485878][ T9582] batman_adv: batadv0: Adding interface: batadv_slave_1
[  392.493118][ T9582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.734785][ T9582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  392.880587][ T9582] device hsr_slave_0 entered promiscuous mode
[  392.907389][ T9582] device hsr_slave_1 entered promiscuous mode
[  392.925274][ T9582] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  392.948656][ T9582] Cannot create hsr debugfs directory
[  393.019645][ T6736] Bluetooth: hci1: command 0x040f tx timeout
[  395.729549][    T7] Bluetooth: hci1: command 0x0419 tx timeout
[  395.791804][ T9582] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  395.875301][ T9582] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  395.910762][ T9582] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  395.993812][ T9582] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  398.331071][ T9582] 8021q: adding VLAN 0 to HW filter on device bond0
[  398.441127][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  398.449431][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  398.476901][ T9582] 8021q: adding VLAN 0 to HW filter on device team0
[  398.515382][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  398.536959][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  398.558974][   T26] kauditd_printk_skb: 22 callbacks suppressed
[  398.558992][   T26] audit: type=1804 audit(2000000964.168:110): pid=9688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1649" name="bus" dev="ramfs" ino=48995 res=1 errno=0
[  398.573674][ T5042] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.593147][ T5042] bridge0: port 1(bridge_slave_0) entered forwarding state
[  398.619744][   T26] audit: type=1804 audit(2000000964.218:111): pid=9688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1649" name="bus" dev="ramfs" ino=48995 res=1 errno=0
[  398.681518][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  398.729379][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  398.753485][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  398.772453][ T5042] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.779654][ T5042] bridge0: port 2(bridge_slave_1) entered forwarding state
[  398.829036][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  398.875620][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  398.921890][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  398.959653][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  398.988957][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  399.016561][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  399.057276][ T9582] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  399.083211][ T9582] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  399.109417][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  399.120852][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  399.140115][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  399.159111][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  399.177811][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  399.238391][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  401.558750][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  401.566627][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  401.602388][ T9582] 8021q: adding VLAN 0 to HW filter on device batadv0
[  401.629654][ T5993] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  402.939799][ T5993] usb 7-1: unable to get BOS descriptor or descriptor too short
[  403.059755][ T5993] usb 7-1: unable to read config index 0 descriptor/start: -71
[  403.253260][ T5993] usb 7-1: can't read configurations, error -71
[  403.772035][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  403.843479][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  404.073970][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  404.111210][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  404.131546][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  404.155012][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  404.171516][ T9582] device veth0_vlan entered promiscuous mode
[  404.219389][ T9582] device veth1_vlan entered promiscuous mode
[  404.538782][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  404.571352][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  404.595729][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  404.631062][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  404.697398][ T9582] device veth0_macvtap entered promiscuous mode
[  404.792009][ T9582] device veth1_macvtap entered promiscuous mode
[  404.824279][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  404.869809][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  405.073670][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  405.192467][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.202791][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  405.231310][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.265827][ T9582] batman_adv: batadv0: Interface activated: batadv_slave_0
[  405.282791][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.308134][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.333771][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.345085][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.365115][ T9582] batman_adv: batadv0: Interface activated: batadv_slave_1
[  405.392711][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  405.417245][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  405.448263][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  405.496276][ T3052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  405.632792][ T9582] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.650229][ T9582] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.659394][ T9582] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.674587][ T9582] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.372859][ T9793] device batadv_slave_0 entered promiscuous mode
[  407.454609][   T26] audit: type=1804 audit(2000000973.068:112): pid=9798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1678" name="bus" dev="ramfs" ino=49140 res=1 errno=0
[  407.475672][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.504723][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.576595][   T26] audit: type=1804 audit(2000000973.098:113): pid=9798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1678" name="bus" dev="ramfs" ino=49140 res=1 errno=0
[  407.609583][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  407.645026][ T6312] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.658990][ T6312] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.685988][ T9809] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1682'.
[  407.767235][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  408.882847][ T9819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1685'.
[  411.195687][ T9846] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  411.277007][   T26] audit: type=1326 audit(2000000976.878:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.7.1694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  411.562984][   T26] audit: type=1326 audit(2000000976.918:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.7.1694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  412.035779][   T26] audit: type=1326 audit(2000000976.918:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.7.1694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  412.058508][   T26] audit: type=1326 audit(2000000976.928:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.7.1694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  412.082376][   T26] audit: type=1326 audit(2000000976.928:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.7.1694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  412.288806][ T9864] TCP: TCP_TX_DELAY enabled
[  412.301721][ T9860] VFS: Mount too revealing
[  412.412377][ T9864] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1699'.
[  413.510504][   T26] audit: type=1804 audit(2000000979.128:119): pid=9878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1704" name="bus" dev="ramfs" ino=50668 res=1 errno=0
[  413.668809][   T26] audit: type=1804 audit(2000000979.158:120): pid=9878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1704" name="bus" dev="ramfs" ino=50668 res=1 errno=0
[  414.155677][ T9897] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1711'.
[  414.187385][ T9899] overlayfs: failed to clone lowerpath
[  414.262156][ T9903] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1713'.
[  416.477494][ T9926] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1720'.
[  416.518252][ T9926] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  416.527159][ T9926] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  416.536225][ T9926] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  416.545119][ T9926] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  416.567781][ T9926] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1720'.
[  417.903982][   T26] audit: type=1800 audit(2000000983.518:121): pid=9934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1722" name="bus" dev="ramfs" ino=51524 res=0 errno=0
[  418.174921][   T26] audit: type=1326 audit(2000000983.788:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.240027][   T26] audit: type=1326 audit(2000000983.818:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.332903][   T26] audit: type=1326 audit(2000000983.818:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.407501][   T26] audit: type=1326 audit(2000000983.838:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.483780][ T9962] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1731'.
