last executing test programs: 27m20.75296124s ago: executing program 32 (id=102): open(&(0x7f0000000040)='./file1\x00', 0x64941, 0x20) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) read(r3, &(0x7f0000000340)=""/254, 0xfe) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000622c, 0x0) 27m15.384828101s ago: executing program 33 (id=116): socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r5 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002340)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xfff2, 0xa}, {0x2}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x2e, 0x2, [@TCA_FQ_PIE_TUPDATE={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000) r6 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) 26m25.522864512s ago: executing program 34 (id=235): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r0 = socket$inet6_dccp(0xa, 0x6, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) close_range(r0, r2, 0x0) 25m59.590061329s ago: executing program 35 (id=312): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window, @mss, @window, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x714, 0x0, 0xfffffffffffffd25) 25m39.403669497s ago: executing program 36 (id=412): r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050000000000000000000800000015000300", @ANYRES32=r3], 0x34}}, 0x0) 24m59.297524791s ago: executing program 9 (id=514): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4) setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) setsockopt$packet_int(r3, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) sendto$packet(r4, &(0x7f00000000c0)="3f03fe7f0300120006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) syz_emit_ethernet(0xfdef, &(0x7f0000001b80)=ANY=[], 0x0) 24m56.973267421s ago: executing program 9 (id=523): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1234}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0, r0}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x1c) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000480)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2, r2}, &(0x7f0000000600), &(0x7f0000000640)=r1}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000900)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x3, 0x7, &(0x7f0000000a80)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000bc0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0) 24m54.776618777s ago: executing program 9 (id=528): sched_setaffinity(0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = socket(0x10, 0x3, 0x0) unlink(0x0) sendmsg$nl_generic(r0, 0x0, 0x0) unshare(0x480) fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) read$msr(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0xffb) ppoll(&(0x7f0000000200)=[{r1, 0x4}], 0x1, 0x0, 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0xffffffff, 0x0, 0x0, 0xffffbffc, 'syz0\x00'}, 0x2, 0x2, 0x7, 0x0, 0x0, 0xff, 'syz1\x00', 0x0}) 24m52.463851085s ago: executing program 9 (id=537): mkdir(&(0x7f00000020c0)='./file0\x00', 0x40) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00') r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x2) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000000c0)={[{@dyn}]}) syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00') 24m51.123147978s ago: executing program 9 (id=543): munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000) munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000) munmap(&(0x7f000060f000/0x4000)=nil, 0x4000) madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12) munmap(&(0x7f0000694000/0x3000)=nil, 0x3000) mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) madvise(&(0x7f0000a30000/0x3000)=nil, 0x3000, 0x10) 24m49.612144044s ago: executing program 9 (id=549): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000180)='./file0\x00', 0x1200072e) ftruncate(r1, 0x2000009) sendfile(r0, r1, 0x0, 0x6) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x42, 0x100) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0) tee(r3, r4, 0x3, 0x0) 24m47.487968071s ago: executing program 37 (id=549): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000180)='./file0\x00', 0x1200072e) ftruncate(r1, 0x2000009) sendfile(r0, r1, 0x0, 0x6) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x42, 0x100) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0) tee(r3, r4, 0x3, 0x0) 23m37.55275197s ago: executing program 38 (id=685): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r1, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) r2 = socket$packet(0x11, 0x3, 0x300) r3 = dup(r0) r4 = fcntl$dupfd(r1, 0x406, r2) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0}) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000080)={0x0, r3}) r5 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) 21m36.254066739s ago: executing program 39 (id=927): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0) setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000001640)=0xc, 0x45) sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffdd9, 0x0}}], 0x40001b6, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, 0x0, 0x0) close(r2) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, 0x0, 0x0) 20m27.981449788s ago: executing program 3 (id=1076): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000440)={0x48, 0x2, r3}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r3, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, 0x51e}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000080)={0x18, r3}) 20m26.049910593s ago: executing program 3 (id=1079): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x4, 0x8, 0x10, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) close(0x3) socketpair(0x28, 0x80000, 0x8e, &(0x7f0000000000)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) 20m23.570151064s ago: executing program 3 (id=1085): openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x7) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000400)='./file1\x00', 0x200000, &(0x7f0000000740)={[{@jqfmt_vfsv1}, {@min_batch_time={'min_batch_time', 0x3d, 0xc0}}, {@delalloc}, {@orlov}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nouid32}, {@resgid}, {@nomblk_io_submit}, {@sysvgroups}]}, 0xdc, 0x573, &(0x7f0000001140)="$eJzs3d9rW1UcAPDvTdv91nUwhvoggz04mUvW1h8TBOej6HCg71to78pouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0ZRQYTKTW+6bE36a6nJls8HbnvOvTc995t7v6fn5CYkgIF1NPtRiHg5Ir5OIg62bBuOfOPRlf2WHl6fzJYklpc//SOJJF/X3D/Jf+/PKy9FxC9fRpworG23trA4U65U0rm8XqrPXinVFhZPXpotT6fT6eXxiYnTb02Mv/vO212L9fVzf333yd0PT391bOnbn+4fup3EmTiQb2uN4yncaK0cLf+bl0bizBM7jnWhsX6S9PoA2JahPM9HIusDDsZQnvXA8++LiFgGBlQi/2FANccBzbl9l+bBz4wHH6xMgNbGP7zy2kjsacyN9i0lj82MsvnuaBfaz9r4+fc7t7Ml1n8dYu8GdYAtuXEzIk4ND6/t/5K8/9u+U40Xj9f3ZBuD9v8HeuluNv55o934p7A6/ok245/9bXJ3OzbO/8L9LjTTUTb+e6/t+He16xodymsvNMZ8I8nFS5X0VES8GBHHY2R3Vl/vfs7ppXvLnba1jv+yJWu/ORbMj+P+8O7HHzNVrpefJuZWD25GvNJ2/Jusnv+kzfnPno9zm2zjSHrn1dZ6602yjePfWcs/RrzW9vw/uqOVlUrNytr7k6XG9VBqXhVr/XnryK+d2u91/Nn537d+/KNJ6/3a2tbb+GHPP2mnbdu9/nclnzXKu/J118r1+txYxK7k47Xrxx89tllv7p/Ff/xYRKzT/7W7/rPJ14XYxAAnIm4dvnVh+/HvrCz+qS2d/60X7n30+fed2t/c+X+zUTqer+nU//3dUt7sAT7t8wcAAAAAAAD9pBARByIpFFfLhUKxuPL+jsOxr1Cp1uonLlbnL09F47OyozFSaN7pPtjyfoix/P2wzfr4E/WJiDgUEd8M7W3Ui5PVylSvgwcAAAAAAAAAAAAAAAAAAIA+sb/D5/8zvw31+uiAHdf4YoPdvT4KoBc2/Mr/bnzTE9CXNsx/4Lkl/2FwyX8YXPIfBpf8h8El/2FwyX8YXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAuurc2bPZsrz08PpkVp+6ujA/U716ciqtzRRn5yeLk9W5K8XpanW6khYnq7Mb/b1KtXplbDzmr5Xqaa1eqi0snp+tzl+un780W55Oz6cj/0tUAAAAAAAAAAAAAAAAAAAA8GypLSzOlCuVdE6hY+H96IvD2MkAV2zr4cP9EoVCVws97pgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMV/AQAA//9yHDO8") chdir(&(0x7f0000000080)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) link(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) 20m19.305782534s ago: executing program 3 (id=1092): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8) timerfd_create(0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b8, 0x190, 0xc8, 0x8, 0x0, 0x5803, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@empty, @private1, [], [], 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x128, 0x190, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0x2000000}}, @common=@dst={{0x48}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x138, 0x158, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'dvmrp0\x00', 'batadv_slave_1\x00', 0x12, 0x3}}, @inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) syz_emit_ethernet(0x64, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb88a81a0081000e0008004512004e00670000ff"], 0x0) 20m15.152684598s ago: executing program 3 (id=1099): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001300)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xc, 0x42, 0x40, 0xc0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000080), 0x1003, r2}, 0x38) 20m13.70211482s ago: executing program 3 (id=1101): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_io_uring_setup(0x10c, &(0x7f0000000380)={0x0, 0x5885, 0x0, 0x0, 0x2}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r3, 0x0, 0x0}) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) 19m57.334500619s ago: executing program 40 (id=1101): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_io_uring_setup(0x10c, &(0x7f0000000380)={0x0, 0x5885, 0x0, 0x0, 0x2}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r3, 0x0, 0x0}) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) 19m2.709776751s ago: executing program 2 (id=1222): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r0, 0x58, &(0x7f00000001c0)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000780)={r9, 0x7f, 0x10}, 0xc) 19m1.069747917s ago: executing program 2 (id=1227): syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043106aaaaaaaaaa1036bbbb053ec125e97c32a752194552723cfb2a46abc695"], 0x9) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f0000000480)={0x2c, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0}) r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x80d00, 0x4) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000400)='./file0\x00', 0x806, &(0x7f0000002900)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d302c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c64656275672c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466383d312c0069ec5f00000100000000009a9fb632e5359eee49662c8c5a7e54478d9540760265e8d532a8343cab9d4b3cb104a1dd50f93b798a07a07524fea3f284d02cf995eca910d0d8789cbb473fc89ab3d380292587eb8a3f0d2dd56f"], 0xfe, 0x2aa, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGflE7hw4Xu4cy+48Q0EH8Cdgwwcubm3SWzTtGlNK53fb9PDOd93z3dyTtvVPfn8teHB/cejh0+//j1arSxqvejFsyw6UYsj3wYAcJM8Syn+TKX1Muu1TdUEAGzWwv//xikh2ye73t50WQDABn340cfv393f3/sgz1sRw+/G/SzKn+X43YfxKAbxIG5HO55HpJmy/e57+3tRzwuduDWcjPtF5vCzX+ehMc3vRjs6y/O7eWkhfzLuN+LliCyLeNQrCrkT7XjlRH4xvndnSX70m/FGq1pkMf9utOO3L+JxDOJ+FLnz+b/p5vk76fu/vvqkCC7ys8m4vz2Nm0tbV703AAAAAAAAAAAAAAAAAAAAAADcXLv5TCduDYuu6v6drefT8d1/jU/v16lNx8v8LKI5bRy7H2iS4sej+3Vu53mesjJ+fr9PPV6tR/3aFg4AAAAAAAAAAAAAAAAAAAD/I6MnXx7cGwweHP4njeol/9lr/Rd9Tm+h5/VYHby91lyxVYUXtR6P6f7y6XDWUyziIsWPG3nEqpobJ3peKuo5+8l/p5RSlkVcbpsa55nrjMbO6pjiA/75h503D+5lZ32GraON+2lxqBmHoyfH9jSydSpMax2/5oqYZnVizvWcnUv+Er31RzlZ1ZOtsYpG1YjTjl9rrfN8dX+DAAAAAAAAAAAAAAAAAACA0vyl3yWDT1em1jZWFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcsfn3/6/RmFTJy2NSSpNZTzMOR9e8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF4A/wQAAP//+YxnlA==") creat(&(0x7f0000000040)='./bus\x00', 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) listen(r1, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x24008094) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, 0x0) sendmsg$TIPC_NL_KEY_FLUSH(0xffffffffffffffff, 0x0, 0x24044000) 18m56.493413136s ago: executing program 2 (id=1234): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001900), 0x802, 0x0) write$UHID_CREATE2(r4, &(0x7f00000005c0)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "80"}}, 0x119) 18m54.981921892s ago: executing program 2 (id=1237): r0 = socket$alg(0x26, 0x5, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) get_mempolicy(0x0, 0x0, 0x400000000000002, &(0x7f00006b8000/0x4000)=nil, 0x3) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(ecb-aes-aesni)\x00'}, 0x58) bind$alg(0xffffffffffffffff, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) pread64(0xffffffffffffffff, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCGMASK(r3, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"}) 18m45.288546561s ago: executing program 2 (id=1251): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000040)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x800, 0x3a, '^-!]\\x}&', 0x3a, '-\'[\':.(:#', 0x3a, './file0'}, 0x38) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x2}) ioctl$VIDIOC_REQBUFS(r2, 0xc0585609, &(0x7f0000000400)={0x0, 0xa}) 18m42.705964737s ago: executing program 2 (id=1255): setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xf}}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0xc000000) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="142000001000010000000000000000000000000a44000000060a0b840000000000000000020000002400048020000180"], 0x6c}}, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x40000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = socket$alg(0x26, 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640), 0x8, 0x77, 0x8, 0x0, 0x0}}, 0x10) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 18m26.725098395s ago: executing program 41 (id=1255): setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xf}}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0xc000000) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="142000001000010000000000000000000000000a44000000060a0b840000000000000000020000002400048020000180"], 0x6c}}, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x40000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = socket$alg(0x26, 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640), 0x8, 0x77, 0x8, 0x0, 0x0}}, 0x10) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 17m56.723791237s ago: executing program 4 (id=1341): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r1, 0x243) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote, 0x12}, 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r6, 0x0) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1) 17m53.787665092s ago: executing program 4 (id=1346): socket$inet6_mptcp(0xa, 0x1, 0x106) socket$kcm(0x2, 0x200000000000001, 0x0) socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f0000000040)) socket$kcm(0x10, 0x2, 0x10) socket$packet(0x11, 0x3, 0x300) socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x1, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1, 0x7, 0x2261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 17m53.112569058s ago: executing program 4 (id=1348): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) shutdown(0xffffffffffffffff, 0x1) r4 = semget$private(0x0, 0x6, 0x0) semtimedop(r4, 0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8993, 0x0) semop(r4, &(0x7f00000002c0)=[{0x3, 0x4, 0x1000}], 0x1) 17m52.092295846s ago: executing program 4 (id=1350): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r4, r5, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r7, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103}) io_uring_enter(r3, 0x46f3, 0x0, 0x0, 0x0, 0x0) write(r6, &(0x7f0000000200)='~', 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) 17m50.194085568s ago: executing program 4 (id=1352): ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'tunl0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r0, &(0x7f000001a240)=""/102400, 0x19000, 0x7ffffffff000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mount(&(0x7f0000000140)=@nullb, 0x0, 0x0, 0x200013, 0x0) io_submit(0x0, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@dev={0xfe, 0x80, '\x00', 0xa}, @in=@rand_addr=0x64010101, 0x4e22, 0x0, 0x4e23, 0x9, 0x2, 0x0, 0xc0, 0x85}, {0x37, 0x8, 0x6, 0xbebd, 0x4, 0x2, 0x2}, {0x1, 0xffffffffffffffff, 0x5, 0x7}, 0x6, 0x6e6bb6, 0x0, 0x0, 0x1, 0x1}, {{@in=@private=0xa010100, 0x4d4, 0x33}, 0xa, @in=@remote, 0x3501, 0x1, 0x0, 0x2, 0x1000, 0x3, 0xb}}, 0xe8) socket$alg(0x26, 0x5, 0x0) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff4c) 17m48.701764481s ago: executing program 4 (id=1356): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_tos={0x0, 0xffffffffffffffff, 0x0, 0x300}}, 0x20) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0) r4 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r4, 0x84, 0x75, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000140)='bbr\x00', 0x4) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 17m33.271326977s ago: executing program 42 (id=1356): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_tos={0x0, 0xffffffffffffffff, 0x0, 0x300}}, 0x20) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0) r4 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r4, 0x84, 0x75, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000140)='bbr\x00', 0x4) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 17m24.791115749s ago: executing program 8 (id=1387): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) connect$l2tp6(r3, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x10) sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000811) syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x3810082, &(0x7f0000000380)=ANY=[@ANYBLOB='volume=00004000000000000062,gid=', @ANYRESDEC=0x0, @ANYBLOB=',uid=forget,rootdir=00000000000000001025,iocharset=cp950,gid=forget,volume=00000000000000000001,unhide,longad,\x00'], 0x1, 0xc32, &(0x7f0000001a40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=") 17m21.843402119s ago: executing program 8 (id=1391): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x7fffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x5) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x0, 0x0, &(0x7f0000000080)={0x1, 0x75d1, [0x89d, 0x29c, 0x124, 0x771]}) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, 'v\x00', "07f217bd74511f465bbbd5de01000000f91800", "0000f600", "8ce63ecbc640735f"}, 0x38) sendto$inet6(r1, &(0x7f0000000100)='S', 0x1, 0x8000, 0x0, 0x0) close(r1) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 17m20.893119227s ago: executing program 8 (id=1392): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48) close(r3) r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_FMT(r4, 0xc0d05604, 0x0) socket$xdp(0x2c, 0x3, 0x0) 17m19.090196595s ago: executing program 8 (id=1397): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r4, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r4, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000480)={0x48, 0x7, r5, 0x0, 0x10000, 0x0, 0x5, 0x3abc50, 0x2c8240}) 17m17.452323741s ago: executing program 8 (id=1399): syz_mount_image$bfs(&(0x7f0000000240), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000400)=ANY=[], 0x8, 0xb1, &(0x7f0000000400)="$eJzs1zFqwmAYBuC3oW3aJT1Ah94gd+hRSsd261Rx8ELunsIjCB7AwU1cIjExZHYwIM8DCby8/wff+P/r4/I9VdK85awZ+fuf/Xz9tv9VBs/hjhRJyiQvbai6vPvsuoe+3+zn35dvNPo40coAAMCVitRJXvubfhZF6rprtsOZj/YtcOjD02i4vOmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJM4BQAA//8fTCFM") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mknodat(r0, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.pending_reads\x00', 0x20040, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x26e1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0) syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='nodots,allow_utime=000000000034,usefree,check=strict,dots,\x00'/70], 0x1, 0x1e9, &(0x7f00000002c0)="$eJzs2k1rVFcYB/Bz05SkCXkppS3Jpoe2i3ZzabIsXSSUBEoHFM0IKkhuyESHGWfC3FnMiItZu/IjuBaX7gTJF8h3cOEuCNFVVl7R0bwRFyrJCPn9NvOHPwPn4cDhWdydf+7frm3k6UbWDkNJEoYWQi/sJWE6DIUPeuHP3/9+ee/y1Wv/L5ZKS5diXF5cmZuPMU7+8vT63Ue/brXHrzyefDIStqdv7OzOP9/+aXtm5/XKrWoeq3lsNNsxi2vNZjtbq1fiejWvpTFerFeyvBKrjbzSOtJv1Jubm92YNdYnxjZblTyPWaMba5VubDdju9WN2c2s2ohpmsaJscCXKD/cK4qwW3y7Goqi+O5BGN8KE8/CVEi+j8kPC8mPq8nPvWRmtyimBn1UToX7P98OPeqjIbzodcqdcv+33y//V1r6K74zffCvV51O+Zv9fq7fx6P9SBh738+f2I+GP37r92+7fy+UjvWzYf30xwcAOHfSuO/E/S5NP9b306H98Nj+Nhxmh89sDD5T3r1Ty+r1SksQBGE/DPpl4iwcXPqgTwIAAAAAAAAAAMCnOIvPCQc9IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HV7EwAA///n0Xgk") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) 17m16.653515999s ago: executing program 8 (id=1402): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000500), 