last executing test programs:

8m14.325610125s ago: executing program 32 (id=51):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=r2, @ANYBLOB="46ff0f00000000001c00128009000100626f6e64000000000c0002800500010005"], 0x3c}, 0x1, 0x0, 0x0, 0x690}, 0x20048040)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x66)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x300, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r5}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)

7m24.328766522s ago: executing program 33 (id=256):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xf, 0x4, 0x8, 0xb}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r5, 0x27, 0x0, 0x0, 0x0, 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

6m57.14176603s ago: executing program 34 (id=288):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_io_uring_complete(r1)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

6m25.258895221s ago: executing program 35 (id=447):
syz_emit_ethernet(0x46, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x8, 0x11, 0xffffffffffffffff, 0x6a958000)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x94})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
r3 = accept4$alg(r2, 0x0, 0x0, 0x80800)
splice(r3, 0x0, r1, 0x0, 0x39000, 0x0)

5m51.563762397s ago: executing program 7 (id=585):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000010c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x78, 0x0, 0xfffffffffffffffa, {0x8000, 0xcd, 0x0, {0x0, 0x0, 0x9ef1, 0x1000, 0x5, 0x0, 0xf79c000, 0x2339fdf8, 0x5, 0x8000, 0x538, 0x0, 0xffffffffffffffff, 0x3}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0xfffffffffffffffd, 0x5, 0xfffffff8}}, 0x30)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])

5m50.729364536s ago: executing program 7 (id=590):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}, 0x1c)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x271f, &(0x7f0000000580)=""/102389, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000240)={0x4}, 0xc)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000180)={0x0, 0x1, 0x5}, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0x503, 0x0, 0x0, {}, [{0x8, 0x1, 0x2}]}, 0x20}}, 0x0)

5m50.504411709s ago: executing program 7 (id=592):
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x1)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$getown(r1, 0x9)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4)
bind$inet(r1, 0x0, 0x0)
recvfrom(r1, 0x0, 0x0, 0x32, 0x0, 0x700)