[  418.495129][ T9962] device bridge_slave_1 left promiscuous mode
[  418.503032][ T9962] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.513972][ T9962] device bridge_slave_0 left promiscuous mode
[  418.520794][ T9962] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.554217][   T26] audit: type=1326 audit(2000000983.848:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.585878][   T26] audit: type=1326 audit(2000000983.848:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.648331][   T26] audit: type=1326 audit(2000000983.848:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.795718][   T26] audit: type=1326 audit(2000000983.848:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.844495][   T26] audit: type=1326 audit(2000000983.848:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  418.871094][   T26] audit: type=1326 audit(2000000983.858:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  419.856596][   T26] audit: type=1326 audit(2000000983.858:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f409e279799 code=0x7ffc0000
[  420.899284][   T26] audit: type=1326 audit(2000000983.858:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f409e273517 code=0x7ffc0000
[  421.049657][   T26] audit: type=1326 audit(2000000983.868:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f409e21ab19 code=0x7ffc0000
[  421.092608][   T26] audit: type=1326 audit(2000000983.878:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.4.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f409e273517 code=0x7ffc0000
[  424.180299][ T9999] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  427.503886][T10036] xt_time: invalid argument - start or stop time greater than 23:59:59
[  427.959106][T10047] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1756'.
[  428.020558][T10047] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  428.057023][T10054] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  428.154928][T10056] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  428.278490][T10047] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  428.457260][   T26] kauditd_printk_skb: 43 callbacks suppressed
[  428.457297][   T26] audit: type=1326 audit(2000000994.068:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10053 comm="syz.5.1759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  428.966485][   T26] audit: type=1326 audit(2000000994.138:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10053 comm="syz.5.1759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  429.000817][   T26] audit: type=1326 audit(2000000994.148:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10053 comm="syz.5.1759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  429.091827][T10047] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  429.126541][   T26] audit: type=1326 audit(2000000994.158:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10053 comm="syz.5.1759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  429.156806][   T26] audit: type=1326 audit(2000000994.158:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10053 comm="syz.5.1759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  429.192521][   T26] audit: type=1326 audit(2000000994.198:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10053 comm="syz.5.1759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7ffc0000
[  430.598860][T10079] netlink: 'syz.0.1765': attribute type 10 has an invalid length.
[  430.641765][T10079] bond0: (slave wlan1): Releasing backup interface
[  430.925280][T10094] loop6: detected capacity change from 0 to 512
[  431.921667][T10102] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  432.728118][T10094] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  432.746529][T10094] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  433.810896][T10126] lo: Caught tx_queue_len zero misconfig
[  434.809552][ T1324] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  434.880371][T10148] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  435.231277][ T1324] usb 7-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  435.325662][ T1324] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  435.502828][T10151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1789'.
[  435.548045][ T1324] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  435.699892][T10151] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  435.732556][T10151] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (68719607821)
[  435.750019][ T1324] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.810363][ T1324] usb 7-1: config 0 descriptor??
[  435.852351][ T1324] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  435.912703][T10156] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1791'.
[  438.127691][ T7447] usb 7-1: USB disconnect, device number 4
[  439.593683][T10243] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  439.625047][T10243] device batadv_slave_0 entered promiscuous mode
[  439.775309][ T6736] af_packet: tpacket_rcv: packet too big, clamped from 80 to 4294967272. macoff=96
[  442.390554][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  442.396925][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  443.096149][T10269] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1813'.
[  443.956865][T10272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  444.008129][T10277] netlink: 798 bytes leftover after parsing attributes in process `syz.4.1817'.
[  444.162269][T10284] device bridge5 entered promiscuous mode
[  444.176284][T10284] bond5: (slave bridge5): making interface the new active one
[  444.185231][T10284] bond5: (slave bridge5): Enslaving as an active interface with an up link
[  444.289533][    T7] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  444.690229][    T7] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  444.726356][    T7] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  444.784284][    T7] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  444.844473][    T7] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  445.014902][    T7] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  445.827672][    T7] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  445.837347][    T7] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  445.845474][    T7] usb 8-1: Product: syz
[  445.849758][    T7] usb 8-1: Manufacturer: syz
[  445.890736][    T7] cdc_wdm 8-1:1.0: skipping garbage
[  445.909980][    T7] cdc_wdm 8-1:1.0: skipping garbage
[  445.929134][    T7] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  445.960867][    T7] cdc_wdm 8-1:1.0: Unknown control protocol
[  446.017209][   T26] audit: type=1804 audit(4147484659.627:185): pid=10317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1830" name="file0" dev="hugetlbfs" ino=52363 res=1 errno=0
[  446.052168][   T26] audit: type=1804 audit(4147484659.667:186): pid=10322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1830" name="file0" dev="hugetlbfs" ino=52363 res=1 errno=0
[  446.179893][    C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes
[  446.370823][ T5021] tipc: Left network mode
[  446.379873][    C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71
[  446.386584][    C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes
[  446.395670][ T7447] usb 8-1: USB disconnect, device number 2
[  446.419492][    C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71
[  446.426166][    C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes
[  446.432295][    C1] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  448.304448][T10336] syz.4.1835 (10336) used greatest stack depth: 18512 bytes left
[  448.640071][   T26] audit: type=1800 audit(4147484662.257:187): pid=10333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1836" name="bus" dev="ramfs" ino=52006 res=0 errno=0
[  449.062296][T10366] xt_hashlimit: size too large, truncated to 1048576
[  449.529785][T10366] xt_hashlimit: invalid rate
[  449.679857][T10382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  449.787364][T10389] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1846'.
[  450.130063][ T7293] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  450.430005][ T7293] usb 8-1: Using ep0 maxpacket: 32
[  450.591337][ T7293] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  450.863113][ T7293] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  451.182185][T10410] trusted_key: encrypted_key: key user:syz not found
[  452.019731][ T7293] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  452.310078][ T7293] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.338863][ T7293] usb 8-1: Product: syz
[  452.352863][ T7293] usb 8-1: Manufacturer: syz
[  452.357533][ T7293] usb 8-1: SerialNumber: syz
[  452.399244][ T7293] usb 8-1: config 0 descriptor??