0x4) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10) clock_adjtime(0x0, &(0x7f0000000700)={0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}) 17m1.334154864s ago: executing program 43 (id=1402): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000500), 0x4) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10) clock_adjtime(0x0, &(0x7f0000000700)={0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}) 13m50.505497415s ago: executing program 5 (id=1692): socket$inet(0x2, 0x4000000000000001, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, 0x0, 0x0) r5 = socket$inet(0xa, 0x801, 0x84) connect$inet(r5, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) 13m49.19836902s ago: executing program 5 (id=1693): r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x9}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0x0, 0x0}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x3, 0xfffffffffffffffd, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRESOCT, @ANYRES16, @ANYBLOB], 0x50) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, 0x0, 0x0) sendto$inet6(r2, &(0x7f0000000040)="aa", 0x1, 0x0, 0x0, 0x0) r3 = socket(0xa, 0x5, 0x0) listen(r3, 0x267) r4 = socket$netlink(0x10, 0x3, 0x4) writev(r4, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafc0d8c560a8447608004000000000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 13m44.847106812s ago: executing program 5 (id=1701): ioctl$RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000000040)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) accept4$packet(0xffffffffffffffff, 0x0, 0x0, 0x180800) bpf$MAP_CREATE(0x0, 0x0, 0x50) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, 0x0, 0x0) fcntl$dupfd(r1, 0x406, 0xffffffffffffffff) unshare(0xc040480) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) sendmsg(r1, 0x0, 0x44004) 13m41.680868834s ago: executing program 7 (id=1707): openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x18) r2 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x0, 0x0, 0xfffffffc}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) 13m39.627770874s ago: executing program 7 (id=1711): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) 13m35.203712516s ago: executing program 5 (id=1717): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil) shmat(r3, &(0x7f0000ffc000/0x2000)=nil, 0x4000) shmat(r3, &(0x7f0000ff9000/0x1000)=nil, 0x5000) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8001, &(0x7f0000000000)=0x6, 0x8, 0x0) 13m35.064493814s ago: executing program 7 (id=1718): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r0, 0x7d4165c9) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x4e24, 0x91, @remote, 0x1}}, 0x0, 0x0, 0x32, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x0, @private1={0xfc, 0x1, '\x00', 0xfe}, 0x2}}, 0x0, 0x0, 0x4, 0x0, "a1c1dd75a6843e10951cd4b347113e55eb499519becf7542c90bc21470e441225642855b5f2faed4a18d67efd5f2fdf98328de94410300"}, 0xd8) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e21, 0x1, @mcast2, 0x4}}, 0x0, 0x0, 0x11, 0x0, "2b20a9a47cddc63b223be606d7fa19f22a369ae751de81ca4d11e10450d766feb63b382d54ba4bb57a219cad5ddfc1e4fe760a1ce2ca64196953e92a07b3937730a33b6deca160d8c2fbff48eb964283"}, 0xd8) listen(r6, 0x0) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000540)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 13m32.681050745s ago: executing program 7 (id=1722): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) socket(0x11, 0xa, 0xfffffffd) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) r1 = syz_io_uring_setup(0x324e, &(0x7f0000000080)={0x0, 0x4, 0x13580, 0x2}, &(0x7f0000000100)=0x0, &(0x7f0000000200)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x8, 0x2007, @fd_index=0x4, 0x9, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r1, 0x57, 0xc2b1, 0x1, 0x0, 0x0) syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f00000009c0)={[{@fault_injection={'fault_injection', 0x3d, 0x4f0}}, {@extent_cache}, {@alloc_mode_def}, {@six_active_logs}, {@six_active_logs}, {@nodiscard}, {@jqfmt_vfsv1}, {@noacl}, {@checkpoint_diasble}, {@alloc_mode_def}, {@noextent_cache}, {@nouser_xattr}, {@inline_xattr_size={'inline_xattr_size', 0x3d, 0x7}}, {@fastboot}, {@memory_low}, {@inline_xattr_size={'inline_xattr_size', 0x3d, 0x9}}], [{@pcr={'pcr', 0x3d, 0x10}}, {@dont_appraise}, {@dont_appraise}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@obj_type={'obj_type', 0x3d, 't\x0f?^En\xfa\xe0e\xb1\x1c\xe1\f\x87\xb0U\xcd\ah9\x7f\'e\xd7\xc7$[\xc1\xea(\xcb\xc2\xdf\x92\x1f\xa7N\xf7h\x84s7\x014\x89\xea\xb6}\xa0\xb3.\xdd9\xd7\x9aT J!(?\xedI\vzE0\x92b\x8d\xac\xccIh\x91\x87|\x94\x0e\x80p\xc1\xe1tK\x02\x86\b\x05\x8b\x02\xeb\xfaT\xb6\xd7\x83\x01\xde\xdf\x0f`=O+\xa6\x92\xe6\x83BR\x18j\x13\xe9\xd2\xe2\xc5z\x0fj1'}}, {@hash}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") 13m32.563636791s ago: executing program 5 (id=1725): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) shmget(0x1, 0x400000, 0x8, &(0x7f0000bff000/0x400000)=nil) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x7, 0x6576, 0x3}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r4, 0x100000000) mremap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f00003eb000/0x1000)=nil) openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) 13m30.834212207s ago: executing program 5 (id=1727): socket(0x27, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50) syz_open_dev$usbfs(0x0, 0x206, 0x5c000) eventfd(0x5) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0xf0000000, {{0x2, 0x0, @multicast1}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) getsockopt$IP_SET_OP_VERSION(r1, 0x1, 0x53, &(0x7f00000002c0), 0x0) r3 = socket$unix(0x1, 0x2, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, 0x0, 0x4048000) connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r3, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) ppoll(&(0x7f0000000100)=[{0xffffffffffffffff, 0x181}], 0x1, 0x0, 0x0, 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/150, 0x96}], 0x1) 13m30.833757273s ago: executing program 7 (id=1728): socket(0x25, 0xb, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r0 = getpid() sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) r4 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) 13m29.252439832s ago: executing program 7 (id=1731): socket$netlink(0x10, 0x3, 0x6) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r2, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}, @TCA_STAB={0x4}]}, 0x34}}, 0x0) bpf$ITER_CREATE(0x21, 0x0, 0x0) 13m15.376547945s ago: executing program 44 (id=1727): socket(0x27, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50) syz_open_dev$usbfs(0x0, 0x206, 0x5c000) eventfd(0x5) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0xf0000000, {{0x2, 0x0, @multicast1}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) getsockopt$IP_SET_OP_VERSION(r1, 0x1, 0x53, &(0x7f00000002c0), 0x0) r3 = socket$unix(0x1, 0x2, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, 0x0, 0x4048000) connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r3, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) ppoll(&(0x7f0000000100)=[{0xffffffffffffffff, 0x181}], 0x1, 0x0, 0x0, 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/150, 0x96}], 0x1) 13m13.180504767s ago: executing program 45 (id=1731): socket$netlink(0x10, 0x3, 0x6) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r2, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}, @TCA_STAB={0x4}]}, 0x34}}, 0x0) bpf$ITER_CREATE(0x21, 0x0, 0x0) 13.66236235s ago: executing program 1 (id=2777): bind$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0202}}}, 0x14) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair(0x2b, 0x2, 0x4, &(0x7f0000000080)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r2, 0x89e9, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000140)={@local, @random="4489a2bc242d", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010101, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @broadcast=0xac14140a, @broadcast=0xac1414bb, {[@timestamp_addr={0x44, 0x2c, 0x0, 0x1, 0x0, [{@local}, {@loopback}, {@loopback}, {@dev}, {@dev}]}]}}}}}}}, 0x0) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0) r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, 0x0) ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f00000010c0)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000340)="00596ea94e000000000000000000", 0xe) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000180)={0x48}) socket$nl_netfilter(0x10, 0x3, 0xc) 12.823380154s ago: executing program 1 (id=2778): socket$packet(0x11, 0x3, 0x300) r0 = socket(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x18) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f00000002c0), r0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x44000) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc5120"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$kcm(0x29, 0x2, 0x0) r5 = socket$inet6(0xa, 0x803, 0x6) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000004280)=@filter={'filter\x00', 0x42, 0x4, 0x1348, 0xffffffff, 0x12b0, 0x98, 0x0, 0xffffffff, 0xffffffff, 0x12b0, 0x12b0, 0x12b0, 0xffffffff, 0x5, 0x0, {[{{@ip={@local, @loopback, 0x0, 0x0, 'veth0_to_hsr\x00', 'syzkaller0\x00'}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@ip={@remote, @broadcast, 0x0, 0x0, 'ip6gretap0\x00', 'team_slave_1\x00'}, 0x287, 0x10e8, 0x1110, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}, @common=@unspec=@limit={{0x48}, {0x0, 0x7}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xa8, 0x108, 0x0, {}, [@common=@unspec=@devgroup={{0x38}, {0x4}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x13a8) connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) socket$nl_route(0x10, 0x3, 0x0) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/uevent_helper', 0xc080, 0x71) ioctl$sock_kcm_SIOCKCMATTACH(r7, 0x89e0, 0x0) 10.662024036s ago: executing program 0 (id=2780): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) syz_mount_image$bfs(&(0x7f0000006700), &(0x7f0000006580)='./file0\x00', 0x0, &(0x7f0000002500)=ANY=[@ANYBLOB="9fcef773371e4e035a4ff190bea4efd68642046c23be8a9aae70a0043860f98931e9a9d2a4cb9b6cbfab8d88542eafc9851179a8bc28dad0fbfc05804b2b"], 0x1, 0x8a, &(0x7f0000000180)="$eJzszqENAkEUBNDhDKhrAEEH1wOlECQ4FISEimiFEugAgcUcYsGsxCy5vJf8n0zGzO11XaZPxksyVg7H026zLz9MUpdknmSRZNWX/FiXbvbp78/z9nut9wIAAL/rMtR5aDYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4A+9AwAA///rYCNS") open(&(0x7f00000000c0)='.\x00', 0x50080, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = socket(0x40000000015, 0x5, 0x0) sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x3, 0x0, 0x0, &(0x7f00000035c0)=""/241, 0xfffffffffffffc93}}, {{&(0x7f0000000540)=@un=@abs, 0x80, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x7ffff}], 0x15, &(0x7f00000037c0)=""/236, 0xec}}, {{0x0, 0x0, &(0x7f0000003bc0)=[{0x0, 0xe00000000000000}, {&(0x7f0000003a00)=""/190, 0xbe}, {&(0x7f0000003ac0)=""/131, 0x83}, {0x0}], 0x4, &(0x7f0000003c00)=""/65, 0x49}}, {{&(0x7f0000003c80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, 0x0, 0x0, &(0x7f0000003e00)=""/48, 0x30}}], 0x4, 0x40000121, 0x0) 10.340135749s ago: executing program 1 (id=2781): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800002, &(0x7f0000000180)={[{@force}, {@force}, {@uid}, {@gid={'gid', 0x3d, 0xee01}}, {@nobarrier}, {}, {@nls={'nls', 0x3d, 'macgreek'}}, {@nobarrier}]}, 0x3, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="220000ff", @ANYBLOB="010000000000000000005100000008000300", @ANYRES32=r4, @ANYBLOB="0a000600080211000000000005008a0004000000"], 0x30}}, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4) syz_emit_ethernet(0x32, &(0x7f0000000880)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') rename(&(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0) 9.350266891s ago: executing program 0 (id=2782): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000600)={[], [{@smackfshat={'smackfshat', 0x3d, '&'}}]}, 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x1}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x8) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0xffffffff, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x3}, {0xffff, 0xffff}, {0x5}}}, 0x24}}, 0x0) 9.012264462s ago: executing program 6 (id=2783): socket(0x1e, 0x1, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x20048000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]}) chdir(0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = socket$inet6(0xa, 0x80002, 0x0) r6 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x8001, 0x0) r7 = socket$inet_dccp(0x2, 0x6, 0x0) dup2(r6, r7) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r4, &(0x7f00000001c0), &(0x7f00000000c0)=@tcp6=r5}, 0x20) close_range(r3, 0xffffffffffffffff, 0x0) r8 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r8, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r8, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) 8.081325583s ago: executing program 1 (id=2784): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) accept(r1, 0x0, &(0x7f0000000440)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) creat(0x0, 0x81) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) 7.082640475s ago: executing program 6 (id=2785): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1, 0x232, &(0x7f00000006c0)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFBhhIZuCPZbCc573mUlDmlKtCb5d6gES9Qis3MTCqp/AvmrNhgtNMXrCxjJFRyOYwH5CZxaHICHbs5D8R9x6wSDKIIJklyvFP7FTL8lVmnfcZZnRMS2NgNJjFwcDAoHdEd6adAW83E9TM4sqq7MScnNSi4jNI7sw1Yz4wmXE/kyIjSN2Zv1eDHzDaMXTHMjAyyG3wV1v87Y9U5cZN9ZHTqyJqpnY33Vy6Po5hm/7fKyZS7ydmhP1/cEhQyyIv/8M8GaXvrAwMDDV1T0wcOxuV5/K3Xv777n1MbXGCGtNj8a5CNv4EN62aT85Obpb/56ZXt28pVlyQleYy8djUi38Tjq9lYJh84Ymtfs2ZQ/GKMZxSbpVzY+66xQtyLVM/X/fmBcPBqM8TGRjZGBiYGBhmhu3cg+yv8gZoZDAwMzAwqDCAFLEwpGXmpBp4MDAyMEM5hixQVTDVTAwcYAm95PyclHYGRnASAGtbzsACN8PwMQMrP0h5GkdOqtFjBla4jLFFAyxy26G0CpT2gNLLofRjBlS7YcmGBWxCP5Sn0cDAwMZQkfifv8iQjYGBoSKxpKTIECJWUlJkBBczEoDbzAS1dS4TqueOMzGMglEwCkbBKBgFo2AUjIJRMApGwUgGgAAAAP//9fay2w==") socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = landlock_create_ruleset(&(0x7f00000004c0)={0x0, 0x1}, 0x10, 0x0) landlock_add_rule$LANDLOCK_RULE_NET_PORT(r3, 0x2, &(0x7f0000000000)={0x1}, 0x0) mount(0x0, 0x0, &(0x7f0000000040)='ramfs\x00', 0x10000, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000300)) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0x4112, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r4, 0xffffffffffffffff, 0x0) fchmodat(0xffffffffffffff9c, 0x0, 0xfffffed3) r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0xc0880) ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000040)={0x80, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0}) 5.754724347s ago: executing program 6 (id=2786): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'hsr0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) bind$tipc(0xffffffffffffffff, 0x0, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000200)=0x8) sendmsg$tipc(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00') mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400)='proc\x00', 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18) dup3(r1, r2, 0x0) r3 = syz_open_procfs(0x0, 0x0) r4 = memfd_secret(0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) preadv(r3, &(0x7f0000000140), 0x0, 0x96, 0x0) 5.580456092s ago: executing program 6 (id=2787): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2) r2 = memfd_create(&(0x7f00000003c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r3, 0x0, 0x4804) fcntl$addseals(r2, 0x409, 0x7) r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r4, 0x104, 0x4, 0x0, &(0x7f0000000240)) ioctl$UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f00000009c0)=ANY=[@ANYBLOB="0020000002000000", @ANYRES32=r2]) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) syz_open_dev$sg(0x0, 0x0, 0x0) r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) setuid(0xee00) shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil) r6 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$sock_int(r6, 0x1, 0x2f, 0x0, &(0x7f0000000000)) setsockopt$bt_rfcomm_RFCOMM_LM(r5, 0x12, 0x3, 0x0, 0x0) syz_init_net_socket$bt_rfcomm(0x1f, 0xc896045fbe35e140, 0x3) 5.579983029s ago: executing program 0 (id=2788): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000c51000/0x2000)=nil) syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x8, 0x11, r4, 0x100000000) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYRESHEX=0x0], 0x3, 0xeea, &(0x7f0000001e40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0RAQg+ISogiIU4VByoulEopUiuBKlWop7anVr1VPaBeqFSlUlAvRUpcxXlvvfuSYdcTe/bf7yd9fvvmjef7xms5M5PZNwGYWI2Nr4cPLxchvPPJ24++/FTx28vL7mqvsW/jaxF7rRBCs6NfZNv7LC64eOGlY9dqi3Bw42vqh8fOt793PoRwNuwLn4ZW+HB17YsP3n1k/0evzd3y5ulnXtmh3W/L9wMAAMbRuT+v/f2+f/3pgaUvz+09Gmbby9PxeSv25+Nx/4F4oJyOlxuhu190RKeZbL2pGI1svalsveksz3RJvma2nWbJejM98k11LLvWfgIAAMAoSue1rVA0Vrr6jcbKypXz/ss+W5wpVp47uXbi1IAKBQAAACr775mNm26FEEKIUYq5Iaih1ng6DL4GIYQQQox2rC8O+goEAAAAMGny+cKucnZ7Z+pqb63VX/7zDzeu/f1QVccvUd2//zn5hzv/+6/6iwMAQHXjejSZ9isdR6d5DPJ5BKey79vq8X8j2870Fussm1dwVOYbLKsz/7kOq7L6t/o+DkpZ/fl8mMOqrP58ns5hVVb/bM11VFVW/1zNdVRVVv+umuuoqqz+3TXXUVVZ/fM111FVWf0LNddRVVn9N9RcR1Vl9e+puY6qyuofldtqy+pv1VxHVWX1L9VcR1Vl9d9Ycx1VldV/U811VFVW/8011zEod8Y2/Rz2ZuOd58/5Od2onOMBAADApPuf+f+EEEIIIYQQYgJjeghqEHXGmUFfgAAAAAAGLn0uIH3qfT1K41M9xqd7jDd7jM/0GJ/tMQ4AAACE8LvXT9z2VrH5Of/rnQ8vzRuV5l/a6jxG+XyEW81/vfOeXW/+UZm3DAAAgMlSfO/TS/c/+t4LS1+e23u04+z3UjzfTfOATsdrAx/HfrovYCHrF+kc+mh3nkbJevn1gRvKtvf4de4oAAAATLB0/t4KRWOl47y7FRqNlZXN8/Hl0CxOnFw7fiD20/NZ/rjYnL28/KGa6wYAAAD6t3m+f+3z//Qc3+UwU6w8d3LtxKkr/YX28maj87rA4ubyovO6QCtbfrBk+aHYT8/v/MHiro3lK8d+uPbUdu88AAAATIhTL55+5sm1teM/8sILL7xovxj0XyYAAGC7ff75280fH1r4/ZXP/2/Of5c+/78v9ltxbr+/xBXSfQLpcwBXfV7/ie48i2XrPd+9XitbbyrGbFb3XMd2Qsd8g+n7lsrytbq3M1OSbz7Lt5Dly+cpmM7WT/n2ZMvz+QnTeovZ8nwexuksR5HlvzsAAABAudUXnn1+9dSLpx88+eyTTx9/+vhzhw4e+e6RIwce+s5Dqxv39a923t0PAAAAjKLNm34HXQkAAAAAAAAAAAAAAAAAAABMrjoeJzbofQQAAIBJ958zIYSzQkxizPWz3pVHYA68VjG28Y8hqGGcIj0pddB1CCHEoGJqCGoQQgxtrK/nT5oHAAAA2FkXL7x0rLO9ytliW/O1t9a60lyKeVO78ODfli5HWu38w93XS3ZvazVMurp//+Ufrfzvv7q9+efSi77//jW6N3C0Wt57V3+53Jn/9uk+8+f7/3i1/Puz/PeG/vKvv5flf6Ja/vuy/Lv7zH/V/j9fLf/9Mf9y7O+/p9/83e//bGzTfuzqM/+3s/1/KvSbP9v/Vp8JMw/E/AAwiRqDLmCHpKOEdBw9H/tpf+PhZsjvftjq8X8j2870dVfevd10HHRr7KfjpYUsb7LV+uez7d1Qsc7cqNxVUlb/dr2PO62s/mbNdVRVVv9MzXVUVVb/bM11VFVW/1zNdVRVVn+/56GDVlb/qFxXLqt/vuY6qiqrf6HmOqoqq3+r/44PSln9e2quo6qy+hdrrqOqsvorXlarXVn9SzXXUVVZ/TfWXEdVZfXfVHMdVZXVf3PNdQzKHbEtOx9O55+LcSz1W1l/9ho/y3G9tgAAAACj5t/m/xNCCCGEEEIIMW4RhqCGIYv19QFfgGCgdvbTzAAMK3//J5v3f7J5/yeb95+vku7hL7J+MtVjfLrHeLPH+Ew2nv++zvYYvynb7nqUxm/uMf61HuN7eozf2mN8ucf4bT3Gb+8xfkePcQAAACbDLbF1fggAAADj6+VfffzGb+594sLSl+f2Hg0zV807fyD2Z+P/rb8e+/m890kz/p//T2L/F7H9Q2z/ma3v/hMAAADYeek5Mf7/HwAAAMZXek6p838AAAAYX0uxdf4PAAAA4+vG2Dr/BwAAgDFWzF17cWzTdYG7Y9vvvH4AwPD7emzvjO3e2N4V22/ENh0H3BPbb37FNtfPbHORAMC2+Pn3f3rkrWJzvv9D2fjFuDy1Vzl75UpB0eieyX9XbHfH9lt91pM/D6Df/MmePvPsVP7F68wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyPxsbXw4eXixDe+eTtR38288ZfLy+7q73Gvo2vRey1QgjN9vel0c3+r+OKFy+8dKyzvRTbIhwMRSjay8Nj59uZ5kMIZ8O+8GlohQ9X17744N1H9n/02twtb55+5pUd/BF07R8AAACMo/8HAAD//0g0HqY=") link(&(0x7f0000000280)='./file1\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 4.90195324s ago: executing program 0 (id=2789): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSETMODE(r1, 0x4b3a, 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000700000000000000000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) r4 = socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000440)=0x10) r6 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000040)=@assoc_value={r5, 0xd1}, 0x8) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) ioctl$TCXONC(r0, 0x4b3a, 0x3) 4.845534427s ago: executing program 6 (id=2790): r0 = io_uring_setup(0xe2e, &(0x7f0000000900)={0x0, 0x3450, 0x400, 0xffffffff, 0x800}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="180000000300000000000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x0) r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7000001, 0x12, r5, 0x0) r6 = userfaultfd(0x1) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r6, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}}) fsmount(r4, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 4.293421195s ago: executing program 0 (id=2791): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) socket(0x840000000002, 