5m49.160283567s ago: executing program 7 (id=600):
r0 = socket(0x11, 0x3, 0xff)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={<r1=>0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000000140)=0xc)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000240)='./file1\x00', 0x2000084c, &(0x7f0000000300)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYRES64=r1, @ANYRES8=r3, @ANYRES16=r1, @ANYRES64=r1, @ANYBLOB="2c6469736361726459ad809e1eb82c00fb278330ab3b4884d36adf6908d11f5783dc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14fc, &(0x7f0000002a80)="$eJzs3AuUjlXbOPB97b1vxjTpaZLDsK993TxpsE2S5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDR5pUmSkJCw/0vv+356v97v6/3W2/+z1jfXb629Zl9zP9f1XPdcs+a572eteb7rOapei/q1mxGR+LfAX7+kCCFihBDDhBDXCSECIUSl+Erxl48XUJDy7z0J+3M9nH61O2BXE88/b+P55208/7yN55+38fzzNp5/3sbzz9t4/ozlZdvnFLueV95d/P5/Xsav//+H5Jaf/NXG8jf2+h+k8PzzNp5/3sbzz9t4/nkbzz9v4/n/31frvznG88/beP6M5WVX+/1nXld3Xe3fP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjecM5f4UWQvx9f7X7YowxxhhjjDHG2J/H57/aHTDGGGOMMcYYY+z/PxBSKKFFIPKJ/CJGFBCx4hoRJ64VBcV1IiKuF/HiBlFI3CgKiyKiqCgmEkRxUUIYgcIKEqEoKUqJqLhJlBY3i0RRRpQV5YQT5UWSuEVUELeKiuI2UUncLiqLO0QVUVVUE9XFnaKGuEvUFLVEbXG3qCPqinqivrhHNBD3iobiPtFI3C8aiwdEE/GgaCoeEs3Ew6K5eES0EI+KluIx0Uq0Fm1EW9Hut/l98/+L+S+JvuJl0U/0FyligBgoXhGDxGAxRAwVw8SrYrh4TYwQr4tUMVKMEm+I0eJNMUa8JcaKcWK8eFtMEBPFJDFZTBFTRZp4R0wT74rp4j0xQ8wUs8RskS7miLnifTFPzBcLxAdiofhQLBKLxRKxVGSIj0SmWCayxMdiufhEZIsVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLT8UOsVPsErvFHrFX7BOfif3ic3FAfCFyxJf/w/yz/ym/FwgQIEGCBg35IB/EQAzEQizEQRwUhIIQgQjEQzwUgkJQGApDUSgKCZAAJaAEICAQEJSEkhCFKJSG0pAIiVAWyoIDB0mQBBXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCyZAMXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB1SYSSMgjfgDXgTxsAZGAvjYDyMhxpyIkyCyUByKqRBGkyDaTAdpsMMmAkzYTakwxyYC3NhHsyH+fABLIQP4UNYDIthKWRABmTCMsiCLFgOZyEbVsBKWAWrYQ2shnWwHtbBRtgEG2ELbIFtsA0+hU9hJ+yE3bAb9sJe+Aw+g8/hc0iFHMiBg3AQDsEhOAyHIRdy4QgcgaNwFI7BMTgOx+EEnIRTcBJOw2k4A2fhHJyD83AeLsALCd8031tmQ6qQl2mpZT6ZT8bIGBkrY2WcjJMFZUEZkREZL+NlIVlIFpaFZVFZVCbIBFlClpAoUZIMZUlZUkZlVJaWpWWiTJRlZVnppJNJMklWkBVkRVlRVpK3y8ryDllFVpUdXXVZXdaQnVxNWUvWlrVlHVlX1pP1ZX3ZQDaQDWVD2Ug2ko1lY9lEPiibygEwBB6WlyfTQo6ElnIUtJKtZRvZVr4Jj8v2cgx0kB1lJ/mkHAdjoYts75LlM7KrnATd5HNyMjwve8ip0FO+KHvJ3rKPfEn2lR1cP9lfzoABcqCcDYPkYDlEDpXzoK68PLF68nWZKkfKUfINuRTelGPkW3KsHCfHy7flBDlRTpKT5RQ5VabJd+Q0+a6cLt+TM+RMOUvOlulyjpwr35fz5Hy5QH4gF8oP5SK5WC6RS2WG/EhmymUyS34sl8tPZLZcIVfKVXK1XCPXynVyvdwgN8pNcrPcIrfKbXK7/FTukDvlLrlb7pF75T75mdwvP5cH5BcyR34pD8q/yEPyK3lYfi1z5TfyiPxWHpXfyWPye3lc/iBPyJPylPxRnpY/yTPyrDwnf5bn5S/ygrwoL0kvhQIllVJaBSqfyq9iVAEVq65RcepaVVBdpyLqehWvblCF1I2qsCqiiqpiKkEVVyWUUaisIhWqkqqUiqqbVGl1s0pUZVRZVU45VV4lqVtUBXWrqqhuU5XU7aqyukNVUVVVNVVd3alqqLtUTVVL1VZ3qzqqrqqn6qt7VAN1r2qo7lON1P2qsXpANVEPqqbqIdVMPayaq0dUC/WoaqkeU61Ua9VGtVXt1OOqvXpCdVAdVSf1pOqsnlJd1NMqWT2juqpnVTf1nOqunlc91Auqp3pR9VK9VR91UV1SXvVT/VWKGqAGqlfUIDVYDVFD1TD1qhquXlMj1OsqVY1Uo9QbarR6U41Rb6mxapwar95WE9RENUlNVlPUVJWm3lHT1LtqunpPzVAz1Sw1W6WrOWrI3yot+Bfy3/0n+SN+ffZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb/9DIQGLbXSWgc6n86vY3QBHauv0XH6Wl1QX6cj+nodr2/QhfSNurAuoovqYjpBF9cltNGorSYd6pK6lI7qm3RpfbNO1GV0WV1OO11eJ+lb/u38P+qvnW6n2+v2uoPuoDvpTrqz7qy76C46WSfrrrqr7qa76e66u+6he+ieuqfupXvpPrqP7qv76n66n07RKXqgfkUP0oP1ED1UD9Ov6uF6uB6hR+hUnapH6VF6tB6tx+gxeqweq8fr8XqCnqAn6Ul6ip6i03Sanqan6el6up6hZ+hZepZO1+l6rp6r5+l5eoFeoBfqhXqRXqSX6CU6Q2foTJ2ps3SWXq6X62y9Qq/Qq/QqvUav0ev0Or1Bb9Cb9Ca9RW/R2Xq73q536B16l96l9+g9ep/ep/fr/fqAPqBzdI4+qA/qQ/qQPqwP61ydq4/oI/qoPqqP6WP6uD6uT+gT+pQ+pU/r0/qMPqPP6XP6vD6vL+gL+pK+dPmyL5CBDHSgg3xBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEYAIMbEBBGJQMSgXR4KagdHBzkBiUCcoG5QIXlA+SgluCCsGtQcXgtqBScHtQObgjqBJUDaoF1YM7gxrBXUHNoFZQO7g7qBPUDeoF9YN7ggbBvUHD4L6gUXB/0Dh4IGgSPBg0DR4KmgUPB82DR4IWwaNBy+CxoFXQOmgTtA3a/an1vT9T5AnXz/Q3KWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm1Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNmnnHTDPvmunmPTPDzDSzzGyTbuaYueZ9M8/MNwvMB2ah+dAsMovNErPUZJiPTKZZZrLMx2a5+cRkmxVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtptPzQ6z0+wyu80es9fsM5+Z/eZzc8B8YXLMl+ag+Ys5ZL4yh83XJtd8Y46Yb81R8505Zr43x80P5oQ5aU6ZH81p85M5Y86ac+Znc978Yi6Yi+aS8Zcv7i+/vKNGjfkwH8ZgDMZiLMZhHBbEghjBCMZjPBbCQlgYC2NRLIoJmIAlsAReRkhYEktiFKNYGktjIiZiWSyLDh0mYRJWwApYEStiJayElbEyVsEqWA2r4Z14J96Fd2EtrIV3491YF+tifayPDbABNsSG2AgbYWNsjE2wCTbFptgMm2FzbI4tsAW2xJbYClthG2yD7bAdtsf22AE7YCfshJ2xM3bBLpiMydgVu2I37IbdsTv2wB7YE3tiL+yFfbAP9sW+2A/7YQqm4EAciINwEA7BITgMh+FwHI4jcASmYiqOwlE4GkfjGByDY3Ecjse3cQJOxEk4GafgVEzDNJyG03A6TscZOANn4SxMx3Sci3NxHs7DBbgAF+JCXISLcAkuwQzMwEzMxCzMwuW4HLMxG1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAHc/AgHsRDeAgP42HMxVw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/A8/oIX8CJeQo8xVopYe42Ns9fagvY6G2ML2N/GRW0xm2CL2xLW2MK2yD/EaK1NtGVsWVvOOlveJtlbfhdXsVVtNVvd3mlr2Ltszd/FDey9tqG9zzay99v69p5/iBvbB2wT+6htah+zzWxr29y2tS3so7alfcy2sq1tG9vWdrZP2S72aZtsn7Fd7bO/izPtMrvebrAb7Sa7335uz9mf7VH7nT1vf7H9bH87zL5qh9vX7Aj7uk21I38Xj7dv2wl2op1kJ9spdurv4ll2tk23c+xc+76dZ+f/Ls6wH9mFNssusovtErv01/hyT1n2Y7vcfmKz7Qq70q6yq+0au9au+49eV9ktdqvdZvfZz+wOu9PusrvtHrv31/jyeRywX9gc+6U9Yr+1h+xX9rA9ZnPtN7/Gl8/vmP3eHrc/2BP2pD1lf7Sn7U/2jD376/lfPvcf7UV7yXorCEiSIk0B5aP8FEMFKJauoTi6lgrSdRSh6ymebqBCdCMVpiJUlIpRAhWnEmQIyRJRSCWpFEXpJipNN1MilaGyVI4clackuoUq0K1UkW6jSnQ7VaY7qApVpWpUne6kGnQX1aRaVJvupjpUl+pRfbqHGtC91JDuo0Z0PzWmB6gJPUhN6SFqRg9Tc3qEWtCj1JIeo1bUmtpQW2pHj1N7eoI6UEfqRE9SZ3qKutDTlEzPUFd6lrrRc9Sdnqce9AL1pBepF/WmPvQS9aWXqR/1pxQaQAPpFRpEg2kIDaVh9CoNp9doBL1OqTSSRtEbNJrepDH0Fo2lcTSe3qYJNJEm0WSaQlMpjd6hafQuTaf3aAbNpFk0m9JpDs2l92kezacF9AEtpA9pES2mJbSUMugjyqRllEUf03L6hLJpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG2+lT2kE7aRftpj20l/bRZ7SfPqcD9AXl0Jd0kP5Ch+grOkxfUy59Q0foWzpK39Ex+p6O0w90gk7SKfqRTtNPdIbO0jn6mc7TL3SBLtIl8iRCCGWoQh0GYb4wfxgTFghjw2vCuPDasGB4XRgJrw/jwxvCQuGNYeGwSFg0LBYmhMXDEqEJMbQhhWFYMiwVRsObwtLhzWFiWCYsG5YLXVg+TApvCSuEt4YVw9vCSuHtYeXwjrBKWDV89P7q4Z1hjfCusGZYK6wd3h3WCeuG9cL64T1hg/DesGF4X9govD+sGD4QNgkfDJuGD4XNwofD5uEjYYvw0bBl+FjYKmwdtgnbhu3Cx8P24RNhh7Bj2Cl8MuwcPhV2CZ8Ok8Nnwq7hs394PCUcEA4MXwlfCb2/Ty2JLo1mRD+KZkaXRbOiH0eXRz+JZkdXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W9r59fOHDSKadd4PK5/C7GFXCx7hoX5651Bd11LuKud/HuBlfI3egKuyKuqCvmElxxV8IZh846cqEr6Uq5qLvJlXY3u0RXxpV15Zxz5V2Sa+vauXauvXvCdXAdXSf3pHvSPeWeck+7p90zrqt71nVzz7nu7nnXw73gXnAvul6ut+vjXnJ93cuun+vvUlyKG+gGukFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7GW6Gm+VmuXSX7ua6uW6em+cWuAVuYeJCt8gtckvcEpfhMlymy3RZLsstd8tdtst2K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfL7XJ73B63z+1z+91+d8AdcDkuxx10B90hd8gddl+7XPeNO+K+dUfdd+6Y+94ddz+4E+6kO+V+dKfdT+6MO+vOuZ/defeLu+AuukvOu7TIO5FpkXcj0yPvRWZEZkZmRWZH0iNzInMj70fmReZHFkQ+iCyMfBhZFFkcWRJZGsmIfBTJjCyLZEU+jiyPfBLJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Kl/c0+0ZfxZX0573x5n+Rv8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/tnfFf/rO/mn/Pd/fO+h3/B9/Qv+l6+t+/jX/J9/cu+n+/vU/wAP9C/4gf5wX6IH+qH+Vf9cP+aH+Ff96l+pB/l3/Cj/Zt+jH/Lj/Xj/Hj/tp/gJ/pJfrKf4qf6NP+On+bf9dP9e36Gn+ln+dk+3c/xc/37fp6f7xf4D/xC/6Ff5Bf7JX6pz/Af+Uy/zGf5j/1y/4nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+h1+p9/ld/s9fq/f5z/z+/3n/oD/wuf4L/1B/xd/yH/lD/uvfa7/xh/x3/qj/jt/zH/vj/sf/Al/0p/yP/rT/id/xp/15/zP/rz/xV/wF/0l/p81xhhjjLF/ifqD4wP+yffk39ZlA4UQ1+4slvufa24u/Nf9YJnQOSKEeKZ/z4f/vurUSdn698dmKxGUWiyEiFzJzyeuxCtEJ/GUSBYdRYV/2t9g2fs8/b5+Sspv6kdvFyL2Nzkx4kp8pf6t/0X9x58cn1k5PBf/39RfLERiqSs5BcSV+Er9iv9F/SLt/6D/Al+lCdHhNzlx4kp8pX6SeEI8K5L/4ZGMMcYYY4wxxthfDZbVuv/R/fPl+/MEfSUnv7gS/9H9OWOMMcYYY4wxxq6+53v3efrx5OSO3XnDG97w5j82V/svE2OMMcYYY+zPduWi/2p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V3/Gx8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/l8AAAD//zG6PD0=")
getegid()
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r4, &(0x7f0000006b40)={0x2020}, 0x2020)