[  452.438924][ T5021] bond2: (slave gretap2): Releasing backup interface
[  453.354767][ T7447] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  454.395651][    T7] usb 8-1: USB disconnect, device number 3
[  455.079585][ T7447] usb 7-1: device descriptor read/all, error -71
[  455.862520][ T5021] device hsr_slave_0 left promiscuous mode
[  455.954702][ T5021] device hsr_slave_1 left promiscuous mode
[  455.966493][T10462] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  455.999269][ T5021] device bridge_slave_1 left promiscuous mode
[  456.018671][ T5021] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.055064][ T5021] device bridge_slave_0 left promiscuous mode
[  457.089745][ T5021] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.252310][   T26] audit: type=1326 audit(4147484670.867:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.311853][ T5021] bond2 (unregistering): Released all slaves
[  457.332407][   T26] audit: type=1326 audit(4147484670.887:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.382564][ T5021] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  457.441319][ T5021] bond1 (unregistering): Released all slaves
[  457.459855][   T26] audit: type=1326 audit(4147484670.887:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.533075][   T26] audit: type=1326 audit(4147484670.887:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.609576][   T26] audit: type=1326 audit(4147484670.887:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.659583][   T26] audit: type=1326 audit(4147484670.887:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.733469][   T26] audit: type=1326 audit(4147484670.887:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.785713][   T26] audit: type=1326 audit(4147484670.887:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.849531][   T26] audit: type=1326 audit(4147484670.887:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  457.895730][   T26] audit: type=1326 audit(4147484670.887:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.7.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x7ffc0000
[  458.103762][ T5021] team0 (unregistering): Port device team_slave_1 removed
[  458.148324][ T5021] team0 (unregistering): Port device team_slave_0 removed
[  458.186910][ T5021] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  458.207821][ T5021] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  458.307918][ T5021] team0 (unregistering): Port device bridge0 removed
[  458.344258][ T5021] bond0 (unregistering): Released all slaves
[  458.428310][T10451] netlink: 'syz.4.1861': attribute type 4 has an invalid length.
[  459.723494][T10494] cgroup: fork rejected by pids controller in /syz4
[  459.784633][T10504] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1876'.
[  459.889347][T10648] loop6: detected capacity change from 0 to 512
[  460.035500][T10652] loop7: detected capacity change from 0 to 1764
[  460.043846][T10488] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  460.053336][T10488] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  460.062403][T10488] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  460.071604][T10488] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  460.405156][T10648] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  460.405530][T10648] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  465.698147][T10705] cgroup: fork rejected by pids controller in /syz0
[  466.494779][T10860] loop7: detected capacity change from 0 to 4096
[  466.740113][T10860] ntfs3: loop7: Different NTFS' sector size (4096) and media sector size (512)
[  466.892096][T10867] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  466.952287][T10868] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  466.995684][T10868] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  467.519599][   T26] kauditd_printk_skb: 60 callbacks suppressed
[  467.519617][   T26] audit: type=1800 audit(4147484681.117:258): pid=10860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1902" name="file1" dev="loop7" ino=33 res=0 errno=0
[  471.451199][T10938] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  471.534652][T10939] netlink: 14 bytes leftover after parsing attributes in process `syz.6.1924'.
[  471.564529][T10938] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  472.466830][T10939] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  472.588316][T10939] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  472.591094][T10947] loop6: detected capacity change from 0 to 8192
[  472.630374][ T6734] infiniband syz1: ib_query_port failed (-19)
[  472.651031][T10939] bond0 (unregistering): Released all slaves
[  472.663766][ T9694]  loop6: AHDI p1 p4
[  472.690796][ T9694] loop6: p4 size 16776960 extends beyond EOD, truncated
[  472.769708][T10938] bond0 speed is unknown, defaulting to 1000
[  472.871076][   T21] bond0 speed is unknown, defaulting to 1000
[  472.903631][T10938] siw: device registration error -19
[  472.911132][T10947]  loop6: AHDI p1 p4
[  472.931806][T10947] loop6: p4 size 16776960 extends beyond EOD, truncated
[  473.866910][T10986] loop7: detected capacity change from 0 to 256
[  474.900068][T10995] overlayfs: failed to clone upperpath
[  476.083729][T10319] udevd[10319]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  476.149082][ T9694] udevd[9694]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  476.275633][ T9694] udevd[9694]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  476.288818][T10319] udevd[10319]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  476.308903][T11016] loop6: detected capacity change from 0 to 2048
[  476.689723][T11029] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  477.237223][T11049] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1948'.
[  477.280617][T11048] loop6: detected capacity change from 0 to 512
[  477.288066][T11051] loop7: detected capacity change from 0 to 64
[  477.298966][T11040] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  477.464305][T11048] EXT4-fs (loop6): mounted filesystem without journal. Opts: nombcache,max_dir_size_kb=0x0000000000000a30,journal_dev=0x00000000460b8000,,errors=continue. Quota mode: writeback.
[  477.545501][T11049] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  477.592443][T11048] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  478.048995][T11049] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  478.095470][T11067] loop6: detected capacity change from 0 to 256
[  478.191201][T11049] bond0 (unregistering): Released all slaves
[  478.486336][ T1324] bond0 speed is unknown, defaulting to 1000
[  478.517234][T11040] siw: device registration error -19
[  480.893405][T11094] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1959'.
[  480.983077][T11094] HTB: quantum of class 4000A is big. Consider r2q change.
[  481.002654][T11094] HTB: quantum of class 4000A is big. Consider r2q change.
[  481.044058][T11095] device syzkaller0 entered promiscuous mode
[  487.415541][T11178] loop7: detected capacity change from 0 to 512
[  487.515137][T11178] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  487.560691][T11178] EXT4-fs (loop7): orphan cleanup on readonly fs
[  487.642533][T11178] Quota error (device loop7): v2_read_file_info: Block with free entry too big (4294967071 >= 6).
[  487.723355][T11178] EXT4-fs warning (device loop7): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  487.769152][T11178] EXT4-fs (loop7): Cannot turn on quotas: error -117
[  487.801295][T11178] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.1979: bg 0: block 15: invalid block bitmap
[  487.868701][T11178] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6192: Corrupt filesystem
[  487.976412][T11178] EXT4-fs (loop7): 1 truncate cleaned up
[  488.003383][T11178] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  488.676427][ T5993] Bluetooth: hci4: command 0x0406 tx timeout
[  491.618495][T11243] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  491.640293][T11247] netlink: 14 bytes leftover after parsing attributes in process `syz.7.1995'.
[  491.999130][T11247] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  492.303048][T11247] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  492.409345][ T5993] infiniband syz1: ib_query_port failed (-19)
[  492.475559][T11247] bond0 (unregistering): Released all slaves
[  492.580829][ T6736] bond0 speed is unknown, defaulting to 1000
[  492.590093][T11243] siw: device registration error -19
[  492.673451][T11251] loop7: detected capacity change from 0 to 8192
[  492.739363][ T9694]  loop7: AHDI p1 p4
[  492.745999][ T9694] loop7: p4 size 16776960 extends beyond EOD, truncated
[  492.769600][T11262] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  492.801475][T11251]  loop7: AHDI p1 p4
[  492.816842][T11251] loop7: p4 size 16776960 extends beyond EOD, truncated
[  493.217821][T11286] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000
[  494.598164][ T9694] udevd[9694]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[  494.615180][T10319] udevd[10319]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  494.843344][T10319] udevd[10319]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  494.861663][ T9694] udevd[9694]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[  495.220560][T11344] overlayfs: failed to clone upperpath
[  500.726733][T11417] xt_l2tp: missing protocol rule (udp|l2tpip)
[  501.838321][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  501.844731][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  505.557742][T11452] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2048'.