0x3, 0xff) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r2 = getpid() bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = epoll_create(0x207ffd) r6 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) connect$inet(r6, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000280)={0x70002012}) mlockall(0x7) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) 4.282521149s ago: executing program 6 (id=2792): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000c51000/0x2000)=nil) syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x8, 0x11, r2, 0x100000000) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYRESHEX=0x0], 0x3, 0xeea, &(0x7f0000001e40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0RAQg+ISogiIU4VByoulEopUiuBKlWop7anVr1VPaBeqFSlUlAvRUpcxXlvvfuSYdcTe/bf7yd9fvvmjef7xms5M5PZNwGYWI2Nr4cPLxchvPPJ24++/FTx28vL7mqvsW/jaxF7rRBCs6NfZNv7LC64eOGlY9dqi3Bw42vqh8fOt793PoRwNuwLn4ZW+HB17YsP3n1k/0evzd3y5ulnXtmh3W/L9wMAAMbRuT+v/f2+f/3pgaUvz+09Gmbby9PxeSv25+Nx/4F4oJyOlxuhu190RKeZbL2pGI1svalsveksz3RJvma2nWbJejM98k11LLvWfgIAAMAoSue1rVA0Vrr6jcbKypXz/ss+W5wpVp47uXbi1IAKBQAAACr775mNm26FEEKIUYq5Iaih1ng6DL4GIYQQQox2rC8O+goEAAAAMGny+cKucnZ7Z+pqb63VX/7zDzeu/f1QVccvUd2//zn5hzv/+6/6iwMAQHXjejSZ9isdR6d5DPJ5BKey79vq8X8j2870Fussm1dwVOYbLKsz/7kOq7L6t/o+DkpZ/fl8mMOqrP58ns5hVVb/bM11VFVW/1zNdVRVVv+umuuoqqz+3TXXUVVZ/fM111FVWf0LNddRVVn9N9RcR1Vl9e+puY6qyuofldtqy+pv1VxHVWX1L9VcR1Vl9d9Ycx1VldV/U811VFVW/8011zEod8Y2/Rz2ZuOd58/5Od2onOMBAADApPuf+f+EEEIIIYQQYgJjeghqEHXGmUFfgAAAAAAGLn0uIH3qfT1K41M9xqd7jDd7jM/0GJ/tMQ4AAACE8LvXT9z2VrH5Of/rnQ8vzRuV5l/a6jxG+XyEW81/vfOeXW/+UZm3DAAAgMlSfO/TS/c/+t4LS1+e23u04+z3UjzfTfOATsdrAx/HfrovYCHrF+kc+mh3nkbJevn1gRvKtvf4de4oAAAATLB0/t4KRWOl47y7FRqNlZXN8/Hl0CxOnFw7fiD20/NZ/rjYnL28/KGa6wYAAAD6t3m+f+3z//Qc3+UwU6w8d3LtxKkr/YX28maj87rA4ubyovO6QCtbfrBk+aHYT8/v/MHiro3lK8d+uPbUdu88AAAATIhTL55+5sm1teM/8sILL7xovxj0XyYAAGC7ff75280fH1r4/ZXP/2/Of5c+/78v9ltxbr+/xBXSfQLpcwBXfV7/ie48i2XrPd+9XitbbyrGbFb3XMd2Qsd8g+n7lsrytbq3M1OSbz7Lt5Dly+cpmM7WT/n2ZMvz+QnTeovZ8nwexuksR5HlvzsAAABAudUXnn1+9dSLpx88+eyTTx9/+vhzhw4e+e6RIwce+s5Dqxv39a923t0PAAAAjKLNm34HXQkAAAAAAAAAAAAAAAAAAABMrjoeJzbofQQAAIBJ958zIYSzQkxizPWz3pVHYA68VjG28Y8hqGGcIj0pddB1CCHEoGJqCGoQQgxtrK/nT5oHAAAA2FkXL7x0rLO9ytliW/O1t9a60lyKeVO78ODfli5HWu38w93XS3ZvazVMurp//+Ufrfzvv7q9+efSi77//jW6N3C0Wt57V3+53Jn/9uk+8+f7/3i1/Puz/PeG/vKvv5flf6Ja/vuy/Lv7zH/V/j9fLf/9Mf9y7O+/p9/83e//bGzTfuzqM/+3s/1/KvSbP9v/Vp8JMw/E/AAwiRqDLmCHpKOEdBw9H/tpf+PhZsjvftjq8X8j2870dVfevd10HHRr7KfjpYUsb7LV+uez7d1Qsc7cqNxVUlb/dr2PO62s/mbNdVRVVv9MzXVUVVb/bM11VFVW/1zNdVRVVn+/56GDVlb/qFxXLqt/vuY6qiqrf6HmOqoqq3+r/44PSln9e2quo6qy+hdrrqOqsvorXlarXVn9SzXXUVVZ/TfWXEdVZfXfVHMdVZXVf3PNdQzKHbEtOx9O55+LcSz1W1l/9ho/y3G9tgAAAACj5t/m/xNCCCGEEEIIMW4RhqCGIYv19QFfgGCgdvbTzAAMK3//J5v3f7J5/yeb95+vku7hL7J+MtVjfLrHeLPH+Ew2nv++zvYYvynb7nqUxm/uMf61HuN7eozf2mN8ucf4bT3Gb+8xfkePcQAAACbDLbF1fggAAADj6+VfffzGb+594sLSl+f2Hg0zV807fyD2Z+P/rb8e+/m890kz/p//T2L/F7H9Q2z/ma3v/hMAAADYeek5Mf7/HwAAAMZXek6p838AAAAYX0uxdf4PAAAA4+vG2Dr/BwAAgDFWzF17cWzTdYG7Y9vvvH4AwPD7emzvjO3e2N4V22/ENh0H3BPbb37FNtfPbHORAMC2+Pn3f3rkrWJzvv9D2fjFuDy1Vzl75UpB0eieyX9XbHfH9lt91pM/D6Df/MmePvPsVP7F68wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyPxsbXw4eXixDe+eTtR38288ZfLy+7q73Gvo2vRey1QgjN9vel0c3+r+OKFy+8dKyzvRTbIhwMRSjay8Nj59uZ5kMIZ8O+8GlohQ9X17744N1H9n/02twtb55+5pUd/BF07R8AAACMo/8HAAD//0g0HqY=") 1.502436229s ago: executing program 0 (id=2793): socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) mkdirat(0xffffffffffffffff, 0x0, 0x151) connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x800) fallocate(0xffffffffffffffff, 0x0, 0x400000000000000, 0x7) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000001dd80)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006261746164760000040002", @ANYRESOCT], 0x44}}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f000001dc00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000002680)=@un=@abs={0x0, 0x0, 0x4e24}, 0x80, &(0x7f000001d980)}}], 0x3, 0x4000881) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x11, 0x0, 0x0) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 1.433961901s ago: executing program 1 (id=2794): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) 0s ago: executing program 1 (id=2795): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1, 0x232, &(0x7f00000006c0)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFBhhIZuCPZbCc573mUlDmlKtCb5d6gES9Qis3MTCqp/AvmrNhgtNMXrCxjJFRyOYwH5CZxaHICHbs5D8R9x6wSDKIIJklyvFP7FTL8lVmnfcZZnRMS2NgNJjFwcDAoHdEd6adAW83E9TM4sqq7MScnNSi4jNI7sw1Yz4wmXE/kyIjSN2Zv1eDHzDaMXTHMjAyyG3wV1v87Y9U5cZN9ZHTqyJqpnY33Vy6Po5hm/7fKyZS7ydmhP1/cEhQyyIv/8M8GaXvrAwMDDV1T0wcOxuV5/K3Xv777n1MbXGCGtNj8a5CNv4EN62aT85Obpb/56ZXt28pVlyQleYy8djUi38Tjq9lYJh84Ymtfs2ZQ/GKMZxSbpVzY+66xQtyLVM/X/fmBcPBqM8TGRjZGBiYGBhmhu3cg+yv8gZoZDAwMzAwqDCAFLEwpGXmpBp4MDAyMEM5hixQVTDVTAwcYAm95PyclHYGRnASAGtbzsACN8PwMQMrP0h5GkdOqtFjBla4jLFFAyxy26G0CpT2gNLLofRjBlS7YcmGBWxCP5Sn0cDAwMZQkfifv8iQjYGBoSKxpKTIECJWUlJkBBczEoDbzAS1dS4TqueOMzGMglEwCkbBKBgFo2AUjIJRMApGwUgGgAAAAP//9fay2w==") socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = landlock_create_ruleset(&(0x7f00000004c0)={0x0, 0x1}, 0x10, 0x0) landlock_add_rule$LANDLOCK_RULE_NET_PORT(r3, 0x2, &(0x7f0000000000)={0x1}, 0x0) mount(0x0, 0x0, &(0x7f0000000040)='ramfs\x00', 0x10000, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000300)) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0x4112, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r4, 0xffffffffffffffff, 0x0) fchmodat(0xffffffffffffff9c, 0x0, 0xfffffed3) r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0xc0880) ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000040)={0x80, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): lticast mode [ 1346.614150][ T12] bridge_slave_1: left promiscuous mode [ 1346.719933][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1346.958117][ T12] bridge_slave_0: left allmulticast mode [ 1347.282390][ T12] bridge_slave_0: left promiscuous mode [ 1347.288499][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1347.331194][ T12] bridge_slave_1: left allmulticast mode [ 1347.352126][ T12] bridge_slave_1: left promiscuous mode [ 1347.381806][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1347.602693][ T12] bridge_slave_0: left allmulticast mode [ 1347.608429][ T12] bridge_slave_0: left promiscuous mode [ 1347.651853][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1347.990859][T16715] ptrace attach of "./syz-executor exec"[9794] was attempted by " eth0 #uu0*iƇ޿_k.\x22#p/yLa~+>3l{@!2!9k\x0b8I$Q=r\x09/vӧJ#KT_$A=z/XmOX)s޾_N)6m\x0a\x0b뻑z|d\x1byx\x1bLTrw|0\x09\x5c[ ]V:Þ\x07x.TTϿa%QCuTYZy!Ѧ7vs\x07j*I{]*5JtsĪ~0fۮG:Q\x1b㣤}`eL\x0dyg1\x09i/!,u~)\x1b2jNTh\x1bo:\x0bq7SHLBq([aF*q v ANTeL+u^\x07sha 넙LD7DQ2!8,%$֜yKƴ%:0dLWՐl\x1b\x0bh=m.\x0bhQ}8/P+:E\x5cԬטլCRr^gQ(>⺨=\x0c04*@vTځg:hzW6s)x\x [ 1348.688665][ T5847] Bluetooth: hci0: command tx timeout [ 1348.843747][T14359] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1348.869881][T14359] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1348.981937][T14359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1348.996825][T14359] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1349.005329][T14359] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1349.031883][T14359] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1349.249736][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1349.265848][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1349.275743][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1349.287638][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1349.295882][ T5847] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1349.304219][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1349.455012][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1350.010376][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1350.609438][T16733] loop1: detected capacity change from 0 to 40427 [ 1350.742181][T16733] F2FS-fs (loop1): build fault injection attr: rate: 692, type: 0x1fffff [ 1350.750832][T16733] F2FS-fs (loop1): extra_attr or flexible_inline_xattr feature is off [ 1350.871788][ T5847] Bluetooth: hci0: command tx timeout [ 1350.946505][ T12] bond0 (unregistering): Released all slaves [ 1350.982823][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1351.111225][ T5847] Bluetooth: hci1: command tx timeout [ 1351.122751][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1351.164892][ T12] bond0 (unregistering): Released all slaves [ 1351.351728][ T5847] Bluetooth: hci2: command tx timeout [ 1352.948223][ T5847] Bluetooth: hci0: command tx timeout [ 1353.190237][T16752] loop0: detected capacity change from 0 to 4096 [ 1353.272014][ T5847] Bluetooth: hci1: command tx timeout [ 1353.422451][ T5847] Bluetooth: hci2: command tx timeout [ 1353.629683][T16753] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1354.749168][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1354.815645][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1355.021240][ T12] hsr_slave_0: left promiscuous mode [ 1355.027075][ T5847] Bluetooth: hci0: command tx timeout [ 1355.306957][ T12] hsr_slave_1: left promiscuous mode [ 1355.332293][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1355.351838][ T5847] Bluetooth: hci1: command tx timeout [ 1355.371903][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1356.224753][ T5847] Bluetooth: hci2: command tx timeout [ 1357.105774][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1357.296796][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1358.105799][ T5847] Bluetooth: hci1: command tx timeout [ 1358.301803][ T5847] Bluetooth: hci2: command tx timeout [ 1361.352917][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.359270][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1362.402235][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1362.458802][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1366.253362][T16824] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1369.791352][T16843] loop0: detected capacity change from 0 to 1764 [ 1369.798819][T16843] iso9660: Bad value for 'session' [ 1370.016061][T16716] chnl_net:caif_netlink_parms(): no params data found [ 1370.100542][T16852] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2272'. [ 1373.479981][T16695] chnl_net:caif_netlink_parms(): no params data found [ 1374.776421][T16716] bridge0: port 1(bridge_slave_0) entered blocking state [ 1374.799707][T16716] bridge0: port 1(bridge_slave_0) entered disabled state [ 1374.840260][T16716] bridge_slave_0: entered allmulticast mode [ 1374.849247][T16716] bridge_slave_0: entered promiscuous mode [ 1375.258723][T16716] bridge0: port 2(bridge_slave_1) entered blocking state [ 1375.346568][ T5895] libceph: connect (1)[c::]:6789 error -101 [ 1375.361505][T16716] bridge0: port 2(bridge_slave_1) entered disabled state [ 1375.365515][ T5895] libceph: mon0 (1)[c::]:6789 connect error [ 1375.403274][T16892] ceph: No mds server is up or the cluster is laggy [ 1375.413113][T16716] bridge_slave_1: entered allmulticast mode [ 1375.440477][T16716] bridge_slave_1: entered promiscuous mode [ 1375.442066][ T5895] libceph: connect (1)[c::]:6789 error -101 [ 1375.797729][ T5895] libceph: mon0 (1)[c::]:6789 connect error [ 1376.138038][T16716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1376.159667][T16908] usb usb8: usbfs: process 16908 (syz.0.2278) did not claim interface 0 before use [ 1376.203002][T16695] bridge0: port 1(bridge_slave_0) entered blocking state [ 1376.210162][T16695] bridge0: port 1(bridge_slave_0) entered disabled state [ 1376.243246][T16695] bridge_slave_0: entered allmulticast mode [ 1376.263010][T16695] bridge_slave_0: entered promiscuous mode [ 1376.315504][T16716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1376.411984][T16725] chnl_net:caif_netlink_parms(): no params data found [ 1376.434552][T16695] bridge0: port 2(bridge_slave_1) entered blocking state [ 1376.456438][T16695] bridge0: port 2(bridge_slave_1) entered disabled state [ 1376.472419][T16695] bridge_slave_1: entered allmulticast mode [ 1376.544374][T16912] io-wq is not configured for unbound workers [ 1376.707640][T16695] bridge_slave_1: entered promiscuous mode [ 1377.929140][T16716] team0: Port device team_slave_0 added [ 1378.812369][T16934] loop1: detected capacity change from 0 to 512 [ 1378.869366][T16934] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1378.924344][T16934] ext4 filesystem being mounted at /383/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1378.959439][T16695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1379.053537][T16695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1379.134962][T16716] team0: Port device team_slave_1 added [ 1380.981112][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1381.084011][T16716] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1381.953077][T16961] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2284'. [ 1382.129323][T16716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1382.159136][T16716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1383.070183][T16695] team0: Port device team_slave_0 added [ 1383.158380][T16970] loop0: detected capacity change from 0 to 64 [ 1383.732425][T16695] team0: Port device team_slave_1 added [ 1383.999091][T16972] usb usb8: usbfs: process 16972 (syz.1.2288) did not claim interface 0 before use [ 1384.087056][T16716] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1384.099395][T16716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1384.181131][T16980] usb usb8: usbfs: process 16980 (syz.1.2291) did not claim interface 0 before use [ 1384.372302][T16716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1385.830494][T16984] loop0: detected capacity change from 0 to 128 [ 1385.837971][T16984] affs: Bad value for 'setuid' [ 1385.842822][T16984] affs: Bad value for 'setuid' [ 1385.866181][T16725] bridge0: port 1(bridge_slave_0) entered blocking state [ 1386.188147][T16725] bridge0: port 1(bridge_slave_0) entered disabled state [ 1386.309531][T16725] bridge_slave_0: entered allmulticast mode [ 1386.487782][T16725] bridge_slave_0: entered promiscuous mode [ 1386.834786][T16725] bridge0: port 2(bridge_slave_1) entered blocking state [ 1386.848070][T16725] bridge0: port 2(bridge_slave_1) entered disabled state [ 1386.862875][T16725] bridge_slave_1: entered allmulticast mode [ 1386.876158][T16725] bridge_slave_1: entered promiscuous mode [ 1387.001280][T16716] hsr_slave_0: entered promiscuous mode [ 1387.043151][T16716] hsr_slave_1: entered promiscuous mode [ 1387.049995][T16695] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1387.067946][T16695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1387.121412][T16695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1387.341441][T16695] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1387.382239][T16695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1388.572297][T16695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1388.622482][T16988] loop1: detected capacity change from 0 to 32768 [ 1388.692165][T16988] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/loop1": -EINTR [ 1388.856062][T16725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1390.169108][T17013] libceph: resolve '. [ 1390.169108][T17013] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 1390.169108][T17013] ' (ret=-3): failed [ 1390.618089][T16695] hsr_slave_0: entered promiscuous mode [ 1390.912153][T16695] hsr_slave_1: entered promiscuous mode [ 1390.928755][T16695] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1390.954465][T16695] Cannot create hsr debugfs directory [ 1390.982996][T16725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1391.246552][T17028] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2299'. [ 1392.311559][T17036] netlink: 'syz.6.2302': attribute type 3 has an invalid length. [ 1393.493879][T16725] team0: Port device team_slave_0 added [ 1393.537267][T16725] team0: Port device team_slave_1 added [ 1394.831865][T17051] loop0: detected capacity change from 0 to 1024 [ 1394.863391][T17051] EXT4-fs (loop0): first meta block group too large: 50331648 (group descriptor block count 1) [ 1394.873075][T16725] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1394.883649][T16725] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1394.938074][T16725] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1396.182885][T16725] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1396.190367][T16725] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1396.219110][T16725] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1398.726981][T16725] hsr_slave_0: entered promiscuous mode [ 1398.752149][T16725] hsr_slave_1: entered promiscuous mode [ 1398.768416][T16725] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1398.971818][T16725] Cannot create hsr debugfs directory [ 1400.812132][ T12] bridge_slave_1: left allmulticast mode [ 1400.817867][ T12] bridge_slave_1: left promiscuous mode [ 1400.864314][T17099] netlink: 'syz.6.2313': attribute type 3 has an invalid length. [ 1400.889544][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1401.000561][T17109] usb usb8: usbfs: process 17109 (syz.1.2314) did not claim interface 0 before use [ 1401.352562][ T12] bridge_slave_0: left allmulticast mode [ 1401.393914][ T12] bridge_slave_0: left promiscuous mode [ 1401.421924][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1401.442669][ T12] bridge_slave_1: left allmulticast mode [ 1401.448398][ T12] bridge_slave_1: left promiscuous mode [ 1401.694917][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1402.581573][ T12] bridge_slave_0: left allmulticast mode [ 1402.587340][ T12] bridge_slave_0: left promiscuous mode [ 1402.681417][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1405.665784][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1405.677239][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1405.688327][ T12] bond0 (unregistering): Released all slaves [ 1405.701104][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1405.728157][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1405.782820][ T12] bond0 (unregistering): Released all slaves [ 1406.036267][ T12] hsr_slave_0: left promiscuous mode [ 1406.090050][ T12] hsr_slave_1: left promiscuous mode [ 1406.106054][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1406.142386][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1406.199059][ T12] hsr_slave_0: left promiscuous mode [ 1406.208379][T14359] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1406.211637][ T12] hsr_slave_1: left promiscuous mode [ 1406.217733][T14359] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1406.228281][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1406.228924][T14359] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1406.244782][T14359] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1406.252430][T14359] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1406.252828][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1406.259692][T14359] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1406.468047][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1406.713890][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1407.669460][T17143] hub 1-0:1.0: USB hub found [ 1407.675987][T17143] hub 1-0:1.0: 1 port detected [ 1408.079666][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1408.092284][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1408.100682][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1408.109752][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1408.123350][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1408.130713][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1408.301923][ T5847] Bluetooth: hci3: command tx timeout [ 1408.560967][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1408.593712][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1410.155267][T17155] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2323'. [ 1410.221796][ T5847] Bluetooth: hci1: command tx timeout [ 1410.294818][T17159] netlink: 'syz.0.2325': attribute type 3 has an invalid length. [ 1410.339915][ T5895] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 1410.381780][ T5847] Bluetooth: hci3: command tx timeout [ 1410.414037][ T5895] hid-generic 0000:0000:0000.0012: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1410.431116][T17159] loop0: detected capacity