5m47.062679919s ago: executing program 7 (id=609):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

5m46.633680114s ago: executing program 7 (id=613):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
socket(0x10, 0x3, 0x0)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
set_mempolicy(0x2, &(0x7f0000000040)=0xffd, 0x9)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x81})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
sync_file_range(0xffffffffffffffff, 0x8, 0x6, 0x1)

5m46.439277566s ago: executing program 36 (id=613):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
socket(0x10, 0x3, 0x0)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
set_mempolicy(0x2, &(0x7f0000000040)=0xffd, 0x9)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x81})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
sync_file_range(0xffffffffffffffff, 0x8, 0x6, 0x1)

5m35.088228728s ago: executing program 6 (id=656):
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x2c, &(0x7f0000000080)=[@in={0x2, 0x4e22, @rand_addr=0x64010100}, @in6={0xa, 0x4e22, 0x9c, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
r3 = dup(r0)
r4 = dup(r0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in6={{0xa, 0x4e22, 0xf, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x24, 0x8, 0xff}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0xfffffffc, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x806, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c)

5m34.8810475s ago: executing program 6 (id=657):
socket$packet(0x11, 0x3, 0x300)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0xa)
fchdir(r1)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x1031c2, 0xb4)
ftruncate(r2, 0x2007ffb)
close(r2)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x8000003d)
fcntl$setsig(r3, 0xa, 0x21)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)

5m32.686163268s ago: executing program 6 (id=664):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)