[  506.551146][T11472] loop6: detected capacity change from 0 to 16
[  506.565207][T11472] erofs: (device loop6): mounted with root inode @ nid 36.
[  506.577375][T11472] erofs: (device loop6): z_erofs_readahead: readahead error at page 2 @ nid 89
[  506.596374][ T4193] erofs: (device loop6): z_erofs_lz4_decompress: failed to decompress -5 in[4096, 0] out[4868]
[  506.632272][T11472] erofs: (device loop6): z_erofs_lz4_decompress: failed to decompress -5 in[4096, 0] out[4096]
[  506.656849][   T26] audit: type=1800 audit(4147484720.267:259): pid=11472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2052" name="file2" dev="loop6" ino=89 res=0 errno=0
[  506.881552][T11484] device geneve2 entered promiscuous mode
[  507.020211][T11489] device bridge6 entered promiscuous mode
[  507.075087][T11489] team0: Port device bridge6 added
[  507.163867][T11498] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2059'.
[  508.767889][ T4258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  508.815048][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.034857][T11546] netlink: 64 bytes leftover after parsing attributes in process `syz.7.2068'.
[  509.822834][ T4258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.844469][T11542] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  509.859733][T11550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.869094][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.887178][T11550] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2073'.
[  509.919345][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.987337][T11544] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2071'.
[  510.011962][T11544] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  510.021052][T11544] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  510.029845][T11544] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  510.038589][T11544] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  510.067683][T11553] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2072'.
[  510.456421][T11567] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  510.465380][T11567] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  510.779689][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  511.392816][ T1324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  511.409832][T11567] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  513.338598][ T7447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.529016][ T4187] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  513.539593][ T4187] CPU: 1 PID: 4187 Comm: kworker/u5:1 Not tainted syzkaller #0
[  513.547192][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  513.557377][ T4187] Workqueue: hci3 hci_rx_work
[  513.562127][ T4187] Call Trace:
[  513.565432][ T4187]  <TASK>
[  513.568554][ T4187]  dump_stack_lvl+0x188/0x250
[  513.573280][ T4187]  ? show_regs_print_info+0x20/0x20
[  513.578518][ T4187]  ? load_image+0x400/0x400
[  513.583071][ T4187]  sysfs_create_dir_ns+0x26a/0x290
[  513.588230][ T4187]  ? sysfs_warn_dup+0xa0/0xa0
[  513.592943][ T4187]  ? process_one_work+0x85f/0x1010
[  513.598189][ T4187]  ? do_raw_spin_unlock+0x11d/0x230
[  513.603521][ T4187]  kobject_add_internal+0x6e0/0xd90
[  513.608769][ T4187]  kobject_add+0x160/0x230
[  513.613233][ T4187]  ? kobject_init+0x1d0/0x1d0
[  513.617962][ T4187]  ? klist_children_get+0x50/0x50
[  513.623020][ T4187]  ? get_device_parent+0x121/0x3f0
[  513.628174][ T4187]  device_add+0x483/0xfb0
[  513.632556][ T4187]  hci_conn_add_sysfs+0xd1/0x1e0
[  513.637627][ T4187]  le_conn_complete_evt+0xc48/0x15c0
[  513.642978][ T4187]  ? cs_le_create_conn+0x5e0/0x5e0
[  513.648138][ T4187]  ? __mutex_trylock_common+0x155/0x260
[  513.653743][ T4187]  hci_le_meta_evt+0x285/0x3c90
[  513.658738][ T4187]  ? hci_event_packet+0x37b/0x1370
[  513.663891][ T4187]  ? __lock_acquire+0x7d10/0x7d10
[  513.668978][ T4187]  ? hci_remote_host_features_evt+0x280/0x280
[  513.675099][ T4187]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  513.680977][ T4187]  ? mark_lock+0x94/0x320
[  513.685353][ T4187]  ? mutex_unlock+0x10/0x10
[  513.689908][ T4187]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  513.695941][ T4187]  ? lock_chain_count+0x20/0x20
[  513.700929][ T4187]  ? __rwlock_init+0x140/0x140
[  513.705744][ T4187]  hci_event_packet+0xe48/0x1370
[  513.710727][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  513.716072][ T4187]  ? rcu_lock_release+0x20/0x20
[  513.720978][ T4187]  ? hci_send_to_monitor+0x9c/0x4a0
[  513.726234][ T4187]  hci_rx_work+0x255/0xa10
[  513.730706][ T4187]  process_one_work+0x85f/0x1010
[  513.735710][ T4187]  ? worker_detach_from_pool+0x240/0x240
[  513.741472][ T4187]  ? lockdep_hardirqs_off+0x70/0x100
[  513.746805][ T4187]  ? _raw_spin_lock_irq+0xb7/0xf0
[  513.751880][ T4187]  ? _raw_spin_lock_irqsave+0x100/0x100
[  513.757479][ T4187]  ? wq_worker_running+0x97/0x170
[  513.762549][ T4187]  worker_thread+0xaa6/0x1290
[  513.767312][ T4187]  kthread+0x436/0x520
[  513.771449][ T4187]  ? rcu_lock_release+0x20/0x20
[  513.776334][ T4187]  ? kthread_blkcg+0xd0/0xd0
[  513.780973][ T4187]  ret_from_fork+0x1f/0x30
[  513.785454][ T4187]  </TASK>
[  513.793045][ T4187] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  513.807209][ T4187] Bluetooth: hci3: failed to register connection device
[  514.976261][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  515.054497][   T21] net_ratelimit: 1 callbacks suppressed
[  515.054524][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  515.397651][T11656] device ip6gre1 entered promiscuous mode
[  516.467074][ T7447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  516.539751][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  517.746676][ T1324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  517.808027][T11684] trusted_key: encrypted_key: master key parameter 'šÙ|™{E' is invalid
[  518.076362][T11683] device bridge2 entered promiscuous mode
[  518.859781][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  519.503149][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  519.659530][ T1324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  519.695015][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  519.827318][T11717] gfs2: gfs2 mount does not exist
[  520.734603][T11724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.745759][T11722] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2123'.