change from 0 to 1024 [ 1410.595540][T17159] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1410.709628][T13200] kernel write not supported for file /uhid (pid: 13200 comm: kworker/1:0) [ 1412.095272][T13007] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1412.193634][T14359] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1412.210633][T14359] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1412.219045][T14359] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1412.228882][T14359] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1412.237980][T14359] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1412.245774][T14359] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1412.302973][T14359] Bluetooth: hci1: command tx timeout [ 1412.463164][T14359] Bluetooth: hci3: command tx timeout [ 1412.604515][T17173] loop0: detected capacity change from 0 to 128 [ 1412.648906][T17173] ext4: Unknown parameter 'smackfshat' [ 1414.301767][T14359] Bluetooth: hci0: command tx timeout [ 1414.318309][T17144] chnl_net:caif_netlink_parms(): no params data found [ 1414.381706][T14359] Bluetooth: hci1: command tx timeout [ 1414.546063][T14359] Bluetooth: hci3: command tx timeout [ 1415.574234][T17129] chnl_net:caif_netlink_parms(): no params data found [ 1416.391871][T14359] Bluetooth: hci0: command tx timeout [ 1416.471894][T14359] Bluetooth: hci1: command tx timeout [ 1416.789533][T17144] bridge0: port 1(bridge_slave_0) entered blocking state [ 1416.816489][T17144] bridge0: port 1(bridge_slave_0) entered disabled state [ 1416.844865][T17144] bridge_slave_0: entered allmulticast mode [ 1416.891849][T17144] bridge_slave_0: entered promiscuous mode [ 1418.195563][T17144] bridge0: port 2(bridge_slave_1) entered blocking state [ 1418.202956][T17144] bridge0: port 2(bridge_slave_1) entered disabled state [ 1418.210321][T17144] bridge_slave_1: entered allmulticast mode [ 1418.232462][T17144] bridge_slave_1: entered promiscuous mode [ 1418.465034][T14359] Bluetooth: hci0: command tx timeout [ 1420.688994][T17129] bridge0: port 1(bridge_slave_0) entered blocking state [ 1420.717694][T17129] bridge0: port 1(bridge_slave_0) entered disabled state [ 1420.732691][T17216] netlink: 'syz.6.2336': attribute type 3 has an invalid length. [ 1420.752491][T17129] bridge_slave_0: entered allmulticast mode [ 1420.759607][T17129] bridge_slave_0: entered promiscuous mode [ 1420.813656][T17129] bridge0: port 2(bridge_slave_1) entered blocking state [ 1420.820762][T17129] bridge0: port 2(bridge_slave_1) entered disabled state [ 1420.852927][T17129] bridge_slave_1: entered allmulticast mode [ 1420.867346][T17129] bridge_slave_1: entered promiscuous mode [ 1420.987040][T17144] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1421.263595][T14359] Bluetooth: hci0: command tx timeout [ 1422.334495][T17144] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1422.538830][T17229] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2339'. [ 1422.548139][T17229] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2339'. [ 1423.316622][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.327666][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1423.351412][T17129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1423.363417][T17230] loop0: detected capacity change from 0 to 512 [ 1423.510582][T17230] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1423.513836][T17129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1423.691207][T17169] chnl_net:caif_netlink_parms(): no params data found [ 1423.859872][T17230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1423.886372][T17230] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1425.706947][T17144] team0: Port device team_slave_0 added [ 1425.799829][T17129] team0: Port device team_slave_0 added [ 1425.855525][T17129] team0: Port device team_slave_1 added [ 1425.996233][T17144] team0: Port device team_slave_1 added [ 1426.321575][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 1426.428062][ T30] audit: type=1326 audit(1742440718.182:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1426.894571][ T30] audit: type=1326 audit(1742440718.182:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1426.918354][ T30] audit: type=1326 audit(1742440718.192:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1426.982256][ T30] audit: type=1326 audit(1742440718.202:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1427.054369][ T30] audit: type=1326 audit(1742440718.202:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1427.076955][ T30] audit: type=1326 audit(1742440718.222:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1427.099598][ T30] audit: type=1326 audit(1742440718.222:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1427.101986][T17129] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1427.171530][ T30] audit: type=1326 audit(1742440718.222:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1427.171818][T17129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1427.210522][ T30] audit: type=1326 audit(1742440718.232:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1427.849884][T17129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1427.863799][T17129] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1427.870769][T17129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1427.896994][ T30] audit: type=1326 audit(1742440718.232:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17249 comm="syz.1.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7ffc0000 [ 1427.920028][T17129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1428.185421][T13007] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1428.345310][T17144] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1428.365303][T17144] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1428.410005][T17144] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1428.509911][T17258] loop1: detected capacity change from 0 to 40427 [ 1428.539539][T17258] F2FS-fs (loop1): build fault injection attr: rate: 692, type: 0x1fffff [ 1428.548288][T17258] F2FS-fs (loop1): extra_attr or flexible_inline_xattr feature is off [ 1428.653572][T17264] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2347'. [ 1428.696506][T17169] bridge0: port 1(bridge_slave_0) entered blocking state [ 1428.712515][T17169] bridge0: port 1(bridge_slave_0) entered disabled state [ 1428.723818][T17266] netlink: 'syz.0.2346': attribute type 3 has an invalid length. [ 1428.740106][T17169] bridge_slave_0: entered allmulticast mode [ 1428.768694][T13200] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 1428.773270][T17169] bridge_slave_0: entered promiscuous mode [ 1428.796992][T13200] hid-generic 0000:0000:0000.0013: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1428.829381][T17266] loop0: detected capacity change from 0 to 1024 [ 1428.847202][T17129] hsr_slave_0: entered promiscuous mode [ 1428.870150][T17129] hsr_slave_1: entered promiscuous mode [ 1428.877760][T17266] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1428.891011][T17129] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1428.901077][T17129] Cannot create hsr debugfs directory [ 1428.908949][T17144] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1428.916750][T17144] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1428.916996][T13359] kernel write not supported for file /uhid (pid: 13359 comm: kworker/0:3) [ 1428.942952][T17144] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1429.049556][T17169] bridge0: port 2(bridge_slave_1) entered blocking state [ 1429.073643][T17169] bridge0: port 2(bridge_slave_1) entered disabled state [ 1429.168069][T13007] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1429.332068][T17169] bridge_slave_1: entered allmulticast mode [ 1429.339826][T17169] bridge_slave_1: entered promiscuous mode [ 1430.617529][T17144] hsr_slave_0: entered promiscuous mode [ 1430.951103][T17144] hsr_slave_1: entered promiscuous mode [ 1430.987326][T17144] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1431.031727][T17144] Cannot create hsr debugfs directory [ 1431.336023][T17169] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1432.162459][T17286] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2351'. [ 1432.171410][T17286] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2351'. [ 1434.419135][T17291] loop0: detected capacity change from 0 to 64 [ 1434.737290][T17169] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1436.320906][ T12] bridge_slave_1: left allmulticast mode [ 1436.373220][ T12] bridge_slave_1: left promiscuous mode [ 1436.467079][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1436.903652][ T12] bridge_slave_0: left allmulticast mode [ 1436.909420][ T12] bridge_slave_0: left promiscuous mode [ 1436.981972][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1437.026467][ T12] bridge_slave_1: left allmulticast mode [ 1437.283855][ T12] bridge_slave_1: left promiscuous mode [ 1437.289672][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1437.319724][ T12] bridge_slave_0: left allmulticast mode [ 1437.626295][T17305] loop0: detected capacity change from 0 to 40427 [ 1437.674866][ T12] bridge_slave_0: left promiscuous mode [ 1437.695992][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1437.922576][T17305] F2FS-fs (loop0): build fault injection attr: rate: 692, type: 0x1fffff [ 1437.931231][T17305] F2FS-fs (loop0): extra_attr or flexible_inline_xattr feature is off [ 1438.968946][T17317] netlink: 'syz.1.2359': attribute type 3 has an invalid length. [ 1439.219520][ T80] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 1439.312511][ T80] hid-generic 0000:0000:0000.0014: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1439.326188][T17317] loop1: detected capacity change from 0 to 1024 [ 1439.396708][T17317] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1439.432478][ T5895] kernel write not supported for file /uhid (pid: 5895 comm: kworker/0:4) [ 1439.553251][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1440.194643][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1440.226959][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1440.255616][ T12] bond0 (unregistering): Released all slaves [ 1440.293103][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1440.393118][T17327] sg_write: data in/out 1048540/17 bytes for SCSI command 0x0-- guessing data in; [ 1440.393118][T17327] program syz.1.2361 not setting count and/or reply_len properly [ 1440.460536][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1440.485456][ T12] bond0 (unregistering): Released all slaves [ 1440.605657][T17332] fuse: Unknown parameter '0x0000000000000007' [ 1440.666679][T17169] team0: Port device team_slave_0 added [ 1441.246341][T17333] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2362'. [ 1441.256012][T17333] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2362'. [ 1441.555468][T17169] team0: Port device team_slave_1 added [ 1443.278124][T17339] loop0: detected capacity change from 0 to 40427 [ 1443.318293][T17339] F2FS-fs (loop0): build fault injection attr: rate: 692, type: 0x1fffff [ 1443.326979][T17339] F2FS-fs (loop0): extra_attr or flexible_inline_xattr feature is off [ 1443.342789][T17169] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1443.360054][T17169] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1443.432560][T17169] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1443.463844][T17169] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1443.470830][T17169] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1443.841065][T17345] loop1: detected capacity change from 0 to 4096 [ 1443.851315][T17345] nilfs2: Unknown parameter '0x0000000000000000' [ 1444.386100][T17169] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1445.884250][ T12] hsr_slave_0: left promiscuous mode [ 1445.890276][ T12] hsr_slave_1: left promiscuous mode [ 1446.862727][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1446.939104][T17361] loop1: detected capacity change from 0 to 40427 [ 1446.948743][T17361] F2FS-fs (loop1): build fault injection attr: rate: 692, type: 0x1fffff [ 1446.957652][T17361] F2FS-fs (loop1): extra_attr or flexible_inline_xattr feature is off [ 1446.988259][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1448.288176][ T12] hsr_slave_0: left promiscuous mode [ 1448.353622][ T12] hsr_slave_1: left promiscuous mode [ 1448.365192][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1448.534038][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1449.464577][T17378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2373'. [ 1449.475150][T17378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2373'. [ 1450.957207][T17385] netlink: 1296 bytes leftover after parsing attributes in process `syz.6.2376'. [ 1450.977643][T17385] openvswitch: netlink: Flow key attr not present in new flow. [ 1451.780846][T17389] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2376'. [ 1452.064216][T17391] loop0: detected capacity change from 0 to 2048 [ 1452.139972][T17391] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1455.934291][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1455.986611][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1457.926568][T17423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2383'. [ 1457.935785][T17423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2383'. [ 1460.425874][T17441] loop0: detected capacity change from 0 to 32768 [ 1461.333304][T17441] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1461.697639][T17441] XFS (loop0): Ending clean mount [ 1462.047095][T17441] XFS (loop0): Quotacheck needed: Please wait. [ 1462.698267][T17441] XFS (loop0): Quotacheck: Done. [ 1462.749048][T13007] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1462.794561][T17461] usb usb8: usbfs: process 17461 (syz.1.2391) did not claim interface 0 before use [ 1463.886404][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1463.951910][T17468] loop1: detected capacity change from 0 to 40427 [ 1463.962833][T17468] F2FS-fs (loop1): build fault injection attr: rate: 692, type: 0x1fffff [ 1463.971431][T17468] F2FS-fs (loop1): extra_attr or flexible_inline_xattr feature is off [ 1464.167863][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1468.076857][T17169] hsr_slave_0: entered promiscuous mode [ 1468.096356][T17169] hsr_slave_1: entered promiscuous mode [ 1468.527627][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1468.544508][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1468.555242][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1468.565874][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1468.589373][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1468.602669][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1470.951765][T14359] Bluetooth: hci1: command tx timeout [ 1471.338678][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1471.352152][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1471.360901][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1471.383044][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1471.392638][ T5847] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1471.399910][T17494] chnl_net:caif_netlink_parms(): no params data found [ 1471.400015][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1471.738504][T17494] bridge0: port 1(bridge_slave_0) entered blocking state [ 1471.759921][T17494] bridge0: port 1(bridge_slave_0) entered disabled state [ 1471.781077][T17494] bridge_slave_0: entered allmulticast mode [ 1471.803019][T17494] bridge_slave_0: entered promiscuous mode [ 1471.842796][T17494] bridge0: port 2(bridge_slave_1) entered blocking state [ 1471.872506][T17494] bridge0: port 2(bridge_slave_1) entered disabled state [ 1471.884146][T17522] loop1: detected capacity change from 0 to 128 [ 1471.912214][T17494] bridge_slave_1: entered allmulticast mode [ 1471.919368][T17494] bridge_slave_1: entered promiscuous mode [ 1471.936236][T17522] ext4: Unknown parameter 'smackfshat' [ 1473.021719][T14359] Bluetooth: hci1: command tx timeout [ 1473.180206][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1473.190001][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1473.199025][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1473.209146][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1473.226912][T17494] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1473.301260][T17494] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1473.476992][ T5847] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1473.484728][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1473.501784][ T5847] Bluetooth: hci2: command tx timeout [ 1473.616972][T17538] loop0: detected capacity change from 0 to 256 [ 1473.688520][T17538] input: syz0 as /devices/virtual/input/input8 [ 1474.716057][T17494] team0: Port device team_slave_0 added [ 1474.895599][T17494] team0: Port device team_slave_1 added [ 1475.103716][T17537] Bluetooth: hci1: command tx timeout [ 1475.583376][T17537] Bluetooth: hci0: command tx timeout [ 1475.591293][ T5847] Bluetooth: hci2: command tx timeout [ 1476.001472][T17513] chnl_net:caif_netlink_parms(): no params data found [ 1476.969893][T17494] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1477.004381][T17494] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1477.127215][T17494] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1477.181860][ T5847] Bluetooth: hci1: command tx timeout [ 1477.340028][ T12] bridge_slave_1: left allmulticast mode [ 1477.381391][ T12] bridge_slave_1: left promiscuous mode [ 1477.441971][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1477.559226][ T12] bridge_slave_0: left allmulticast mode [ 1477.620474][ T12] bridge_slave_0: left promiscuous mode [ 1477.664236][ T5847] Bluetooth: hci2: command tx timeout [ 1477.670027][ T5847] Bluetooth: hci0: command tx timeout [ 1477.704141][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1477.817837][ T12] bridge_slave_1: left allmulticast mode [ 1477.845241][ T12] bridge_slave_1: left promiscuous mode [ 1477.850986][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1477.932306][ T12] bridge_slave_0: left allmulticast mode [ 1477.938008][ T12] bridge_slave_0: left promiscuous mode [ 1477.962057][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1478.003398][ T12] bridge_slave_1: left allmulticast mode [ 1478.009074][ T12] bridge_slave_1: left promiscuous mode [ 1478.041842][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1479.306755][ T12] bridge_slave_0: left allmulticast mode [ 1479.321626][ T12] bridge_slave_0: left promiscuous mode [ 1479.998040][T17537] Bluetooth: hci0: command tx timeout [ 1480.007999][T17537] Bluetooth: hci2: command tx timeout [ 1480.102033][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1480.636934][T17570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2411'. [ 1480.645975][T17570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2411'. [ 1481.809296][T17576] loop1: detected capacity change from 0 to 256 [ 1481.870171][T17576] exfat: Deprecated parameter 'namecase' [ 1481.964726][T17576] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d) [ 1482.148310][T17537] Bluetooth: hci0: command tx timeout [ 1484.352095][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.358425][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1485.754423][T17593] loop0: detected capacity change from 0 to 128 [ 1485.985299][T17593] ieee802154 phy0 wpan0: encryption failed: -22 [ 1486.274548][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1486.562808][T17599] loop1: detected capacity change from 0 to 2048 [ 1486.656164][T17599] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1487.553149][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1487.585775][ T12] bond0 (unregistering): Released all slaves [ 1487.609276][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1487.658546][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1487.713349][ T12] bond0 (unregistering): Released all slaves [ 1487.762299][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1487.788347][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1487.814518][ T12] bond0 (unregistering): Released all slaves [ 1487.900053][T17494] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1487.921818][T17494] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1488.021336][T17494] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1489.049354][ T12] hsr_slave_0: left promiscuous mode [ 1490.106521][ T12] hsr_slave_1: left promiscuous mode [ 1490.114217][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1490.142440][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1490.992748][ T12] hsr_slave_0: left promiscuous mode [ 1491.009450][ T12] hsr_slave_1: left promiscuous mode [ 1491.058190][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1491.133198][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1491.224666][ T12] hsr_slave_0: left promiscuous mode [ 1491.251775][ T12] hsr_slave_1: left promiscuous mode [ 1491.257798][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1491.277680][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1493.065174][T17642] loop0: detected capacity change from 0 to 4096 [ 1493.075600][T17642] nilfs2: Unknown parameter '0x0000000000000000' [ 1493.572381][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1493.687759][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1494.120073][T17647] loop0: detected capacity change from 0 to 2048 [ 1494.167624][T17647] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1496.564629][T17657] loop1: detected capacity change from 0 to 2048 [ 1496.626633][T17657] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1496.780760][T17659] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1500.655951][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1501.214707][T17691] trusted_key: encrypted_key: key user:syz not found [ 1501.244006][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1505.194323][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1505.462948][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1507.515317][T17727] loop0: detected capacity change from 0 to 256 [ 1507.864513][T17730] loop1: detected capacity change from 0 to 512 [ 1507.871468][T17730] EXT4-fs: Ignoring removed oldalloc option [ 1507.877758][T17730] EXT4-fs: Ignoring removed nobh option [ 1508.397895][T17730] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1508.453319][T17730] ext4 filesystem being mounted at /428/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1509.842632][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1510.283229][T17494] hsr_slave_0: entered promiscuous mode [ 1510.301843][T17494] hsr_slave_1: entered promiscuous mode [ 1510.348243][T17494] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1510.355901][T17494] Cannot create hsr debugfs directory [ 1510.373562][T17513] bridge0: port 1(bridge_slave_0) entered blocking state [ 1510.380919][T17513] bridge0: port 1(bridge_slave_0) entered disabled state [ 1510.388209][T17513] bridge_slave_0: entered allmulticast mode [ 1510.395678][T17513] bridge_slave_0: entered promiscuous mode [ 1510.413663][T17513] bridge0: port 2(bridge_slave_1) entered blocking state [ 1510.420759][T17513] bridge0: port 2(bridge_slave_1) entered disabled state [ 1510.627099][T17513] bridge_slave_1: entered allmulticast mode [ 1510.644540][T17513] bridge_slave_1: entered promiscuous mode [ 1512.557892][T17763] loop1: detected capacity change from 0 to 512 [ 1512.576627][T17513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1512.616116][T17763] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.2453: corrupted in-inode xattr: invalid ea_ino [ 1512.654713][T17763] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.2453: couldn't read orphan inode 15 (err -117) [ 1512.698553][T17763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1512.967963][T17513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1513.767851][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1514.307783][T17513] team0: Port device team_slave_0 added [ 1515.286754][T17533] chnl_net:caif_netlink_parms(): no params data found [ 1515.452094][T17782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2457'. [ 1515.507775][T17782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2457'. [ 1515.593146][T17513] team0: Port device team_slave_1 added [ 1517.332973][T17513] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1517.580311][T17513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1518.470253][T17513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1518.552557][T17513] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1518.559603][T17513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1518.621441][T17513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1519.876848][T17533] bridge0: port 1(bridge_slave_0) entered blocking state [ 1519.894345][T17533] bridge0: port 1(bridge_slave_0) entered disabled state [ 1519.921082][T17533] bridge_slave_0: entered allmulticast mode [ 1519.960517][T17533] bridge_slave_0: entered promiscuous mode [ 1521.285204][T17533] bridge0: port 2(bridge_slave_1) entered blocking state [ 1521.308560][T17533] bridge0: port 2(bridge_slave_1) entered disabled state [ 1521.345704][T17533] bridge_slave_1: entered allmulticast mode [ 1521.375379][T17533] bridge_slave_1: entered promiscuous mode [ 1522.047681][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 1522.047701][ T30] audit: type=1326 audit(1742440813.992:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x7fc00000 [ 1522.195139][T17513] hsr_slave_0: entered promiscuous mode [ 1522.243943][T17513] hsr_slave_1: entered promiscuous mode [ 1522.268761][T17513] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1522.297033][T17513] Cannot create hsr debugfs directory [ 1523.368278][T17533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1523.395725][T17533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1524.811951][T17533] team0: Port device team_slave_0 added [ 1525.801487][T17533] team0: Port device team_slave_1 added [ 1529.428380][T17860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2475'. [ 1530.035641][T17533] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1530.061803][T17533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1530.271738][T17533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1530.319598][T17533] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1530.341657][T17533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1530.401660][T17533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1530.728956][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1530.756808][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1530.775671][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1530.788461][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1530.799897][ T5847] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1530.807251][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1530.817560][T17533] hsr_slave_0: entered promiscuous mode [ 1530.826825][T17533] hsr_slave_1: entered promiscuous mode [ 1530.855731][T17533] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1530.872084][T17533] Cannot create hsr debugfs directory [ 1531.180691][T17874] loop1: detected capacity change from 0 to 16 [ 1531.190518][T17874] cramfs: Unknown parameter '' [ 1533.023814][ T5847] Bluetooth: hci2: command tx timeout [ 1534.483038][T17892] loop0: detected capacity change from 0 to 128 [ 1534.598081][T17892] affs: No valid root block on device loop0 [ 1534.620295][T17889] tmpfs: Unknown parameter '^f' [ 1534.973505][ T12] bridge_slave_1: left allmulticast mode [ 1534.979233][ T12] bridge_slave_1: left promiscuous mode [ 1535.003185][T17537] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1535.021875][T17537] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1535.033824][T17537] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1535.051978][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1535.067555][T17537] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1535.081950][T17537] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1535.092119][T17537] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1535.103482][T17537] Bluetooth: hci2: command tx timeout [ 1535.157511][ T12] bridge_slave_0: left allmulticast mode [ 1535.192728][ T12] bridge_slave_0: left promiscuous mode [ 1535.200656][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1536.012986][T17903] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2484'. [ 1536.275558][T17907] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2484'. [ 1537.373987][T17537] Bluetooth: hci1: command tx timeout [ 1537.381254][ T5847] Bluetooth: hci2: command tx timeout [ 1538.414679][T17919] loop1: detected capacity change from 0 to 4096 [ 1538.422061][T17919] nilfs2: Unknown parameter '0x0000000000000000' [ 1538.882336][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1538.979799][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1539.108365][T17537] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1539.120895][T17537] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1539.132435][T17537] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1539.145371][T17537] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1539.156961][T17537] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1539.172557][T17537] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1539.182704][ T12] bond0 (unregistering): Released all slaves [ 1539.481740][T17537] Bluetooth: hci1: command tx timeout [ 1539.487344][T17537] Bluetooth: hci2: command tx timeout [ 1540.211854][T17930] loop1: detected capacity change from 0 to 512 [ 1540.241731][T17930] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1540.310639][T17930] EXT4-fs (loop1): 1 truncate cleaned up [ 1540.400832][T17930] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1540.715168][ T12] hsr_slave_0: left promiscuous mode [ 1540.726197][ T12] hsr_slave_1: left promiscuous mode [ 1540.740816][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1540.944800][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1541.284123][T17537] Bluetooth: hci0: command tx timeout [ 1541.541991][T17537] Bluetooth: hci1: command tx timeout [ 1541.981027][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1542.987262][T17953] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2495'. [ 1542.996331][T17953] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2495'. [ 1543.122048][ T30] audit: type=1326 audit(1742440834.972:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17949 comm="syz.1.2494" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe8e8f8d169 code=0x0 [ 1543.342506][T17537] Bluetooth: hci0: command tx timeout [ 1543.839269][T17537] Bluetooth: hci1: command tx timeout [ 1545.706696][T17537] Bluetooth: hci0: command tx timeout [ 1545.732847][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1545.745327][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1546.748692][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1547.626094][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1547.741798][T17537] Bluetooth: hci0: command tx timeout [ 1548.493896][T17864] chnl_net:caif_netlink_parms(): no params data found [ 1549.760994][ T30] audit: type=1326 audit(1742440841.592:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.6.2503" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8e3d8d169 code=0x0 [ 1552.613913][T18005] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2505'. [ 1552.622966][T18005] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2505'. [ 1552.981052][T17864] bridge0: port 1(bridge_slave_0) entered blocking state [ 1553.242033][T17864] bridge0: port 1(bridge_slave_0) entered disabled state [ 1553.249282][T17864] bridge_slave_0: entered allmulticast mode [ 1553.277979][T17864] bridge_slave_0: entered promiscuous mode [ 1553.355279][T18013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2506'. [ 1553.364385][T18013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2506'. [ 1554.155766][T17864] bridge0: port 2(bridge_slave_1) entered blocking state [ 1554.191752][T17864] bridge0: port 2(bridge_slave_1) entered disabled state [ 1554.199035][T17864] bridge_slave_1: entered allmulticast mode [ 1554.427980][T18018] loop0: detected capacity change from 0 to 32768 [ 1554.456692][T17864] bridge_slave_1: entered promiscuous mode [ 1554.491701][T18018] [ 1554.491701][T18018] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1554.491701][T18018] [ 1554.616472][T18016] ERROR: (device loop0): diWrite: ixpxd invalid [ 1554.616472][T18016] [ 1554.658690][T18016] ERROR: (device loop0): txCommit: [ 1554.658690][T18016] [ 1554.814828][T18018] [ 1554.814828][T18018] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1554.814828][T18018] [ 1554.865275][T18018] [ 1554.865275][T18018] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1554.865275][T18018] [ 1556.154063][T17864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1556.225269][T17864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1556.343954][T17921] chnl_net:caif_netlink_parms(): no params data found [ 1556.434501][T17864] team0: Port device team_slave_0 added [ 1556.484575][T17894] chnl_net:caif_netlink_parms(): no params data found [ 1556.617628][T18034] ubi31: attaching mtd0 [ 1556.624185][T18034] ubi31: scanning is finished [ 1556.628888][T18034] ubi31: empty MTD device detected [ 1557.417404][T18034] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1557.425087][T18034] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1557.434214][T18034] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1557.441257][T18034] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 1557.448806][T18034] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1557.455708][T18034] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1557.463882][T18034] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1074873825 [ 1557.474055][T18034] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1557.490248][T18035] ubi31: background thread "ubi_bgt31d" started, PID 18035 [ 1557.540269][T17864] team0: Port device team_slave_1 added [ 1559.607622][T17864] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1559.614852][T17864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1559.646124][T17864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1559.772301][T18054] loop1: detected capacity change from 0 to 4096 [ 1559.885035][T17864] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1559.915856][T17864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1559.943686][T17864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1559.957664][T17921] bridge0: port 1(bridge_slave_0) entered blocking state [ 1559.966384][T17921] bridge0: port 1(bridge_slave_0) entered disabled state [ 1559.974482][T17921] bridge_slave_0: entered allmulticast mode [ 1559.981991][T17921] bridge_slave_0: entered promiscuous mode [ 1560.009358][T18063] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2518'. [ 1560.018389][T18063] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2518'. [ 1560.348564][T17921] bridge0: port 2(bridge_slave_1) entered blocking state [ 1560.373214][T17921] bridge0: port 2(bridge_slave_1) entered disabled state [ 1560.417663][T17921] bridge_slave_1: entered allmulticast mode [ 1560.650973][T17921] bridge_slave_1: entered promiscuous mode [ 1560.863946][T17894] bridge0: port 1(bridge_slave_0) entered blocking state [ 1560.871110][T17894] bridge0: port 1(bridge_slave_0) entered disabled state [ 1560.901874][T17894] bridge_slave_0: entered allmulticast mode [ 1560.909054][T17894] bridge_slave_0: entered promiscuous mode [ 1560.964484][T17894] bridge0: port 2(bridge_slave_1) entered blocking state [ 1561.062292][T17894] bridge0: port 2(bridge_slave_1) entered disabled state [ 1561.069608][T17894] bridge_slave_1: entered allmulticast mode [ 1561.099477][T17894] bridge_slave_1: entered promiscuous mode [ 1561.221515][T17864] hsr_slave_0: entered promiscuous mode [ 1561.258656][T17864] hsr_slave_1: entered promiscuous mode [ 1562.189427][T17921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1562.317716][T17894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1562.362133][T17894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1563.904650][T18085] loop1: detected capacity change from 0 to 128 [ 1563.934689][T18085] omfs: sysblock size (-58445445) is out of range [ 1564.214295][T17921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1565.405829][T17921] team0: Port device team_slave_0 added [ 1565.445130][T17894] team0: Port device team_slave_0 added [ 1565.619056][T17921] team0: Port device team_slave_1 added [ 1565.670235][T17894] team0: Port device team_slave_1 added [ 1565.779830][T17921] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1565.794786][T17921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1565.884356][T17921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1566.243977][T18115] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2528'. [ 1566.253044][T18115] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2528'. [ 1566.347655][ T12] bridge_slave_1: left allmulticast mode [ 1566.362985][ T12] bridge_slave_1: left promiscuous mode [ 1566.381385][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1566.427380][ T12] bridge_slave_0: left allmulticast mode [ 1566.457470][ T12] bridge_slave_0: left promiscuous mode [ 1566.471832][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1566.483310][ T12] bridge_slave_1: left allmulticast mode [ 1566.510188][ T12] bridge_slave_1: left promiscuous mode [ 1566.519079][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1566.528741][ T12] bridge_slave_0: left allmulticast mode [ 1566.534619][ T12] bridge_slave_0: left promiscuous mode [ 1566.540593][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1566.551851][ T12] bridge_slave_1: left allmulticast mode [ 1566.558138][ T12] bridge_slave_1: left promiscuous mode [ 1566.571688][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1566.586920][ T12] bridge_slave_0: left allmulticast mode [ 1566.595097][ T12] bridge_slave_0: left promiscuous mode [ 1566.603762][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1568.666962][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1568.694584][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1568.712525][ T12] bond0 (unregistering): Released all slaves [ 1569.785814][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1569.814992][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1570.356224][ T12] bond0 (unregistering): Released all slaves [ 1570.370846][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1570.413287][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1570.442319][ T12] bond0 (unregistering): Released all slaves [ 1570.563352][T17921] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1570.570374][T17921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1570.772811][T17921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1572.381805][ T5847] Bluetooth: hci0: command 0x0405 tx timeout [ 1572.470648][T17894] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1572.487652][T17894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1572.516339][T17894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1573.335128][T17921] hsr_slave_0: entered promiscuous mode [ 1573.397156][T17921] hsr_slave_1: entered promiscuous mode [ 1573.424429][T17921] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1573.482299][T17921] Cannot create hsr debugfs directory [ 1573.506984][T17894] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1573.752864][T17894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1574.782623][T17894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1575.901753][ T12] hsr_slave_0: left promiscuous mode [ 1575.959612][ T12] hsr_slave_1: left promiscuous mode [ 1575.984614][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1576.002628][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1576.108923][ T12] hsr_slave_0: left promiscuous mode [ 1576.152283][ T12] hsr_slave_1: left promiscuous mode [ 1576.178697][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1576.231810][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1576.266336][ T12] hsr_slave_0: left promiscuous mode [ 1576.377836][ T12] hsr_slave_1: left promiscuous mode [ 1576.389350][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1576.646568][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1578.283230][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1578.529530][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1581.054525][T18203] netlink: 