5m31.672164828s ago: executing program 6 (id=665):
r0 = socket(0x11, 0x3, 0xff)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={<r1=>0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000000140)=0xc)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000240)='./file1\x00', 0x2000084c, &(0x7f0000000300)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYRES64=r1, @ANYRES8=r3, @ANYRES16=r1, @ANYRES64=r1, @ANYBLOB="2c6469736361726459ad809e1eb82c00fb278330ab3b4884d36adf6908d11f5783dc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14fc, &(0x7f0000002a80)="$eJzs3AuUjlXbOPB97b1vxjTpaZLDsK993TxpsE2S5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDR5pUmSkJCw/0vv+356v97v6/3W2/+z1jfXb629Zl9zP9f1XPdcs+a572eteb7rOapei/q1mxGR+LfAX7+kCCFihBDDhBDXCSECIUSl+Erxl48XUJDy7z0J+3M9nH61O2BXE88/b+P55208/7yN55+38fzzNp5/3sbzz9t4/ozlZdvnFLueV95d/P5/Xsav//+H5Jaf/NXG8jf2+h+k8PzzNp5/3sbzz9t4/nkbzz9v4/n/31frvznG88/beP6M5WVX+/1nXld3Xe3fP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjecM5f4UWQvx9f7X7YowxxhhjjDHG2J/H57/aHTDGGGOMMcYYY+z/PxBSKKFFIPKJ/CJGFBCx4hoRJ64VBcV1IiKuF/HiBlFI3CgKiyKiqCgmEkRxUUIYgcIKEqEoKUqJqLhJlBY3i0RRRpQV5YQT5UWSuEVUELeKiuI2UUncLiqLO0QVUVVUE9XFnaKGuEvUFLVEbXG3qCPqinqivrhHNBD3iobiPtFI3C8aiwdEE/GgaCoeEs3Ew6K5eES0EI+KluIx0Uq0Fm1EW9Hut/l98/+L+S+JvuJl0U/0FyligBgoXhGDxGAxRAwVw8SrYrh4TYwQr4tUMVKMEm+I0eJNMUa8JcaKcWK8eFtMEBPFJDFZTBFTRZp4R0wT74rp4j0xQ8wUs8RskS7miLnifTFPzBcLxAdiofhQLBKLxRKxVGSIj0SmWCayxMdiufhEZIsVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLT8UOsVPsErvFHrFX7BOfif3ic3FAfCFyxJf/w/yz/ym/FwgQIEGCBg35IB/EQAzEQizEQRwUhIIQgQjEQzwUgkJQGApDUSgKCZAAJaAEICAQEJSEkhCFKJSG0pAIiVAWyoIDB0mQBBXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCyZAMXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB1SYSSMgjfgDXgTxsAZGAvjYDyMhxpyIkyCyUByKqRBGkyDaTAdpsMMmAkzYTakwxyYC3NhHsyH+fABLIQP4UNYDIthKWRABmTCMsiCLFgOZyEbVsBKWAWrYQ2shnWwHtbBRtgEG2ELbIFtsA0+hU9hJ+yE3bAb9sJe+Aw+g8/hc0iFHMiBg3AQDsEhOAyHIRdy4QgcgaNwFI7BMTgOx+EEnIRTcBJOw2k4A2fhHJyD83AeLsALCd8031tmQ6qQl2mpZT6ZT8bIGBkrY2WcjJMFZUEZkREZL+NlIVlIFpaFZVFZVCbIBFlClpAoUZIMZUlZUkZlVJaWpWWiTJRlZVnppJNJMklWkBVkRVlRVpK3y8ryDllFVpUdXXVZXdaQnVxNWUvWlrVlHVlX1pP1ZX3ZQDaQDWVD2Ug2ko1lY9lEPiibygEwBB6WlyfTQo6ElnIUtJKtZRvZVr4Jj8v2cgx0kB1lJ/mkHAdjoYts75LlM7KrnATd5HNyMjwve8ip0FO+KHvJ3rKPfEn2lR1cP9lfzoABcqCcDYPkYDlEDpXzoK68PLF68nWZKkfKUfINuRTelGPkW3KsHCfHy7flBDlRTpKT5RQ5VabJd+Q0+a6cLt+TM+RMOUvOlulyjpwr35fz5Hy5QH4gF8oP5SK5WC6RS2WG/EhmymUyS34sl8tPZLZcIVfKVXK1XCPXynVyvdwgN8pNcrPcIrfKbXK7/FTukDvlLrlb7pF75T75mdwvP5cH5BcyR34pD8q/yEPyK3lYfi1z5TfyiPxWHpXfyWPye3lc/iBPyJPylPxRnpY/yTPyrDwnf5bn5S/ygrwoL0kvhQIllVJaBSqfyq9iVAEVq65RcepaVVBdpyLqehWvblCF1I2qsCqiiqpiKkEVVyWUUaisIhWqkqqUiqqbVGl1s0pUZVRZVU45VV4lqVtUBXWrqqhuU5XU7aqyukNVUVVVNVVd3alqqLtUTVVL1VZ3qzqqrqqn6qt7VAN1r2qo7lON1P2qsXpANVEPqqbqIdVMPayaq0dUC/WoaqkeU61Ua9VGtVXt1OOqvXpCdVAdVSf1pOqsnlJd1NMqWT2juqpnVTf1nOqunlc91Auqp3pR9VK9VR91UV1SXvVT/VWKGqAGqlfUIDVYDVFD1TD1qhquXlMj1OsqVY1Uo9QbarR6U41Rb6mxapwar95WE9RENUlNVlPUVJWm3lHT1LtqunpPzVAz1Sw1W6WrOWrI3yot+Bfy3/0n+SN+ffZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb/9DIQGLbXSWgc6n86vY3QBHauv0XH6Wl1QX6cj+nodr2/QhfSNurAuoovqYjpBF9cltNGorSYd6pK6lI7qm3RpfbNO1GV0WV1OO11eJ+lb/u38P+qvnW6n2+v2uoPuoDvpTrqz7qy76C46WSfrrrqr7qa76e66u+6he+ieuqfupXvpPrqP7qv76n66n07RKXqgfkUP0oP1ED1UD9Ov6uF6uB6hR+hUnapH6VF6tB6tx+gxeqweq8fr8XqCnqAn6Ul6ip6i03Sanqan6el6up6hZ+hZepZO1+l6rp6r5+l5eoFeoBfqhXqRXqSX6CU6Q2foTJ2ps3SWXq6X62y9Qq/Qq/QqvUav0ev0Or1Bb9Cb9Ca9RW/R2Xq73q536B16l96l9+g9ep/ep/fr/fqAPqBzdI4+qA/qQ/qQPqwP61ydq4/oI/qoPqqP6WP6uD6uT+gT+pQ+pU/r0/qMPqPP6XP6vD6vL+gL+pK+dPmyL5CBDHSgg3xBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEYAIMbEBBGJQMSgXR4KagdHBzkBiUCcoG5QIXlA+SgluCCsGtQcXgtqBScHtQObgjqBJUDaoF1YM7gxrBXUHNoFZQO7g7qBPUDeoF9YN7ggbBvUHD4L6gUXB/0Dh4IGgSPBg0DR4KmgUPB82DR4IWwaNBy+CxoFXQOmgTtA3a/an1vT9T5AnXz/Q3KWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm1Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNmnnHTDPvmunmPTPDzDSzzGyTbuaYueZ9M8/MNwvMB2ah+dAsMovNErPUZJiPTKZZZrLMx2a5+cRkmxVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtptPzQ6z0+wyu80es9fsM5+Z/eZzc8B8YXLMl+ag+Ys5ZL4yh83XJtd8Y46Yb81R8505Zr43x80P5oQ5aU6ZH81p85M5Y86ac+Znc978Yi6Yi+aS8Zcv7i+/vKNGjfkwH8ZgDMZiLMZhHBbEghjBCMZjPBbCQlgYC2NRLIoJmIAlsAReRkhYEktiFKNYGktjIiZiWSyLDh0mYRJWwApYEStiJayElbEyVsEqWA2r4Z14J96Fd2EtrIV3491YF+tifayPDbABNsSG2AgbYWNsjE2wCTbFptgMm2FzbI4tsAW2xJbYClthG2yD7bAdtsf22AE7YCfshJ2xM3bBLpiMydgVu2I37IbdsTv2wB7YE3tiL+yFfbAP9sW+2A/7YQqm4EAciINwEA7BITgMh+FwHI4jcASmYiqOwlE4GkfjGByDY3Ecjse3cQJOxEk4GafgVEzDNJyG03A6TscZOANn4SxMx3Sci3NxHs7DBbgAF+JCXISLcAkuwQzMwEzMxCzMwuW4HLMxG1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAHc/AgHsRDeAgP42HMxVw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/A8/oIX8CJeQo8xVopYe42Ns9fagvY6G2ML2N/GRW0xm2CL2xLW2MK2yD/EaK1NtGVsWVvOOlveJtlbfhdXsVVtNVvd3mlr2Ltszd/FDey9tqG9zzay99v69p5/iBvbB2wT+6htah+zzWxr29y2tS3so7alfcy2sq1tG9vWdrZP2S72aZtsn7Fd7bO/izPtMrvebrAb7Sa7335uz9mf7VH7nT1vf7H9bH87zL5qh9vX7Aj7uk21I38Xj7dv2wl2op1kJ9spdurv4ll2tk23c+xc+76dZ+f/Ls6wH9mFNssusovtErv01/hyT1n2Y7vcfmKz7Qq70q6yq+0au9au+49eV9ktdqvdZvfZz+wOu9PusrvtHrv31/jyeRywX9gc+6U9Yr+1h+xX9rA9ZnPtN7/Gl8/vmP3eHrc/2BP2pD1lf7Sn7U/2jD376/lfPvcf7UV7yXorCEiSIk0B5aP8FEMFKJauoTi6lgrSdRSh6ymebqBCdCMVpiJUlIpRAhWnEmQIyRJRSCWpFEXpJipNN1MilaGyVI4clackuoUq0K1UkW6jSnQ7VaY7qApVpWpUne6kGnQX1aRaVJvupjpUl+pRfbqHGtC91JDuo0Z0PzWmB6gJPUhN6SFqRg9Tc3qEWtCj1JIeo1bUmtpQW2pHj1N7eoI6UEfqRE9SZ3qKutDTlEzPUFd6lrrRc9Sdnqce9AL1pBepF/WmPvQS9aWXqR/1pxQaQAPpFRpEg2kIDaVh9CoNp9doBL1OqTSSRtEbNJrepDH0Fo2lcTSe3qYJNJEm0WSaQlMpjd6hafQuTaf3aAbNpFk0m9JpDs2l92kezacF9AEtpA9pES2mJbSUMugjyqRllEUf03L6hLJpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG2+lT2kE7aRftpj20l/bRZ7SfPqcD9AXl0Jd0kP5Ch+grOkxfUy59Q0foWzpK39Ex+p6O0w90gk7SKfqRTtNPdIbO0jn6mc7TL3SBLtIl8iRCCGWoQh0GYb4wfxgTFghjw2vCuPDasGB4XRgJrw/jwxvCQuGNYeGwSFg0LBYmhMXDEqEJMbQhhWFYMiwVRsObwtLhzWFiWCYsG5YLXVg+TApvCSuEt4YVw9vCSuHtYeXwjrBKWDV89P7q4Z1hjfCusGZYK6wd3h3WCeuG9cL64T1hg/DesGF4X9govD+sGD4QNgkfDJuGD4XNwofD5uEjYYvw0bBl+FjYKmwdtgnbhu3Cx8P24RNhh7Bj2Cl8MuwcPhV2CZ8Ok8Nnwq7hs394PCUcEA4MXwlfCb2/Ty2JLo1mRD+KZkaXRbOiH0eXRz+JZkdXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W9r59fOHDSKadd4PK5/C7GFXCx7hoX5651Bd11LuKud/HuBlfI3egKuyKuqCvmElxxV8IZh846cqEr6Uq5qLvJlXY3u0RXxpV15Zxz5V2Sa+vauXauvXvCdXAdXSf3pHvSPeWeck+7p90zrqt71nVzz7nu7nnXw73gXnAvul6ut+vjXnJ93cuun+vvUlyKG+gGukFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7GW6Gm+VmuXSX7ua6uW6em+cWuAVuYeJCt8gtckvcEpfhMlymy3RZLsstd8tdtst2K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfL7XJ73B63z+1z+91+d8AdcDkuxx10B90hd8gddl+7XPeNO+K+dUfdd+6Y+94ddz+4E+6kO+V+dKfdT+6MO+vOuZ/defeLu+AuukvOu7TIO5FpkXcj0yPvRWZEZkZmRWZH0iNzInMj70fmReZHFkQ+iCyMfBhZFFkcWRJZGsmIfBTJjCyLZEU+jiyPfBLJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Kl/c0+0ZfxZX0573x5n+Rv8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/tnfFf/rO/mn/Pd/fO+h3/B9/Qv+l6+t+/jX/J9/cu+n+/vU/wAP9C/4gf5wX6IH+qH+Vf9cP+aH+Ff96l+pB/l3/Cj/Zt+jH/Lj/Xj/Hj/tp/gJ/pJfrKf4qf6NP+On+bf9dP9e36Gn+ln+dk+3c/xc/37fp6f7xf4D/xC/6Ff5Bf7JX6pz/Af+Uy/zGf5j/1y/4nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+h1+p9/ld/s9fq/f5z/z+/3n/oD/wuf4L/1B/xd/yH/lD/uvfa7/xh/x3/qj/jt/zH/vj/sf/Al/0p/yP/rT/id/xp/15/zP/rz/xV/wF/0l/p81xhhjjLF/ifqD4wP+yffk39ZlA4UQ1+4slvufa24u/Nf9YJnQOSKEeKZ/z4f/vurUSdn698dmKxGUWiyEiFzJzyeuxCtEJ/GUSBYdRYV/2t9g2fs8/b5+Sspv6kdvFyL2Nzkx4kp8pf6t/0X9x58cn1k5PBf/39RfLERiqSs5BcSV+Er9iv9F/SLt/6D/Al+lCdHhNzlx4kp8pX6SeEI8K5L/4ZGMMcYYY4wxxthfDZbVuv/R/fPl+/MEfSUnv7gS/9H9OWOMMcYYY4wxxq6+53v3efrx5OSO3XnDG97w5j82V/svE2OMMcYYY+zPduWi/2p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V3/Gx8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/l8AAAD//zG6PD0=")
getegid()
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r4, &(0x7f0000006b40)={0x2020}, 0x2020)