[  520.838038][T11724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.851296][T11728] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2123'.
[  520.921451][T11724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.997045][T11727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  521.022419][T11727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  521.080899][T11727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  521.161503][T11727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  521.236871][T11727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  521.513182][T11727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  521.796662][ T7447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  522.695571][T11757] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2122'.
[  523.860952][T11778] device bridge4 entered promiscuous mode
[  526.015561][    T7] net_ratelimit: 29 callbacks suppressed
[  526.015582][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  526.151587][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  527.667311][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  528.814847][ T1324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  529.019839][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  529.106495][ T5993] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  529.409668][T11890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2154'.
[  529.561429][T11898] netlink: 64 bytes leftover after parsing attributes in process `syz.6.2155'.
[  530.292388][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  530.369600][ T4187] Bluetooth: unknown link type 130
[  531.190510][T11920] xt_hashlimit: max too large, truncated to 1048576
[  531.509693][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  532.781729][T11939] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  532.789458][T11939] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  533.478762][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.488741][ T5993] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.497146][ T5993] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  534.219743][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  534.314445][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  534.330344][ T4258] Bluetooth: hci2: command 0x0409 tx timeout
[  534.336576][T11939] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  534.435296][ T4258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  534.452216][ T1324] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  534.466569][ T1324] Bluetooth: hci2: Injecting HCI hardware error event
[  534.476906][ T4187] Bluetooth: hci2: hardware error 0x00
[  535.850158][T11962] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2169'.
[  537.307239][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  537.594834][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  537.660414][ T4424] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  537.674217][ T6734] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  537.689444][ T7447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  537.723710][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.452983][   T26] audit: type=1326 audit(4147484753.057:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12005 comm="syz.7.2182" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f865fc78799 code=0x0
[  539.520225][ T7447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.767410][ T1324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.785980][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  541.181431][T12033] sctp: [Deprecated]: syz.6.2188 (pid 12033) Use of struct sctp_assoc_value in delayed_ack socket option.
[  541.181431][T12033] Use struct sctp_sack_info instead
[  541.458115][T12026] gretap0: refused to change device tx_queue_len
[  541.496833][T12026] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  542.477503][T12062] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2197'.
[  542.855037][T12067] gfs2: gfs2 mount does not exist
[  543.819702][ T4258] net_ratelimit: 1 callbacks suppressed
[  543.819721][ T4258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  543.835044][ T1324] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  543.851531][ T5042] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  543.908165][ T6734] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  543.984220][ T5021] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.877494][T12081] device ip6gre1 entered promiscuous mode
[  544.963305][ T4258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  545.281460][T12103] IPVS: ovf: FWM 3 0x00000003 - no destination available
[  546.368059][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  547.106646][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  547.115466][ T5993] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  547.713043][T12127] tipc: Started in network mode
[  547.717948][T12127] tipc: Node identity 84e, cluster identity 4711
[  547.763080][T12127] tipc: Node number set to 2126
[  548.968301][   T21] net_ratelimit: 1 callbacks suppressed
[  548.968319][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.163745][ T4424] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  550.050737][ T5021] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  550.082575][ T4258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  550.230210][ T6736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  550.314023][T12167] device macvtap0 entered promiscuous mode
[  550.352161][T12167] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2226'.
[  550.371316][T12167] device veth0_macvtap left promiscuous mode
[  551.252569][T12167] device macvtap0 left promiscuous mode
[  551.273288][ T7447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  552.494949][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  552.822005][T12196] gfs2: gfs2 mount does not exist
[  553.680763][   T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  553.794118][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  553.806723][T12188] gretap0: refused to change device tx_queue_len
[  553.823454][T12188] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  554.713185][T12220] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2242'.
[  555.254087][T12226] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2245'.
[  555.383595][T12227] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2245'.
[  557.696045][T12271] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2256'.
[  559.827102][T12307] 9pnet: Insufficient options for proto=fd
[  563.641821][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  563.648188][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  564.199670][T12335] netlink: 'syz.5.2272': attribute type 1 has an invalid length.
[  564.332714][T12339] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  564.343804][T12339] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  564.353038][T12339] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[  564.362407][T12339] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[  564.373001][T12339] bond4: (slave geneve2): making interface the new active one
[  564.382094][T12339] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  564.391073][T12343] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2272'.
[  564.420015][T12343] 8021q: adding VLAN 0 to HW filter on device bond4
[  564.451685][T12344] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  564.607304][T12348] trusted_key: encrypted_key: key user:syz not found
[  569.873369][T12405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2293'.
[  572.141650][T12437] xt_policy: neither incoming nor outgoing policy selected
[  579.193429][T12540] overlayfs: failed to clone upperpath
[  580.223310][   T26] audit: type=1326 audit(2000000038.860:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.5.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dca6bf799 code=0x7fc00000
[  582.892639][T12583] trusted_key: encrypted_key: master key parameter 'šÙ|™{E' is invalid
[  583.262114][   T26] audit: type=1326 audit(2000000041.890:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12579 comm="syz.4.2339" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f409e279799 code=0x0
[  584.190385][T12601] netlink: 'syz.5.2346': attribute type 16 has an invalid length.
[  584.218645][T12601] netlink: 'syz.5.2346': attribute type 17 has an invalid length.
[  584.259593][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  584.269639][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  584.278764][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  584.290483][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  584.301383][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  584.311274][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  584.321246][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  584.331567][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready
[  584.344018][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready
[  584.378375][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready
[  584.407453][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  584.447683][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready
[  584.469015][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  584.487876][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  584.502992][T12601] 8021q: adding VLAN 0 to HW filter on device bond0
[  584.512972][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  584.522576][T12601] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready
[  584.532781][T12601] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  585.708464][T12621] netlink: 'syz.4.2354': attribute type 10 has an invalid length.
[  588.513276][T12668] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2367'.
[  588.722915][T12668] device hsr_slave_0 left promiscuous mode
[  596.763374][T12769] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2396'.
[  596.841306][T12772] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2396'.
[  596.960641][T12776] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2397'.
[  597.913104][T12790] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2403'.
[  598.036572][T12790] device team1 entered promiscuous mode
[  598.254232][T12790] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2403'.