'syz.0.2548': attribute type 10 has an invalid length. [ 1584.662409][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1584.756682][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1589.437883][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1589.485626][T18248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2559'. [ 1589.494580][T18248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2559'. [ 1590.376370][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1590.711178][T18203] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 1590.877163][T17894] hsr_slave_0: entered promiscuous mode [ 1590.893046][T17894] hsr_slave_1: entered promiscuous mode [ 1590.899166][T17894] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1590.920034][T17894] Cannot create hsr debugfs directory [ 1592.148454][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1592.163678][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1592.173880][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1592.182652][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1592.203383][ T5847] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1592.210870][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1592.302248][ T12] bridge_slave_1: left allmulticast mode [ 1592.307971][ T12] bridge_slave_1: left promiscuous mode [ 1592.342086][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1592.363202][ T12] bridge_slave_0: left allmulticast mode [ 1592.368897][ T12] bridge_slave_0: left promiscuous mode [ 1592.392002][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1592.540137][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1592.567597][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1592.686355][ T12] bond0 (unregistering): Released all slaves [ 1594.349938][ T5847] Bluetooth: hci2: command tx timeout [ 1595.100961][ T12] hsr_slave_0: left promiscuous mode [ 1595.120536][ T12] hsr_slave_1: left promiscuous mode [ 1595.147867][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1595.188487][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1595.296382][T17537] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1595.311552][T17537] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1595.332024][T17537] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1595.344017][T17537] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1595.352145][T17537] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1595.363420][T17537] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1595.625437][T18314] usb usb8: usbfs: process 18314 (syz.0.2564) did not claim interface 0 before use [ 1595.636363][T18313] /dev/loop6: Can't lookup blockdev [ 1596.169097][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1596.927950][ T5847] Bluetooth: hci2: command tx timeout [ 1597.334460][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1597.680688][T18340] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2566'. [ 1597.689664][T18340] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2566'. [ 1597.734250][T17537] Bluetooth: hci1: command tx timeout [ 1597.743042][T17537] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1597.754304][T17537] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1597.762673][T17537] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1597.773068][T17537] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1597.781527][T17537] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1597.794852][T17537] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1598.028003][T18341] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2567'. [ 1598.680380][T18353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2570'. [ 1598.689476][T18353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2570'. [ 1598.942124][T17537] Bluetooth: hci2: command tx timeout [ 1599.751818][T17537] Bluetooth: hci1: command tx timeout [ 1600.071271][T18362] loop1: detected capacity change from 0 to 4096 [ 1600.079115][T18362] nilfs2: Unknown parameter '0x0000000000000000' [ 1600.771500][T17537] Bluetooth: hci3: command tx timeout [ 1601.043147][T17537] Bluetooth: hci2: command tx timeout [ 1601.822060][T17537] Bluetooth: hci1: command tx timeout [ 1602.871967][T17537] Bluetooth: hci3: command tx timeout [ 1603.942567][T17537] Bluetooth: hci1: command tx timeout [ 1604.369949][T18272] chnl_net:caif_netlink_parms(): no params data found [ 1604.393304][T18407] loop0: detected capacity change from 0 to 512 [ 1604.416305][T18407] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1604.511011][T18407] EXT4-fs (loop0): 1 truncate cleaned up [ 1604.565838][T18407] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1604.796611][T18335] chnl_net:caif_netlink_parms(): no params data found [ 1604.951949][T17537] Bluetooth: hci3: command tx timeout [ 1605.644988][T13007] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1605.903558][T18272] bridge0: port 1(bridge_slave_0) entered blocking state [ 1605.910835][T18272] bridge0: port 1(bridge_slave_0) entered disabled state [ 1605.944634][T18272] bridge_slave_0: entered allmulticast mode [ 1605.982464][T18272] bridge_slave_0: entered promiscuous mode [ 1606.068093][T18272] bridge0: port 2(bridge_slave_1) entered blocking state [ 1606.100487][T18272] bridge0: port 2(bridge_slave_1) entered disabled state [ 1606.131979][T18272] bridge_slave_1: entered allmulticast mode [ 1606.916710][T18272] bridge_slave_1: entered promiscuous mode [ 1607.024761][T17537] Bluetooth: hci3: command tx timeout [ 1607.030678][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1607.037066][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 1607.374107][T18447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2579'. [ 1607.383394][T18447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2579'. [ 1607.420525][T18449] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2581'. [ 1607.430257][T18449] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2581'. [ 1607.853912][T18272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1607.870210][T18305] chnl_net:caif_netlink_parms(): no params data found [ 1607.891406][T18335] bridge0: port 1(bridge_slave_0) entered blocking state [ 1608.007613][T18335] bridge0: port 1(bridge_slave_0) entered disabled state [ 1608.015032][T18335] bridge_slave_0: entered allmulticast mode [ 1608.022250][T18335] bridge_slave_0: entered promiscuous mode [ 1608.087590][T18272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1609.397811][T18335] bridge0: port 2(bridge_slave_1) entered blocking state [ 1609.408849][T18335] bridge0: port 2(bridge_slave_1) entered disabled state [ 1609.429881][T18335] bridge_slave_1: entered allmulticast mode [ 1609.440179][T18335] bridge_slave_1: entered promiscuous mode [ 1609.673343][T18272] team0: Port device team_slave_0 added [ 1611.299103][T18272] team0: Port device team_slave_1 added [ 1611.656860][T18335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1611.686938][ T30] audit: type=1326 audit(1742440903.632:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18477 comm="syz.0.2586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd619d8d169 code=0x7ffc0000 [ 1612.693107][T18335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1612.703220][ T30] audit: type=1326 audit(1742440903.632:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18477 comm="syz.0.2586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd619d8d169 code=0x7ffc0000 [ 1613.688556][ T30] audit: type=1326 audit(1742440903.632:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18477 comm="syz.0.2586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7fd619d8d169 code=0x7ffc0000 [ 1613.714190][ T30] audit: type=1326 audit(1742440903.632:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18477 comm="syz.0.2586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd619d8d169 code=0x7ffc0000 [ 1614.214292][T18272] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1614.221288][T18272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1614.233244][ T30] audit: type=1326 audit(1742440903.632:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18477 comm="syz.0.2586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd619d8d169 code=0x7ffc0000 [ 1614.324170][ T30] audit: type=1326 audit(1742440903.652:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18477 comm="syz.0.2586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fd619d8d169 code=0x7ffc0000 [ 1614.391215][T18272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1614.443583][T18305] bridge0: port 1(bridge_slave_0) entered blocking state [ 1614.461066][T18305] bridge0: port 1(bridge_slave_0) entered disabled state [ 1615.356151][T18305] bridge_slave_0: entered allmulticast mode [ 1615.403608][T18305] bridge_slave_0: entered promiscuous mode [ 1615.437388][T18305] bridge0: port 2(bridge_slave_1) entered blocking state [ 1615.506217][T18305] bridge0: port 2(bridge_slave_1) entered disabled state [ 1615.541516][T18305] bridge_slave_1: entered allmulticast mode [ 1615.549377][T18305] bridge_slave_1: entered promiscuous mode [ 1615.594618][T18272] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1615.670085][T18272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1615.696447][T18272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1615.752119][T18511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2591'. [ 1615.771760][T18511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2591'. [ 1616.224004][T18335] team0: Port device team_slave_0 added [ 1616.289908][T18305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1616.326316][T18335] team0: Port device team_slave_1 added [ 1616.427831][T18305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1616.627451][T18272] hsr_slave_0: entered promiscuous mode [ 1616.638294][T18272] hsr_slave_1: entered promiscuous mode [ 1616.860720][T18335] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1616.881926][T18335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1616.911292][T18517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2592'. [ 1616.920584][T18517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2592'. [ 1616.951977][T18335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1617.054380][T18305] team0: Port device team_slave_0 added [ 1617.062892][T18335] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1617.088344][T18335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1617.177414][T18335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1617.325340][T18305] team0: Port device team_slave_1 added [ 1617.428552][T18529] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2593'. [ 1619.355119][T18305] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1619.428973][T18305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1619.495850][T18305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1620.918585][T18305] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1621.352166][T18305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1621.389247][T18305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1621.656943][T18335] hsr_slave_0: entered promiscuous mode [ 1621.702913][T18335] hsr_slave_1: entered promiscuous mode [ 1621.748931][T18335] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1621.771691][T18335] Cannot create hsr debugfs directory [ 1621.805309][T18555] netlink: 'syz.6.2598': attribute type 4 has an invalid length. [ 1621.925012][ T12] bridge_slave_1: left allmulticast mode [ 1621.930728][ T12] bridge_slave_1: left promiscuous mode [ 1621.952047][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1622.937077][ T12] bridge_slave_0: left allmulticast mode [ 1622.947767][ T12] bridge_slave_0: left promiscuous mode [ 1622.963215][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1623.572507][T18568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2601'. [ 1623.581430][T18568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2601'. [ 1623.781126][ T12] bridge_slave_1: left allmulticast mode [ 1623.819549][ T12] bridge_slave_1: left promiscuous mode [ 1623.850340][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1623.891569][ T12] bridge_slave_0: left allmulticast mode [ 1623.907782][ T12] bridge_slave_0: left promiscuous mode [ 1623.927299][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1624.420880][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1624.542667][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1624.590211][ T12] bond0 (unregistering): Released all slaves [ 1624.655980][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1624.693219][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1624.730870][ T12] bond0 (unregistering): Released all slaves [ 1625.065353][ T12] hsr_slave_0: left promiscuous mode [ 1625.087615][ T12] hsr_slave_1: left promiscuous mode [ 1625.105802][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1625.143592][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1625.229577][ T12] hsr_slave_0: left promiscuous mode [ 1625.263929][ T12] hsr_slave_1: left promiscuous mode [ 1625.283319][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1625.306499][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1625.968349][T18591] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2604'. [ 1625.977417][T18591] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2604'. [ 1626.114223][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1626.234257][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1627.934378][T18601] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2607'. [ 1628.601677][T18611] loop1: detected capacity change from 0 to 2048 [ 1628.694557][T18611] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1630.694894][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1631.072261][T18620] loop1: detected capacity change from 0 to 40427 [ 1631.141475][T18620] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1631.149421][T18620] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1631.167191][T18620] F2FS-fs (loop1): invalid crc value [ 1631.581136][T18620] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1631.643081][T18620] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1631.650205][T18620] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1631.953452][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1635.509175][T18305] hsr_slave_0: entered promiscuous mode [ 1635.737657][T18305] hsr_slave_1: entered promiscuous mode [ 1635.753503][T18305] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1635.773200][T18305] Cannot create hsr debugfs directory [ 1636.692547][T18649] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2614'. [ 1636.701472][T18649] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2614'. [ 1642.762630][T18695] loop1: detected capacity change from 0 to 128 [ 1642.769691][T18695] affs: Unknown parameter '0x0000000000000000' [ 1642.780153][T18695] tmpfs: Unknown parameter 'GPL' [ 1645.023509][T18707] netlink: 'syz.0.2625': attribute type 10 has an invalid length. [ 1646.407050][T18720] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2627'. [ 1646.940687][T18272] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1646.971205][T18272] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1646.989144][T18272] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1647.027511][T18272] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1647.577248][T18272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1647.678151][T18272] 8021q: adding VLAN 0 to HW filter on device team0 [ 1647.813559][ T3445] bridge0: port 1(bridge_slave_0) entered blocking state [ 1647.820747][ T3445] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1647.932831][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 1647.940021][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1648.313315][T18305] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1648.357205][T18305] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1649.247093][T18305] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1649.314984][T18305] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1649.379339][T18272] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1649.589099][T18335] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1649.728005][T18335] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1649.789782][T18335] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1649.850532][T18335] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1650.248590][T18305] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1650.281382][T18272] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1650.313750][T18335] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1650.383916][T18305] 8021q: adding VLAN 0 to HW filter on device team0 [ 1651.413265][T18335] 8021q: adding VLAN 0 to HW filter on device team0 [ 1651.454227][T18403] bridge0: port 1(bridge_slave_0) entered blocking state [ 1651.461375][T18403] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1651.560924][ T5847] Bluetooth: hci5: unexpected event for opcode 0x2005 [ 1651.576301][T18403] bridge0: port 2(bridge_slave_1) entered blocking state [ 1651.583616][T18403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1651.632813][ T30] audit: type=1326 audit(1742440943.382:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18755 comm="syz.0.2632" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd619d8d169 code=0x0 [ 1653.118994][T18403] bridge0: port 1(bridge_slave_0) entered blocking state [ 1653.126170][T18403] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1653.216089][T18403] bridge0: port 2(bridge_slave_1) entered blocking state [ 1653.223277][T18403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1653.927756][T18335] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1653.996819][T17537] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1654.008633][T17537] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1654.024343][T17537] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1654.037983][T17537] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1654.069959][T17537] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1654.080212][T17537] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1654.360007][T18335] veth0_vlan: entered promiscuous mode [ 1654.400333][T18335] veth1_vlan: entered promiscuous mode [ 1654.492017][T18335] veth0_macvtap: entered promiscuous mode [ 1654.560450][T13310] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0 [ 1654.574933][T13310] hid-generic 0000:0000:0000.0015: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1654.621045][T18335] veth1_macvtap: entered promiscuous mode [ 1654.655871][T18829] loop1: detected capacity change from 0 to 1024 [ 1654.983293][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1655.027966][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.050275][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1655.061295][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.063657][T18829] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1655.072524][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1655.094986][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.105710][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1655.116596][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.144478][T18335] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1655.211427][T13200] kernel write not supported for file /uhid (pid: 13200 comm: kworker/1:0) [ 1655.318687][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1655.352651][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.379565][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1655.403204][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.413801][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1655.425932][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.443425][T18335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1655.465804][T18335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1655.492320][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1655.506556][T18335] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1655.634752][T18335] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1655.646719][T18335] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1655.672489][T18335] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1655.691976][T18335] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1655.711443][ T6039] bridge_slave_1: left allmulticast mode [ 1655.721763][ T6039] bridge_slave_1: left promiscuous mode [ 1655.727606][ T6039] bridge0: port 2(bridge_slave_1) entered disabled state [ 1655.804062][ T6039] bridge_slave_0: left allmulticast mode [ 1655.809790][ T6039] bridge_slave_0: left promiscuous mode [ 1655.829374][ T6039] bridge0: port 1(bridge_slave_0) entered disabled state [ 1656.069786][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1656.082120][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1656.093581][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1656.101835][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1656.122938][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1656.131697][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1656.143591][ T5847] Bluetooth: hci0: command tx timeout [ 1657.505939][T18894] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2642'. [ 1658.328903][ T5847] Bluetooth: hci1: command tx timeout [ 1658.338109][ T5847] Bluetooth: hci0: command tx timeout [ 1658.604995][T18899] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2643'. [ 1660.243570][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1660.255184][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1660.264557][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1660.273740][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1660.281291][ T5847] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1660.289019][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1660.532988][ T5847] Bluetooth: hci0: command tx timeout [ 1660.538453][ T5847] Bluetooth: hci1: command tx timeout [ 1660.788112][T18915] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2645'. [ 1661.458559][T18914] loop0: detected capacity change from 0 to 256 [ 1661.492144][T18914] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1661.518346][T18914] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 1661.546294][T18914] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 1661.775875][ T30] audit: type=1804 audit(1742440953.682:422): pid=18922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2646" name="/newroot/336/file0/bus" dev="loop0" ino=350 res=1 errno=0 [ 1661.866116][ T30] audit: type=1800 audit(1742440953.682:423): pid=18922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2646" name="file1" dev="loop0" ino=351 res=0 errno=0 [ 1662.882040][ T5847] Bluetooth: hci2: command tx timeout [ 1662.889554][ T5847] Bluetooth: hci1: command tx timeout [ 1662.895471][T17537] Bluetooth: hci0: command tx timeout [ 1663.370239][ T10] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 1663.382857][ T10] hid-generic 0000:0000:0000.0016: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1663.403394][T18942] loop1: detected capacity change from 0 to 1024 [ 1663.481565][T18942] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1663.504621][ T10] kernel write not supported for file /uhid (pid: 10 comm: kworker/0:1) [ 1663.609849][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1663.713182][ T6039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1663.735502][ T6039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1663.751478][ T6039] bond0 (unregistering): Released all slaves [ 1664.542746][ T6039] hsr_slave_0: left promiscuous mode [ 1664.556133][ T6039] hsr_slave_1: left promiscuous mode [ 1664.573476][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1664.594559][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1664.942991][ T5847] Bluetooth: hci1: command tx timeout [ 1664.943017][ T5143] Bluetooth: hci2: command tx timeout [ 1665.273381][T18963] loop1: detected capacity change from 0 to 8 [ 1665.297975][T18963] SQUASHFS error: xz decompression failed, data probably corrupt [ 1665.306675][T18963] SQUASHFS error: Failed to read block 0x108: -5 [ 1665.313086][T18963] SQUASHFS error: Unable to read metadata cache entry [106] [ 1665.320358][T18963] SQUASHFS error: Unable to read inode 0x11f [ 1667.297501][ T5143] Bluetooth: hci2: command tx timeout [ 1667.520587][T18969] loop1: detected capacity change from 0 to 1024 [ 1667.561778][T18969] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1667.672462][T18969] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 1668.202598][T18969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1668.464995][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1668.520713][ T6039] team0 (unregistering): Port device team_slave_1 removed [ 1669.642554][ T5143] Bluetooth: hci2: command tx timeout [ 1671.268999][T18969] fscrypt (loop1): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))") [ 1671.477670][T13310] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 1671.522870][T13310] hid-generic 0000:0000:0000.0017: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1671.535294][T18989] loop0: detected capacity change from 0 to 1024 [ 1671.544193][ T6039] team0 (unregistering): Port device team_slave_0 removed [ 1671.554897][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1671.578099][T18989] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1671.719278][ C0] vkms_vblank_simulate: vblank timer overrun [ 1671.741416][T18252] kernel write not supported for file /uhid (pid: 18252 comm: kworker/0:6) [ 1672.083009][T13007] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1672.974856][T18995] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2661'. [ 1674.588663][T19012] loop0: detected capacity change from 0 to 8 [ 1674.982127][T19012] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1675.016755][T19012] SQUASHFS error: Failed to read block 0x91: -5 [ 1675.043185][T19012] SQUASHFS error: Unable to read metadata cache entry [8f] [ 1675.054137][T19012] SQUASHFS error: Unable to read inode 0x11f [ 1678.328678][T19031] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1680.420041][T18812] chnl_net:caif_netlink_parms(): no params data found [ 1681.055956][T19038] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 1682.654823][T19056] loop1: detected capacity change from 0 to 128 [ 1684.884511][T18812] bridge0: port 1(bridge_slave_0) entered blocking state [ 1685.025716][T18812] bridge0: port 1(bridge_slave_0) entered disabled state [ 1685.119261][T18812] bridge_slave_0: entered allmulticast mode [ 1685.980821][T18812] bridge_slave_0: entered promiscuous mode [ 1686.150136][T19086] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2682'. [ 1686.229488][T18812] bridge0: port 2(bridge_slave_1) entered blocking state [ 1686.282099][T18812] bridge0: port 2(bridge_slave_1) entered disabled state [ 1686.289368][T18812] bridge_slave_1: entered allmulticast mode [ 1686.313362][T18812] bridge_slave_1: entered promiscuous mode [ 1686.620228][T19093] loop0: detected capacity change from 0 to 8 [ 1686.959634][T19093] SQUASHFS error: xz decompression failed, data probably corrupt [ 1686.967498][T19093] SQUASHFS error: Failed to read block 0x108: -5 [ 1686.973947][T19093] SQUASHFS error: Unable to read metadata cache entry [106] [ 1686.981248][T19093] SQUASHFS error: Unable to read inode 0x11f [ 1688.350627][T18907] chnl_net:caif_netlink_parms(): no params data found [ 1688.437318][T18812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1688.657386][T18812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1689.849365][T18812] team0: Port device team_slave_0 added [ 1689.932799][T18812] team0: Port device team_slave_1 added [ 1690.326202][T19111] loop0: detected capacity change from 0 to 128 [ 1690.664640][T18859] chnl_net:caif_netlink_parms(): no params data found [ 1692.182174][T18812] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1692.202529][T18812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1693.139651][T18812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1695.092779][ T6039] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1695.189569][T19134] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2693'. [ 1695.457655][T18812] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1696.198314][T18812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1696.225370][T18812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1696.456847][T19142] loop0: detected capacity change from 0 to 8 [ 1696.467974][T19142] SQUASHFS error: xz decompression failed, data probably corrupt [ 1696.475793][T19142] SQUASHFS error: Failed to read block 0x108: -5 [ 1696.482182][T19142] SQUASHFS error: Unable to read metadata cache entry [106] [ 1696.489452][T19142] SQUASHFS error: Unable to read inode 0x11f [ 1696.700926][ T6039] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1697.961951][T19148] netlink: 3 bytes leftover after parsing attributes in process `syz.6.2696'. [ 1698.133498][ T6039] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1699.406180][ T6039] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1699.517252][T19148] 0X: renamed from caif0 [ 1699.525123][T19148] 0X: entered allmulticast mode [ 1699.530320][T19148] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 1699.574009][T18907] bridge0: port 1(bridge_slave_0) entered blocking state [ 1699.600776][T18907] bridge0: port 1(bridge_slave_0) entered disabled state [ 1699.632425][T18907] bridge_slave_0: entered allmulticast mode [ 1699.657298][T18907] bridge_slave_0: entered promiscuous mode [ 1699.665522][T18907] bridge0: port 2(bridge_slave_1) entered blocking state [ 1699.685184][T18907] bridge0: port 2(bridge_slave_1) entered disabled state [ 1699.699825][T18907] bridge_slave_1: entered allmulticast mode [ 1699.719840][T18907] bridge_slave_1: entered promiscuous mode [ 1700.054592][T18812] hsr_slave_0: entered promiscuous mode [ 1700.552619][T18812] hsr_slave_1: entered promiscuous mode [ 1700.624964][T18859] bridge0: port 1(bridge_slave_0) entered blocking state [ 1700.633454][T18859] bridge0: port 1(bridge_slave_0) entered disabled state [ 1700.640680][T18859] bridge_slave_0: entered allmulticast mode [ 1700.653721][T18859] bridge_slave_0: entered promiscuous mode [ 1700.856722][T18907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1700.890112][T18859] bridge0: port 2(bridge_slave_1) entered blocking state [ 1700.900622][T18859] bridge0: port 2(bridge_slave_1) entered disabled state [ 1700.918938][T18859] bridge_slave_1: entered allmulticast mode [ 1700.933398][T18859] bridge_slave_1: entered promiscuous mode [ 1701.057549][T18907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1701.126090][T18859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1701.316415][T18859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1701.615480][T18907] team0: Port device team_slave_0 added [ 1701.639237][T18907] team0: Port device team_slave_1 added [ 1701.688874][T18859] team0: Port device team_slave_0 added [ 1701.888147][T19179] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2704'. [ 1701.897247][T19179] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2704'. [ 1702.092245][T18859] team0: Port device team_slave_1 added [ 1702.380092][T18907] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1702.387907][T19182] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2705'. [ 1702.409249][T18907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1702.442144][T18907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1703.117257][T18907] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1703.149468][T18907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1703.201162][T18907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1703.537044][T18859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1703.548378][T18859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1703.745486][T18859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1705.811849][T18859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1705.818854][T18859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1706.524174][T18859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1706.552354][T18907] hsr_slave_0: entered promiscuous mode [ 1706.559019][T18907] hsr_slave_1: entered promiscuous mode [ 1706.571186][T18907] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1706.602357][T18907] Cannot create hsr debugfs directory [ 1708.826161][T18859] hsr_slave_0: entered promiscuous mode [ 1708.855082][T18859] hsr_slave_1: entered promiscuous mode [ 1708.893118][T18859] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1708.920451][T18859] Cannot create hsr debugfs directory [ 1709.087619][T19227] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2716'. [ 1709.337808][ T6039] bridge_slave_1: left allmulticast mode [ 1709.352334][ T6039] bridge_slave_1: left promiscuous mode [ 1709.358228][ T6039] bridge0: port 2(bridge_slave_1) entered disabled state [ 1709.423034][ T6039] bridge_slave_0: left allmulticast mode [ 1709.428720][ T6039] bridge_slave_0: left promiscuous mode [ 1709.455147][ T6039] bridge0: port 1(bridge_slave_0) entered disabled state [ 1709.479255][ T6039] bridge_slave_1: left allmulticast mode [ 1709.485325][ T6039] bridge_slave_1: left promiscuous mode [ 1709.501284][ T6039] bridge0: port 2(bridge_slave_1) entered disabled state [ 1709.549094][ T6039] bridge_slave_0: left allmulticast mode [ 1709.571818][ T6039] bridge_slave_0: left promiscuous mode [ 1709.587763][ T6039] bridge0: port 1(bridge_slave_0) entered disabled state [ 1710.526744][T19234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2715'. [ 1710.535799][T19234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2715'. [ 1711.240898][T19242] loop0: detected capacity change from 0 to 512 [ 1711.862115][T19242] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1712.535580][T19242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1712.550027][T19242] ext4 filesystem being mounted at /368/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1713.302691][T13007] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1714.848669][ T6039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1714.866648][ T6039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1714.876845][ T6039] bond0 (unregistering): Released all slaves [ 1715.012336][ T6039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1715.029155][ T6039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1715.039779][ T6039] bond0 (unregistering): Released all slaves [ 1715.382976][ T6039] hsr_slave_0: left promiscuous mode [ 1715.401756][ T6039] hsr_slave_1: left promiscuous mode [ 1715.407774][ T6039] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1715.421776][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1715.447908][ T6039] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1715.455759][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1715.552974][ T6039] hsr_slave_0: left promiscuous mode [ 1715.560640][ T6039] hsr_slave_1: left promiscuous mode [ 1715.568177][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1715.643413][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1715.779849][ T6039] veth1_macvtap: left promiscuous mode [ 1715.797834][ T6039] veth0_macvtap: left promiscuous mode [ 1715.814207][ T6039] veth1_vlan: left promiscuous mode [ 1715.819497][ T6039] veth0_vlan: left promiscuous mode [ 1715.822488][ T5143] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1715.836796][ T5143] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1715.844857][ T5143] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1715.853487][ T5143] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1715.863229][ T5143] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1715.870553][ T5143] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1716.564407][T19262] loop0: detected capacity change from 0 to 16 [ 1717.868845][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1717.880530][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1717.893642][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1717.901797][ T5847] Bluetooth: hci0: command tx timeout [ 1717.908939][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1717.916466][ T6039] team0 (unregistering): Port device team_slave_1 removed [ 1717.916657][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1717.941924][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1718.125605][ T6039] team0 (unregistering): Port device team_slave_0 removed [ 1720.121794][ T5847] Bluetooth: hci0: command tx timeout [ 1720.129644][ T5847] Bluetooth: hci1: command tx timeout [ 1720.359558][T19277] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2726'. [ 1721.795297][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1721.804575][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1721.831855][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1721.843276][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1721.857731][ T5847] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1721.866713][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1722.141915][ T5847] Bluetooth: hci1: command tx timeout [ 1722.145627][ T5143] Bluetooth: hci0: command tx timeout [ 1722.327422][ T6039] team0 (unregistering): Port device team_slave_1 removed [ 1722.456658][ T6039] team0 (unregistering): Port device team_slave_0 removed [ 1723.205803][T19302] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.2730'. [ 1723.215186][T19302] openvswitch: netlink: Missing key (keys=40, expected=80) [ 1723.951850][ T5143] Bluetooth: hci3: command tx timeout [ 1724.228346][ T5143] Bluetooth: hci0: command tx timeout [ 1724.233946][ T5847] Bluetooth: hci1: command tx timeout [ 1725.678532][T19315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2731'. [ 1725.687494][T19315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2731'. [ 1725.981844][ T5143] Bluetooth: hci3: command tx timeout [ 1727.078106][ T5143] Bluetooth: hci1: command tx timeout [ 1728.029846][T19326] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 1728.062199][ T5847] Bluetooth: hci3: command tx timeout [ 1729.049769][T19271] chnl_net:caif_netlink_parms(): no params data found [ 1729.169852][T19296] chnl_net:caif_netlink_parms(): no params data found [ 1729.904176][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 1730.143600][ T5847] Bluetooth: hci3: command tx timeout [ 1731.241860][ T5895] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 1731.438265][T19271] bridge0: port 1(bridge_slave_0) entered blocking state [ 1731.510935][T19271] bridge0: port 1(bridge_slave_0) entered disabled state [ 1731.576699][T19271] bridge_slave_0: entered allmulticast mode [ 1731.658960][T19271] bridge_slave_0: entered promiscuous mode [ 1731.796559][T19256] chnl_net:caif_netlink_parms(): no params data found [ 1731.824563][T19271] bridge0: port 2(bridge_slave_1) entered blocking state [ 1731.826063][T19361] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2742'. [ 1731.891458][T19271] bridge0: port 2(bridge_slave_1) entered disabled state [ 1731.918328][T19271] bridge_slave_1: entered allmulticast mode [ 1731.949201][T19271] bridge_slave_1: entered promiscuous mode [ 1733.191963][ T5895] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1733.232020][T19271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1733.282933][ T5895] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 1733.290640][ T5895] usb 2-1: can't read configurations, error -71 [ 1733.379683][T19296] bridge0: port 1(bridge_slave_0) entered blocking state [ 1733.401118][T19296] bridge0: port 1(bridge_slave_0) entered disabled state [ 1733.673254][T19296] bridge_slave_0: entered allmulticast mode [ 1733.680409][T19296] bridge_slave_0: entered promiscuous mode [ 1733.688621][T19296] bridge0: port 2(bridge_slave_1) entered blocking state [ 1733.695860][T19296] bridge0: port 2(bridge_slave_1) entered disabled state [ 1733.703243][T19296] bridge_slave_1: entered allmulticast mode [ 1733.710721][T19296] bridge_slave_1: entered promiscuous mode [ 1734.915131][T19271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1735.282454][T19384] loop1: detected capacity change from 0 to 32768 [ 1735.456768][T19384] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1736.152599][T19384] XFS (loop1): Ending clean mount [ 1736.166500][T19384] XFS (loop1): Quotacheck needed: Please wait. [ 1736.256106][T19384] XFS (loop1): Quotacheck: Done. [ 1736.279768][T19271] team0: Port device team_slave_0 added [ 1736.393187][ T3589] bridge_slave_1: left allmulticast mode [ 1736.416254][ T3589] bridge_slave_1: left promiscuous