5m31.374371705s ago: executing program 6 (id=666):
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000000100)=0xfffe, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000240)="3d4077e50823a7746c0ee30dd0afdfb5ff2a258d495dc9d2c2a25bc7dc0b11bde0d15d0770675db17901", 0x2a}, {&(0x7f0000000080)="b28231adddba8ed6f23bf98ca8caa015ab797f57", 0x14}], 0x2, 0x0)
recvmmsg(r3, &(0x7f0000001440)=[{{&(0x7f0000000280)=@un=@abs, 0x0, &(0x7f0000001400)=[{&(0x7f0000001480)=""/1}, {&(0x7f0000000300)=""/102}, {&(0x7f0000000380)=""/4096}, {&(0x7f0000001380)=""/111}]}}], 0x700, 0x40002002, 0x0)
write$binfmt_misc(r2, &(0x7f0000000040), 0xffc1)
setsockopt$sock_int(r3, 0x1, 0x10, &(0x7f0000000180)=0x55b7, 0x4)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

5m29.22828827s ago: executing program 6 (id=673):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x3, 0x15f}, &(0x7f0000000140)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4000, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f00000003c0)=""/216, 0xd8}], 0x1})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000000)=[{r1, 0x245}], 0x1, 0x0, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f00000028c0)={0x0, 0x0, 0x0}, 0xc85405757c582a58)

5m29.05580959s ago: executing program 37 (id=673):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x3, 0x15f}, &(0x7f0000000140)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4000, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f00000003c0)=""/216, 0xd8}], 0x1})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000000)=[{r1, 0x245}], 0x1, 0x0, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f00000028c0)={0x0, 0x0, 0x0}, 0xc85405757c582a58)

4m56.801708752s ago: executing program 5 (id=771):
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x3, @local}}, 0x1e)
connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @multicast2}}, 0x1e)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r1, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e)
connect$pptp(r1, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x1)

4m56.612337573s ago: executing program 5 (id=775):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, 0x0, 0x0}, 0x94)
r0 = fsopen(&(0x7f0000000300)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x3)
fchdir(r1)
r2 = fanotify_init(0x1a, 0x1)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124)
fanotify_mark(r2, 0x541, 0x1023, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="090d2000000000f0ff000700000008000300", @ANYRES32=r6, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050006000000140004"], 0x58}}, 0x0)

4m54.09645437s ago: executing program 5 (id=780):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000000)={[{@test_dummy_encryption}, {@init_itable}, {@norecovery}]}, 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0xd01ce0, 0x0, 0x82, 0x0, &(0x7f0000000080))
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000280)=""/4096, 0x9005)

4m51.556300429s ago: executing program 5 (id=790):
sendto$packet(0xffffffffffffffff, &(0x7f00000002c0)="05031600d3fc140000004788031c09", 0xf, 0x4, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3000000040000701feffffff00000000047c000004"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4m50.524262768s ago: executing program 5 (id=793):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a1)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0), 0x14000, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
chdir(&(0x7f0000000100)='./file0\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0xffffffff)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4m49.040378635s ago: executing program 5 (id=798):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x4c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}}, 0x0)

4m33.934831827s ago: executing program 38 (id=798):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x4c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}}, 0x0)

2m44.752430517s ago: executing program 2 (id=1251):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
socket(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x38, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000080)={0x3ff, 0x7, 0x100000, 0x9, 0x0, 0xf, 0xd, 0x400000000000}, 0x0, 0x0)

2m43.756904796s ago: executing program 2 (id=1254):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x80000004})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000000)={0xa0000001})
epoll_pwait(r4, &(0x7f0000000600)=[{}], 0x1, 0x1ff, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

2m42.459339691s ago: executing program 3 (id=1260):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mq_notify(r3, &(0x7f00000000c0)={0x0, 0xc, 0x0, @thr={0x0, 0x0}})
readv(r3, &(0x7f0000000000)=[{&(0x7f0000000100)=""/251}], 0x59)

2m42.412344264s ago: executing program 2 (id=1261):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c3790000000000fffffdef000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)

2m41.379175445s ago: executing program 3 (id=1262):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000000002}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000640)={@remote, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0xffffffff, 0x40, 0x93, 0x100, 0x2, 0xbb002f})

2m41.132580849s ago: executing program 2 (id=1263):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%pB    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x10, &(0x7f0000000640)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x54}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}]}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2m41.032280815s ago: executing program 3 (id=1264):
unshare(0x22020600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x6, 0x3}, 0x50)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, 0x0, 0x0)
r1 = io_uring_setup(0x7d1, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x2)
close_range(r1, r1, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x1f, 0x3}, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000000)={'team0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000fbff27bd7002fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="14100400040004001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x4c}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)

2m40.166448555s ago: executing program 2 (id=1267):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b409859a3cb7dbf298c7802264387811e20a0d78489eab0b0e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x2e0, 0x12c, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e0cf086dd0de0ffff00184000630677fbac141414e000000162079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c)

2m38.916426718s ago: executing program 2 (id=1270):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x10, &(0x7f0000000080)={[{@acl}, {@nodiscard}, {@oldalloc}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

2m38.71131054s ago: executing program 3 (id=1272):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0xf5, 0x1}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r5, &(0x7f00000000c0)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x804}, 0x4)

2m37.777580915s ago: executing program 3 (id=1274):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @pic={0x0, 0x7, 0x5, 0x93, 0x0, 0x0, 0x4, 0xbb, 0x2, 0xc0, 0x6d, 0x26, 0x61, 0x7, 0x95, 0xd}})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r4 = dup(r0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8)

2m37.608989985s ago: executing program 3 (id=1277):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e28, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x5}, 0x1c)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)
getsockopt$IP_SET_OP_GET_BYNAME(r1, 0x1, 0x53, &(0x7f0000000080)={0x6, 0x7, 'syz0\x00'}, &(0x7f0000000140)=0x28)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x10, &(0x7f0000000100)={[{@acl}, {@nodiscard}, {@dioread_nolock}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000000c00078008000640000007010500050002000000050004000000000016000300686173683a6e65742c706f7274"], 0x5c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

2m23.357497886s ago: executing program 39 (id=1270):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x10, &(0x7f0000000080)={[{@acl}, {@nodiscard}, {@oldalloc}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