[  598.614619][T12790] team2 (uninitialized): Failed to send options change via netlink (err -105)
[  599.240361][T12790] device team2 entered promiscuous mode
[  599.520304][T12809] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  599.520304][T12809] The task syz.5.2409 (12809) triggered the difference, watch for misbehavior.
[  599.887172][T12811] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2410'.
[  600.240888][T12811] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2410'.
[  600.298714][T12811] device veth11 entered promiscuous mode
[  601.474735][T12834] IPv6: NLM_F_CREATE should be specified when creating new route
[  603.488427][T12856] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2425'.
[  607.130771][T12888] wireguard: wg2: Could not create IPv4 socket
[  608.202382][T12896] fuse: Bad value for 'fd'
[  608.218371][T12897] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2436'.
[  608.278369][T12897] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2436'.
[  609.748496][T12923] Invalid option length (57448) for dns_resolver key
[  620.142788][T13013] overlayfs: failed to clone upperpath
[  620.229931][T13019] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2469'.
[  624.080653][T13066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2484'.
[  624.464816][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  624.471594][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  626.216640][T13108] VFS: Mount too revealing
[  626.349534][   T26] audit: type=1326 audit(2000000084.980:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  626.553315][   T26] audit: type=1326 audit(2000000084.980:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  626.591448][   T26] audit: type=1326 audit(2000000084.980:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  628.148283][   T26] audit: type=1326 audit(2000000084.980:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  629.698327][   T26] audit: type=1326 audit(2000000084.980:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  629.731740][   T26] audit: type=1326 audit(2000000084.980:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  629.826743][   T26] audit: type=1326 audit(2000000084.980:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  629.925719][   T26] audit: type=1326 audit(2000000084.980:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  630.003003][   T26] audit: type=1326 audit(2000000084.980:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  630.153097][   T26] audit: type=1326 audit(2000000085.020:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13115 comm="syz.0.2497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7efdaf608799 code=0x7ffc0000
[  633.088431][T13199] MPTCP: kernel_bind error, err=-98
[  633.170478][T13201] wlan0 speed is unknown, defaulting to 1000
[  633.240022][T13201] wlan0 speed is unknown, defaulting to 1000
[  633.265448][T13201] wlan0 speed is unknown, defaulting to 1000
[  633.339263][T13201] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  636.057380][T13201] wlan0 speed is unknown, defaulting to 1000
[  636.072468][T13201] wlan0 speed is unknown, defaulting to 1000
[  636.092903][T13201] wlan0 speed is unknown, defaulting to 1000
[  636.221754][T13201] wlan0 speed is unknown, defaulting to 1000
[  636.255253][T13201] wlan0 speed is unknown, defaulting to 1000
[  636.293008][T13201] wlan0 speed is unknown, defaulting to 1000
[  638.674288][T13261] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2537'.
[  638.742558][T13261] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2537'.
[  638.922507][T13264] netlink: 'syz.4.2537': attribute type 4 has an invalid length.
[  638.973027][T13264] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2537'.
[  639.196567][T13264] .`: renamed from bond0
[  639.234307][T13278] device gtp0 entered promiscuous mode
[  640.461069][T13293] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2545'.
[  641.270144][T13300] bridge3: port 1(veth3) entered blocking state
[  641.276727][T13300] bridge3: port 1(veth3) entered disabled state
[  641.491030][T13300] device veth3 entered promiscuous mode
[  642.298887][T13303] bridge3: port 2(veth5) entered blocking state
[  642.505273][T13303] bridge3: port 2(veth5) entered disabled state
[  642.569044][T13303] device veth5 entered promiscuous mode
[  645.194838][T13331] netlink: 'syz.4.2553': attribute type 9 has an invalid length.
[  646.941995][T13349] xt_CT: You must specify a L4 protocol and not use inversions on it
[  648.877632][T13390] 9pnet_virtio: no channels available for device syz
[  652.480145][T13444] overlayfs: failed to clone upperpath
[  653.653312][T13475] fuse: Bad value for 'fd'
[  653.671586][T13474] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  654.202155][T13479] Set syz1 is full, maxelem 6117 reached
[  654.342093][T13493] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  659.241102][T13569] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  659.303481][T13569] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2626'.
[  660.159270][T13594] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2633'.
[  660.370180][T13596] bond0: (slave ip_vti0): The slave device specified does not support setting the MAC address
[  660.528915][T13596] bond0: (slave ip_vti0): Error -95 calling set_mac_address
[  660.905532][T13599] bond0 (unregistering): Released all slaves
[  662.969547][T13619] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2640'.
[  663.513744][T13642] IPVS: length: 44 != 24
[  664.387835][T13649] netlink: 'syz.0.2649': attribute type 10 has an invalid length.
[  664.501648][T13649] netlink: 'syz.0.2649': attribute type 10 has an invalid length.
[  667.660543][T13691] ptrace attach of "./syz-executor exec"[9310] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  669.790920][T13714] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2670'.
[  671.934297][T13759] wlan0 speed is unknown, defaulting to 1000
[  673.829837][T13792] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2686'.
[  674.904441][T13805] netlink: 80 bytes leftover after parsing attributes in process `syz.7.2691'.
[  674.981403][    C1] Unknown status report in ack skb
[  674.987244][T13805] netlink: 'syz.7.2691': attribute type 12 has an invalid length.
[  675.876426][T13809] bond2: option mode: unable to set because the bond device has slaves
[  675.989571][T13809] bond2: (slave ip6gretap1): making interface the new active one
[  676.033990][T13809] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  687.500566][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  687.507167][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  694.303427][T13975] netlink: 14 bytes leftover after parsing attributes in process `syz.7.2737'.