mode [ 1736.434089][ T3589] bridge0: port 2(bridge_slave_1) entered disabled state [ 1736.464165][ T3589] bridge_slave_0: left allmulticast mode [ 1736.494593][ T3589] bridge_slave_0: left promiscuous mode [ 1736.517173][ T3589] bridge0: port 1(bridge_slave_0) entered disabled state [ 1736.545491][ T3589] bridge_slave_1: left allmulticast mode [ 1736.551230][ T3589] bridge_slave_1: left promiscuous mode [ 1736.557733][ T3589] bridge0: port 2(bridge_slave_1) entered disabled state [ 1736.586661][ T3589] bridge_slave_0: left allmulticast mode [ 1736.593861][ T3589] bridge_slave_0: left promiscuous mode [ 1736.600850][ T3589] bridge0: port 1(bridge_slave_0) entered disabled state [ 1737.516699][ T3589] bridge_slave_1: left allmulticast mode [ 1737.568390][ T3589] bridge_slave_1: left promiscuous mode [ 1737.663840][ T3589] bridge0: port 2(bridge_slave_1) entered disabled state [ 1738.217205][ T3589] bridge_slave_0: left allmulticast mode [ 1738.241692][ T3589] bridge_slave_0: left promiscuous mode [ 1738.247432][ T3589] bridge0: port 1(bridge_slave_0) entered disabled state [ 1738.259479][ T9732] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1740.580387][T19419] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2750'. [ 1740.594611][T19419] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2750'. [ 1740.619443][ T3589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1740.660768][ T3589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1740.695291][ T3589] bond0 (unregistering): Released all slaves [ 1740.745809][ T3589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1740.812267][ T3589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1740.855095][ T3589] bond0 (unregistering): Released all slaves [ 1740.913119][ T3589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1740.962390][ T3589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1740.990454][ T3589] bond0 (unregistering): Released all slaves [ 1741.022753][T19296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1741.059718][T19256] bridge0: port 1(bridge_slave_0) entered blocking state [ 1741.104043][T19256] bridge0: port 1(bridge_slave_0) entered disabled state [ 1741.129437][T19256] bridge_slave_0: entered allmulticast mode [ 1741.169141][T19256] bridge_slave_0: entered promiscuous mode [ 1741.206707][T19271] team0: Port device team_slave_1 added [ 1741.322576][T19296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1741.369673][T19256] bridge0: port 2(bridge_slave_1) entered blocking state [ 1741.400484][T19256] bridge0: port 2(bridge_slave_1) entered disabled state [ 1741.462580][T19256] bridge_slave_1: entered allmulticast mode [ 1741.512061][T19256] bridge_slave_1: entered promiscuous mode [ 1741.609842][T19271] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1741.630018][T19271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1741.672070][T19271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1741.730130][T19296] team0: Port device team_slave_0 added [ 1741.785666][T19256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1741.840070][ T3589] hsr_slave_0: left promiscuous mode [ 1741.847231][ T3589] hsr_slave_1: left promiscuous mode [ 1741.868667][ T3589] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1741.892757][ T3589] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1741.925857][ T3589] hsr_slave_0: left promiscuous mode [ 1741.963955][ T3589] hsr_slave_1: left promiscuous mode [ 1741.982504][ T3589] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1742.015183][ T3589] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1742.068683][ T3589] hsr_slave_0: left promiscuous mode [ 1742.082539][ T3589] hsr_slave_1: left promiscuous mode [ 1742.102295][ T3589] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1742.142424][ T3589] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1742.307461][T19425] loop1: detected capacity change from 0 to 256 [ 1742.352816][T19425] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1742.431835][T19425] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 1742.457406][T19425] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5419a5d9, utbl_chksum : 0xe619d30d) [ 1745.857923][ T3589] team0 (unregistering): Port device team_slave_1 removed [ 1746.604933][ T3589] team0 (unregistering): Port device team_slave_0 removed [ 1746.782507][T19453] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1747.957259][T19460] loop1: detected capacity change from 0 to 8 [ 1747.973290][T19460] SQUASHFS error: xz decompression failed, data probably corrupt [ 1747.981047][T19460] SQUASHFS error: Failed to read block 0x108: -5 [ 1747.987589][T19460] SQUASHFS error: Unable to read metadata cache entry [106] [ 1747.996342][T19460] SQUASHFS error: Unable to read inode 0x11f [ 1749.863740][T19465] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1750.415540][T19469] loop1: detected capacity change from 0 to 16 [ 1750.519175][T19469] erofs (device loop1): invalid sb_extslots 4160 (more than a fs block) [ 1751.854243][T19481] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1752.689104][ T3589] team0 (unregistering): Port device team_slave_1 removed [ 1754.125364][ T3589] team0 (unregistering): Port device team_slave_0 removed [ 1755.375401][T19500] loop1: detected capacity change from 0 to 8 [ 1755.516377][T19500] SQUASHFS error: xz decompression failed, data probably corrupt [ 1755.524687][T19500] SQUASHFS error: Failed to read block 0x108: -5 [ 1755.531026][T19500] SQUASHFS error: Unable to read metadata cache entry [106] [ 1755.538478][T19500] SQUASHFS error: Unable to read inode 0x11f [ 1756.922960][T19504] 9pnet: p9_errstr2errno: server reported unknown error @΂(QhQI [ 1757.427154][ T3589] team0 (unregistering): Port device team_slave_1 removed [ 1757.560005][T19509] loop1: detected capacity change from 0 to 512 [ 1757.586753][T19509] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1757.660063][T19509] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1757.673479][T19509] ext4 filesystem being mounted at /526/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1758.279321][ T9732] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1758.309343][ T3589] team0 (unregistering): Port device team_slave_0 removed [ 1759.941705][T19525] syz.1.2777 uses old SIOCAX25GETINFO [ 1759.962131][T19525] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1760.166178][T19271] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1760.200677][T19271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1760.226698][ C1] vkms_vblank_simulate: vblank timer overrun [ 1760.373288][T19271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1760.474673][T19296] team0: Port device team_slave_1 added [ 1760.587029][T19256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1760.805878][T19296] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1760.828616][T19296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1761.065098][T19296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1762.645431][T19296] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1762.652568][T19296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1762.678584][T19296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1762.719171][T19256] team0: Port device team_slave_0 added [ 1762.727459][T19256] team0: Port device team_slave_1 added [ 1762.855140][T19536] loop0: detected capacity change from 0 to 64 [ 1763.152801][T19271] hsr_slave_0: entered promiscuous mode [ 1763.159211][T19271] hsr_slave_1: entered promiscuous mode [ 1764.064818][T19541] loop1: detected capacity change from 0 to 1024 [ 1764.243875][T19543] loop0: detected capacity change from 0 to 128 [ 1764.274197][T19543] ext4: Unknown parameter 'smackfshat' [ 1764.424883][T19256] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1764.471216][T19256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1765.350834][T19256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1765.430305][ T6797] hfsplus: b-tree write err: -5, ino 4 [ 1765.444837][T19296] hsr_slave_0: entered promiscuous mode [ 1765.479052][T19296] hsr_slave_1: entered promiscuous mode [ 1765.495306][T19296] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1765.557493][T19296] Cannot create hsr debugfs directory [ 1765.594764][ T30] audit: type=1326 audit(1742441057.492:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19546 comm="syz.6.2783" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8e3d8d169 code=0x0 [ 1766.312205][T19256] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1766.331346][T19256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1766.408402][T19256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1767.892708][T19256] hsr_slave_0: entered promiscuous mode [ 1767.902570][T19256] hsr_slave_1: entered promiscuous mode [ 1767.909629][T19256] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1767.961713][T19256] Cannot create hsr debugfs directory [ 1768.999116][T19573] sctp: [Deprecated]: syz.0.2789 (pid 19573) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1768.999116][T19573] Use struct sctp_sack_info instead [ 1771.706508][T19583] syz.0.2791 (19583): drop_caches: 2 [ 1772.108535][T19271] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1772.152081][T19271] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1772.307797][T19591] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2793'. [ 1773.827550][T19271] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1773.871885][T19296] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1773.880594][ T6038] ------------[ cut here ]------------ [ 1773.886076][ T6038] DEBUG_LOCKS_WARN_ON(1) [ 1773.886193][ T6038] WARNING: CPU: 0 PID: 6038 at kernel/locking/lockdep.c:234 __lock_acquire+0x564/0x2100 [ 1773.900172][ T6038] Modules linked in: [ 1773.904079][ T6038] CPU: 0 UID: 0 PID: 6038 Comm: kworker/u8:10 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0 [ 1773.915023][ T6038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1773.925094][ T6038] Workqueue: bat_events batadv_nc_worker [ 1773.930762][ T6038] RIP: 0010:__lock_acquire+0x564/0x2100 [ 1773.936338][ T6038] Code: 00 00 83 3d 01 4e a0 0e 00 75 23 90 48 c7 c7 40 b2 2a 8c 48 c7 c6 40 b5 2a 8c e8 97 bc e4 ff 48 ba 00 00 00 00 00 fc ff df 90 <0f> 0b 90 90 90 31 db 48 81 c3 c4 00 00 00 48 89 d8 48 c1 e8 03 0f [ 1773.955964][ T6038] RSP: 0018:ffffc9000591f4f0 EFLAGS: 00010046 [ 1773.962056][ T6038] RAX: 145518e40e54bd00 RBX: 0000000000001b20 RCX: ffff8880356dda00 [ 1773.970038][ T6038] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1773.978019][ T6038] RBP: 00000000000c1b20 R08: ffffffff81819e52 R09: 1ffff110170c519a [ 1773.986004][ T6038] R10: dffffc0000000000 R11: ffffed10170c519b R12: ffff8880356de4d4 [ 1773.993997][ T6038] R13: 0000000000000005 R14: 1ffff11006adbca7 R15: ffff8880356de538 [ 1774.001990][ T6038] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1774.010935][ T6038] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1774.017536][ T6038] CR2: 00007f27f94d35c0 CR3: 000000004a25e000 CR4: 0000000000350ef0 [ 1774.025613][ T6038] Call Trace: [ 1774.028899][ T6038] [ 1774.031837][ T6038] ? __warn+0x165/0x4d0 [ 1774.036020][ T6038] ? __lock_acquire+0x564/0x2100 [ 1774.040987][ T6038] ? report_bug+0x2b3/0x500 [ 1774.045515][ T6038] ? __lock_acquire+0x564/0x2100 [ 1774.050485][ T6038] ? handle_bug+0x60/0x90 [ 1774.054830][ T6038] ? exc_invalid_op+0x1a/0x50 [ 1774.059521][ T6038] ? asm_exc_invalid_op+0x1a/0x20 [ 1774.064572][ T6038] ? __warn_printk+0x292/0x360 [ 1774.069365][ T6038] ? __lock_acquire+0x564/0x2100 [ 1774.074342][ T6038] lock_acquire+0x1ed/0x550 [ 1774.078871][ T6038] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 1774.084445][ T6038] ? __pfx_lock_acquire+0x10/0x10 [ 1774.089492][ T6038] ? rcu_note_context_switch+0xd44/0x1060 [ 1774.095236][ T6038] ? __pfx_lock_release+0x10/0x10 [ 1774.100292][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.106047][ T6038] _raw_spin_lock_nested+0x31/0x40 [ 1774.111185][ T6038] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 1774.116750][ T6038] raw_spin_rq_lock_nested+0xb0/0x140 [ 1774.122149][ T6038] __schedule+0x357/0x4c90 [ 1774.126589][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.132228][ T6038] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1774.137427][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.143064][ T6038] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1774.149397][ T6038] ? __pfx___schedule+0x10/0x10 [ 1774.154250][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.159886][ T6038] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1774.165879][ T6038] ? preempt_schedule_irq+0xf0/0x1c0 [ 1774.171252][ T6038] preempt_schedule_irq+0xfb/0x1c0 [ 1774.176363][ T6038] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 1774.182087][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.187725][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.193363][ T6038] irqentry_exit+0x5e/0x90 [ 1774.197785][ T6038] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 1774.203241][ T6038] RIP: 0010:process_scheduled_works+0xc0f/0x18e0 [ 1774.209565][ T6038] Code: df e8 85 8a 9e 00 48 8b 1b b8 70 01 00 00 48 01 c3 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 64 8a 9e 00 48 8b 3b <4c> 89 fe e8 29 65 12 00 eb 05 e8 c2 4a 37 00 48 8b 5c 24 70 4c 8b [ 1774.229171][ T6038] RSP: 0018:ffffc9000591fb20 EFLAGS: 00000246 [ 1774.235244][ T6038] RAX: 1ffff11006228c2e RBX: ffff888031146170 RCX: ffff8880356dda00 [ 1774.243213][ T6038] RDX: 0000000000000000 RSI: ffffffff8c2ac600 RDI: ffff888031146148 [ 1774.251230][ T6038] RBP: ffffc9000591fd20 R08: ffffffff903cfa77 R09: 1ffffffff2079f4e [ 1774.259197][ T6038] R10: dffffc0000000000 R11: fffffbfff2079f4f R12: dffffc0000000000 [ 1774.267253][ T6038] R13: ffff8880332f2840 R14: 0000000000000000 R15: ffffffff818a9366 [ 1774.275219][ T6038] ? process_scheduled_works+0x9c6/0x18e0 [ 1774.280986][ T6038] ? __pfx_process_scheduled_works+0x10/0x10 [ 1774.286972][ T6038] ? assign_work+0x364/0x3d0 [ 1774.291564][ T6038] worker_thread+0x870/0xd30 [ 1774.296176][ T6038] ? __kthread_parkme+0x169/0x1d0 [ 1774.301200][ T6038] ? __pfx_worker_thread+0x10/0x10 [ 1774.306311][ T6038] kthread+0x7ab/0x920 [ 1774.310379][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.314971][ T6038] ? __pfx_worker_thread+0x10/0x10 [ 1774.320080][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.324670][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.329266][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.333855][ T6038] ? _raw_spin_unlock_irq+0x23/0x50 [ 1774.339121][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.344757][ T6038] ? lockdep_hardirqs_on+0x99/0x150 [ 1774.349954][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.354544][ T6038] ret_from_fork+0x4d/0x80 [ 1774.358987][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.363579][ T6038] ret_from_fork_asm+0x1a/0x30 [ 1774.368343][ T6038] [ 1774.371352][ T6038] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1774.378619][ T6038] CPU: 0 UID: 0 PID: 6038 Comm: kworker/u8:10 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0 [ 1774.389540][ T6038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1774.399585][ T6038] Workqueue: bat_events batadv_nc_worker [ 1774.405235][ T6038] Call Trace: [ 1774.408500][ T6038] [ 1774.411421][ T6038] dump_stack_lvl+0x241/0x360 [ 1774.416096][ T6038] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1774.421288][ T6038] ? __pfx__printk+0x10/0x10 [ 1774.425874][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.431510][ T6038] ? vscnprintf+0x5d/0x90 [ 1774.435838][ T6038] panic+0x349/0x880 [ 1774.439734][ T6038] ? __warn+0x174/0x4d0 [ 1774.443897][ T6038] ? __pfx_panic+0x10/0x10 [ 1774.448311][ T6038] ? ret_from_fork_asm+0x1a/0x30 [ 1774.453247][ T6038] __warn+0x344/0x4d0 [ 1774.457230][ T6038] ? __lock_acquire+0x564/0x2100 [ 1774.462178][ T6038] report_bug+0x2b3/0x500 [ 1774.466528][ T6038] ? __lock_acquire+0x564/0x2100 [ 1774.471499][ T6038] handle_bug+0x60/0x90 [ 1774.475651][ T6038] exc_invalid_op+0x1a/0x50 [ 1774.480436][ T6038] asm_exc_invalid_op+0x1a/0x20 [ 1774.485285][ T6038] RIP: 0010:__lock_acquire+0x564/0x2100 [ 1774.490830][ T6038] Code: 00 00 83 3d 01 4e a0 0e 00 75 23 90 48 c7 c7 40 b2 2a 8c 48 c7 c6 40 b5 2a 8c e8 97 bc e4 ff 48 ba 00 00 00 00 00 fc ff df 90 <0f> 0b 90 90 90 31 db 48 81 c3 c4 00 00 00 48 89 d8 48 c1 e8 03 0f [ 1774.510428][ T6038] RSP: 0018:ffffc9000591f4f0 EFLAGS: 00010046 [ 1774.516490][ T6038] RAX: 145518e40e54bd00 RBX: 0000000000001b20 RCX: ffff8880356dda00 [ 1774.524453][ T6038] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1774.532415][ T6038] RBP: 00000000000c1b20 R08: ffffffff81819e52 R09: 1ffff110170c519a [ 1774.540374][ T6038] R10: dffffc0000000000 R11: ffffed10170c519b R12: ffff8880356de4d4 [ 1774.548337][ T6038] R13: 0000000000000005 R14: 1ffff11006adbca7 R15: ffff8880356de538 [ 1774.556305][ T6038] ? __warn_printk+0x292/0x360 [ 1774.561084][ T6038] lock_acquire+0x1ed/0x550 [ 1774.565594][ T6038] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 1774.571149][ T6038] ? __pfx_lock_acquire+0x10/0x10 [ 1774.576181][ T6038] ? rcu_note_context_switch+0xd44/0x1060 [ 1774.581904][ T6038] ? __pfx_lock_release+0x10/0x10 [ 1774.586937][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.592574][ T6038] _raw_spin_lock_nested+0x31/0x40 [ 1774.597690][ T6038] ? raw_spin_rq_lock_nested+0xb0/0x140 [ 1774.603441][ T6038] raw_spin_rq_lock_nested+0xb0/0x140 [ 1774.608819][ T6038] __schedule+0x357/0x4c90 [ 1774.613271][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.618938][ T6038] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1774.624163][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.629806][ T6038] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1774.636184][ T6038] ? __pfx___schedule+0x10/0x10 [ 1774.641080][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.646720][ T6038] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1774.652712][ T6038] ? preempt_schedule_irq+0xf0/0x1c0 [ 1774.658002][ T6038] preempt_schedule_irq+0xfb/0x1c0 [ 1774.663121][ T6038] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 1774.668848][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.674497][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.680168][ T6038] irqentry_exit+0x5e/0x90 [ 1774.684599][ T6038] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 1774.690063][ T6038] RIP: 0010:process_scheduled_works+0xc0f/0x18e0 [ 1774.696442][ T6038] Code: df e8 85 8a 9e 00 48 8b 1b b8 70 01 00 00 48 01 c3 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 64 8a 9e 00 48 8b 3b <4c> 89 fe e8 29 65 12 00 eb 05 e8 c2 4a 37 00 48 8b 5c 24 70 4c 8b [ 1774.716093][ T6038] RSP: 0018:ffffc9000591fb20 EFLAGS: 00000246 [ 1774.722168][ T6038] RAX: 1ffff11006228c2e RBX: ffff888031146170 RCX: ffff8880356dda00 [ 1774.730136][ T6038] RDX: 0000000000000000 RSI: ffffffff8c2ac600 RDI: ffff888031146148 [ 1774.738101][ T6038] RBP: ffffc9000591fd20 R08: ffffffff903cfa77 R09: 1ffffffff2079f4e [ 1774.746076][ T6038] R10: dffffc0000000000 R11: fffffbfff2079f4f R12: dffffc0000000000 [ 1774.754042][ T6038] R13: ffff8880332f2840 R14: 0000000000000000 R15: ffffffff818a9366 [ 1774.762015][ T6038] ? process_scheduled_works+0x9c6/0x18e0 [ 1774.767766][ T6038] ? __pfx_process_scheduled_works+0x10/0x10 [ 1774.773758][ T6038] ? assign_work+0x364/0x3d0 [ 1774.778554][ T6038] worker_thread+0x870/0xd30 [ 1774.783156][ T6038] ? __kthread_parkme+0x169/0x1d0 [ 1774.788186][ T6038] ? __pfx_worker_thread+0x10/0x10 [ 1774.793302][ T6038] kthread+0x7ab/0x920 [ 1774.797477][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.802111][ T6038] ? __pfx_worker_thread+0x10/0x10 [ 1774.807236][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.811834][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.816432][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.821024][ T6038] ? _raw_spin_unlock_irq+0x23/0x50 [ 1774.826224][ T6038] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1774.831863][ T6038] ? lockdep_hardirqs_on+0x99/0x150 [ 1774.837075][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.841676][ T6038] ret_from_fork+0x4d/0x80 [ 1774.846094][ T6038] ? __pfx_kthread+0x10/0x10 [ 1774.850691][ T6038] ret_from_fork_asm+0x1a/0x30 [ 1774.855505][ T6038] [ 1774.858764][ T6038] Kernel Offset: disabled [ 1774.863094][ T6038] Rebooting in 86400 seconds..