[  700.860970][    C1] ------------[ cut here ]------------
[  700.866552][    C1] WARNING: CPU: 1 PID: 13961 at net/mac80211/tx.c:4859 __ieee80211_beacon_get+0x179f/0x2000
[  700.876875][    C1] Modules linked in:
[  700.880831][    C1] CPU: 1 PID: 13961 Comm: syz.5.2734 Not tainted syzkaller #0
[  700.888353][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  700.898573][    C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000
[  700.904979][    C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 0d 4b 2a f8 0f 0b e9 03 ef ff ff e8 01 4b 2a f8 <0f> 0b e9 76 f2 ff ff e8 a5 92 6d 00 89 d9 80 e1 07 80 c1 03 38 c1
[  700.924673][    C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246
[  700.930830][    C1] RAX: ffffffff894ed60f RBX: ffff88807eaaa268 RCX: ffff888052d70000
[  700.938854][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  700.947272][    C1] RBP: ffffc90000dd0b08 R08: ffff888052d70000 R09: 0000000000000003
[  700.955347][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bb14800
[  700.963548][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c
[  700.971609][    C1] FS:  00007f9dc88f86c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  700.980619][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  700.987483][    C1] CR2: 00002000001fb030 CR3: 0000000048673000 CR4: 00000000003506e0
[  700.995566][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  701.003620][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  701.011915][    C1] Call Trace:
[  701.015350][    C1]  <IRQ>
[  701.018258][    C1]  ? ieee80211_beacon_get_template+0x30/0x30
[  701.024335][    C1]  ? verify_lock_unused+0x140/0x140
[  701.029709][    C1]  ? ieee80211_get_buffered_bc+0x697/0x8b0
[  701.035598][    C1]  ? mark_lock+0x94/0x320
[  701.040022][    C1]  ieee80211_beacon_get_tim+0x48/0x840
[  701.045672][    C1]  mac80211_hwsim_beacon_tx+0xf4/0x920
[  701.051226][    C1]  __iterate_interfaces+0x243/0x500
[  701.056476][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  701.062816][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  701.069099][    C1]  ieee80211_iterate_active_interfaces_atomic+0xb3/0x140
[  701.076213][    C1]  mac80211_hwsim_beacon+0x9b/0x180
[  701.081495][    C1]  ? hw_scan_work+0xed0/0xed0
[  701.086212][    C1]  __hrtimer_run_queues+0x4f2/0xb70
[  701.091554][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  701.096723][    C1]  hrtimer_run_softirq+0x176/0x240
[  701.101923][    C1]  handle_softirqs+0x339/0x830
[  701.106747][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  701.111668][    C1]  ? do_softirq+0x210/0x210
[  701.116224][    C1]  __irq_exit_rcu+0x13b/0x230
[  701.120966][    C1]  ? irq_exit_rcu+0x20/0x20
[  701.125524][    C1]  irq_exit_rcu+0x5/0x20
[  701.129826][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  701.135509][    C1]  </IRQ>
[  701.138478][    C1]  <TASK>
[  701.141483][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  701.147512][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60
[  701.153672][    C1] Code: 84 00 00 00 00 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 90 c4 10 0c 48 89 de 5b e9 b7 41 44 00 00 00 cc cc 00 00 cc 48 8b 04 24 <65> 48 8b 0d a4 4e 89 7e 65 8b 15 a5 4e 89 7e 81 e2 00 01 ff 00 74
[  701.173361][    C1] RSP: 0018:ffffc9000317f688 EFLAGS: 00000246
[  701.179504][    C1] RAX: ffffffff87dfc087 RBX: 0000000000000000 RCX: ffff888052d70000
[  701.187506][    C1] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  701.195553][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff87dfc890
[  701.203612][    C1] R10: dffffc0000000000 R11: fffffbfff1b13c6e R12: ffff88801faaa140
[  701.211664][    C1] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[  701.219726][    C1]  ? skb_copy_datagram_iter+0x1f0/0x1f0
[  701.225365][    C1]  ? __skb_datagram_iter+0x127/0x740
[  701.230840][    C1]  ? __skb_try_recv_datagram+0x3d6/0x4d0
[  701.236521][    C1]  __skb_datagram_iter+0x127/0x740
[  701.241767][    C1]  ? skb_copy_datagram_iter+0x1f0/0x1f0
[  701.247357][    C1]  skb_copy_datagram_iter+0xad/0x1f0
[  701.252766][    C1]  __unix_dgram_recvmsg+0x6a9/0xd90
[  701.258021][    C1]  ? exc_page_fault+0x88/0x100
[  701.262910][    C1]  ? unix_unhash+0x10/0x10
[  701.267528][    C1]  ? mark_lock+0x94/0x320
[  701.271977][    C1]  ? unix_dgram_recvmsg+0xb2/0xd0
[  701.277170][    C1]  ? unix_dgram_sendmsg+0x18a0/0x18a0
[  701.282953][    C1]  ____sys_recvmsg+0x2cd/0x5e0
[  701.287980][    C1]  ? __sys_recvmsg_sock+0x40/0x40
[  701.293411][    C1]  ? import_iovec+0x6f/0xa0
[  701.298106][    C1]  ___sys_recvmsg+0x21a/0x5c0
[  701.303060][    C1]  ? __sys_recvmsg+0x280/0x280
[  701.307897][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  701.313045][    C1]  ? __might_fault+0xb3/0x110
[  701.317772][    C1]  do_recvmmsg+0x382/0x850
[  701.322301][    C1]  ? __sys_recvmmsg+0x290/0x290
[  701.327213][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  701.332362][    C1]  __x64_sys_recvmmsg+0x195/0x250
[  701.337437][    C1]  ? do_recvmmsg+0x850/0x850
[  701.342120][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  701.347377][    C1]  do_syscall_64+0x4c/0xa0
[  701.351862][    C1]  ? clear_bhb_loop+0x30/0x80
[  701.356608][    C1]  ? clear_bhb_loop+0x30/0x80
[  701.361360][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  701.367557][    C1] RIP: 0033:0x7f9dca6bf799
[  701.372045][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  701.391743][    C1] RSP: 002b:00007f9dc88f8028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  701.400250][    C1] RAX: ffffffffffffffda RBX: 00007f9dca939090 RCX: 00007f9dca6bf799
[  701.408267][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  701.416336][    C1] RBP: 00007f9dca755c99 R08: 0000000000000000 R09: 0000000000000000
[  701.424382][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  701.432448][    C1] R13: 00007f9dca939128 R14: 00007f9dca939090 R15: 00007ffe23c7cb98
[  701.440537][    C1]  </TASK>
[  701.443605][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  701.450916][    C1] CPU: 1 PID: 13961 Comm: syz.5.2734 Not tainted syzkaller #0
[  701.458422][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  701.468522][    C1] Call Trace:
[  701.472050][    C1]  <IRQ>
[  701.474932][    C1]  dump_stack_lvl+0x188/0x250
[  701.479771][    C1]  ? show_regs_print_info+0x20/0x20
[  701.485035][    C1]  ? load_image+0x400/0x400
[  701.489654][    C1]  panic+0x2e5/0x810
[  701.493616][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  701.498181][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  701.503955][    C1]  __warn+0x248/0x2b0
[  701.507981][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  701.513746][    C1]  report_bug+0x1b7/0x2e0
[  701.518118][    C1]  handle_bug+0x3a/0x70
[  701.522322][    C1]  exc_invalid_op+0x16/0x40
[  701.526944][    C1]  asm_exc_invalid_op+0x16/0x20
[  701.531847][    C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000
[  701.538220][    C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 0d 4b 2a f8 0f 0b e9 03 ef ff ff e8 01 4b 2a f8 <0f> 0b e9 76 f2 ff ff e8 a5 92 6d 00 89 d9 80 e1 07 80 c1 03 38 c1
[  701.557862][    C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246
[  701.563982][    C1] RAX: ffffffff894ed60f RBX: ffff88807eaaa268 RCX: ffff888052d70000
[  701.571992][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  701.580082][    C1] RBP: ffffc90000dd0b08 R08: ffff888052d70000 R09: 0000000000000003
[  701.588095][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bb14800
[  701.596195][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c
[  701.604245][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  701.610123][    C1]  ? ieee80211_beacon_get_template+0x30/0x30
[  701.616145][    C1]  ? verify_lock_unused+0x140/0x140
[  701.621387][    C1]  ? ieee80211_get_buffered_bc+0x697/0x8b0
[  701.627243][    C1]  ? mark_lock+0x94/0x320
[  701.631628][    C1]  ieee80211_beacon_get_tim+0x48/0x840
[  701.637133][    C1]  mac80211_hwsim_beacon_tx+0xf4/0x920
[  701.642730][    C1]  __iterate_interfaces+0x243/0x500
[  701.647972][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  701.654270][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  701.660561][    C1]  ieee80211_iterate_active_interfaces_atomic+0xb3/0x140
[  701.667623][    C1]  mac80211_hwsim_beacon+0x9b/0x180
[  701.672875][    C1]  ? hw_scan_work+0xed0/0xed0
[  701.677586][    C1]  __hrtimer_run_queues+0x4f2/0xb70
[  701.682844][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  701.688001][    C1]  hrtimer_run_softirq+0x176/0x240
[  701.693155][    C1]  handle_softirqs+0x339/0x830
[  701.697957][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  701.702849][    C1]  ? do_softirq+0x210/0x210
[  701.707394][    C1]  __irq_exit_rcu+0x13b/0x230
[  701.712115][    C1]  ? irq_exit_rcu+0x20/0x20
[  701.716664][    C1]  irq_exit_rcu+0x5/0x20
[  701.720936][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  701.726615][    C1]  </IRQ>
[  701.729656][    C1]  <TASK>
[  701.732617][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  701.738634][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60
[  701.744846][    C1] Code: 84 00 00 00 00 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 90 c4 10 0c 48 89 de 5b e9 b7 41 44 00 00 00 cc cc 00 00 cc 48 8b 04 24 <65> 48 8b 0d a4 4e 89 7e 65 8b 15 a5 4e 89 7e 81 e2 00 01 ff 00 74
[  701.764491][    C1] RSP: 0018:ffffc9000317f688 EFLAGS: 00000246
[  701.770630][    C1] RAX: ffffffff87dfc087 RBX: 0000000000000000 RCX: ffff888052d70000
[  701.778652][    C1] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  701.786663][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff87dfc890
[  701.794681][    C1] R10: dffffc0000000000 R11: fffffbfff1b13c6e R12: ffff88801faaa140
[  701.802718][    C1] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[  701.810730][    C1]  ? skb_copy_datagram_iter+0x1f0/0x1f0
[  701.816346][    C1]  ? __skb_datagram_iter+0x127/0x740
[  701.821683][    C1]  ? __skb_try_recv_datagram+0x3d6/0x4d0
[  701.827442][    C1]  __skb_datagram_iter+0x127/0x740
[  701.832589][    C1]  ? skb_copy_datagram_iter+0x1f0/0x1f0
[  701.838182][    C1]  skb_copy_datagram_iter+0xad/0x1f0
[  701.843502][    C1]  __unix_dgram_recvmsg+0x6a9/0xd90
[  701.848745][    C1]  ? exc_page_fault+0x88/0x100
[  701.853548][    C1]  ? unix_unhash+0x10/0x10
[  701.858010][    C1]  ? mark_lock+0x94/0x320
[  701.862380][    C1]  ? unix_dgram_recvmsg+0xb2/0xd0
[  701.867450][    C1]  ? unix_dgram_sendmsg+0x18a0/0x18a0
[  701.872956][    C1]  ____sys_recvmsg+0x2cd/0x5e0
[  701.877768][    C1]  ? __sys_recvmsg_sock+0x40/0x40
[  701.882839][    C1]  ? import_iovec+0x6f/0xa0
[  701.887384][    C1]  ___sys_recvmsg+0x21a/0x5c0
[  701.892107][    C1]  ? __sys_recvmsg+0x280/0x280
[  701.896924][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  701.901996][    C1]  ? __might_fault+0xb3/0x110
[  701.906718][    C1]  do_recvmmsg+0x382/0x850
[  701.911179][    C1]  ? __sys_recvmmsg+0x290/0x290
[  701.916080][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  701.921162][    C1]  __x64_sys_recvmmsg+0x195/0x250
[  701.926232][    C1]  ? do_recvmmsg+0x850/0x850
[  701.930859][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  701.936092][    C1]  do_syscall_64+0x4c/0xa0
[  701.940544][    C1]  ? clear_bhb_loop+0x30/0x80
[  701.945257][    C1]  ? clear_bhb_loop+0x30/0x80
[  701.949970][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  701.955896][    C1] RIP: 0033:0x7f9dca6bf799
[  701.960355][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  701.980003][    C1] RSP: 002b:00007f9dc88f8028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  701.988470][    C1] RAX: ffffffffffffffda RBX: 00007f9dca939090 RCX: 00007f9dca6bf799
[  701.996491][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  702.004497][    C1] RBP: 00007f9dca755c99 R08: 0000000000000000 R09: 0000000000000000
[  702.012508][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  702.020523][    C1] R13: 00007f9dca939128 R14: 00007f9dca939090 R15: 00007ffe23c7cb98
[  702.028662][    C1]  </TASK>
[  702.032033][    C1] Kernel Offset: disabled
[  702.037890][    C1] Rebooting in 86400 seconds..