2m22.450166069s ago: executing program 40 (id=1277):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e28, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x5}, 0x1c)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)
getsockopt$IP_SET_OP_GET_BYNAME(r1, 0x1, 0x53, &(0x7f0000000080)={0x6, 0x7, 'syz0\x00'}, &(0x7f0000000140)=0x28)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x10, &(0x7f0000000100)={[{@acl}, {@nodiscard}, {@dioread_nolock}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000000c00078008000640000007010500050002000000050004000000000016000300686173683a6e65742c706f7274"], 0x5c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

11.841020519s ago: executing program 4 (id=1742):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f0000000340)=@nullb, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='affs\x00', 0x0, 0x0)

10.735191403s ago: executing program 4 (id=1744):
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000780)=ANY=[@ANYBLOB="7a0af8ff75257000bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b25952850a84a70002b2ab3d6ffaa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc44bc25fb591cf77b9dfb379a3f611dbc2a364916f098dab10b1a297cf528666d1ddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e9e54687d3c56d7bedb6b2f25ddb8c640bb321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0b6dd7356aa79d5fabb5c0d0da6d719d7e0efb2bb713d18242cd5df6ca53307a4cdd91be4587f90e317c8de5e5c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1786eda2b20"], &(0x7f0000000100)='GPL\x00'}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000740)=r2, 0x4)
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

10.332332356s ago: executing program 1 (id=1745):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0xffffffff, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x6, 0x6691}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f0000000240)="800000", 0x3, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0x9c, 0x6, @random="48802e59d488"}, 0x14)

8.864446812s ago: executing program 1 (id=1749):
socket$qrtr(0x2a, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r3, 0x11b, 0x1, 0x0, 0xfffffffffffffffc)

7.078462577s ago: executing program 1 (id=1750):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x0, '\x00', 0x0, 0x0}, 0x50)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x5, 0x0, 0x3})
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0x3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x0}, {0x18, 0x9, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x5, 0x2}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0xd, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.674690808s ago: executing program 1 (id=1754):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x128, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xad}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x74}, [@coaddr={0x14, 0xe, @in6=@remote}, @lifetime_val={0x24, 0x9, {0x100000000, 0x8000000000000001, 0xb4, 0x5}}]}, 0x128}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0xb400, 0x2, 0xfeffff7f00000000}, {0x100, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x4cc00)
r2 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10)
setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, "b00dea55fe1c39c5", "0b59a18dc565492a7257f7bc0cf24d6568d8ca8aced6a5f94de56e4a39ffae42", "e60a84b0", "48f7cfcde39d035d"}, 0x38)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x18, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="05b001001608b965303fc97b27a2ed046e84fd"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000000)={0x0, 0x5}, 0x8)

5.558356945s ago: executing program 0 (id=1755):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x100000a, 0x5d032, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000})

5.324300309s ago: executing program 1 (id=1758):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mount$nfs(0x0, 0x0, 0x0, 0x0, 0x0)
ioperm(0x0, 0x2, 0x7e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x200)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="2000000000000000180a02000000000000000000000000009500000000bb0000", @ANYRES64], &(0x7f0000003ff6)='GPL\x00', 0x6, 0xff92, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3d, 0x0, 0xffffffffffffffff, 0xfe45}, 0x23)
ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f0000000200))
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000300)=""/138)

4.61607175s ago: executing program 0 (id=1759):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
futex(0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffe)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
capset(0x0, &(0x7f0000001080)={0x200000, 0x200000})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
readv(r1, &(0x7f0000000a00)=[{&(0x7f0000000340)=""/141, 0x8d}], 0x1)
shutdown(r1, 0x1)

4.61589139s ago: executing program 9 (id=1760):
syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2)
r0 = syz_io_uring_setup(0x106, &(0x7f0000000140)={0x0, 0x5883, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

4.131907739s ago: executing program 8 (id=1761):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r1 = epoll_create(0xd)
r2 = timerfd_create(0x0, 0x80800)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x300, r2, &(0x7f0000000040)={0x32000000})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pwritev2(r1, &(0x7f0000000500)=[{&(0x7f0000000200)}, {0x0}, {&(0x7f00000000c0)="196733762809e9", 0x7}, {&(0x7f00000003c0)="b1502276b0ae55f3d9e1372c361461", 0xf}, {&(0x7f0000000400)="b347788c430fbd7ce31b5e29dffd676246aef0b647d4c446b2aa832c9c0a20ff545cb6a9caff70b3405fb61482045ff97f9a213854cfa75b59bf464d121b65084e44398d0aeb4e05df3ce4b1934f119d3b80c689480432e5eb886490f55a7e59d063445f00ea7f0989e5b2dd94f0b508c0d53645eec92df7e655e65e81823996ac655f16e6823dee101b1549e0cbe0030ab7ab167b66898a027f1841bde8a7dc61ab721a18c0d6b18a978e30ea24e9354f9a0f8ee8d89862026d33822eb3fdfadf4162294ae715e5521544340ff9ebf3afb2e28de18baf8ecc7a15d14be1e5687c6b04356c17941d3860fa5f46572a23f6", 0xf1}], 0x5, 0x6, 0x1ff, 0x1)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x0)
prctl$PR_GET_THP_DISABLE(0x2a)
openat(r3, 0x0, 0x1a9040, 0x1d)
sync_file_range(r3, 0x1, 0x9, 0xd)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
write$vga_arbiter(r0, &(0x7f0000000140)=ANY=[], 0xc)
write$vga_arbiter(r0, &(0x7f0000000080)=@other={'decodes', ' ', 'none'}, 0xd)

3.484325586s ago: executing program 4 (id=1762):
listen(0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0xffffffffffffff88)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
lseek(0xffffffffffffffff, 0x2000, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, 0x0, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f00000011c0))
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{}, {0x0, 0x989680}}, 0x0)
timer_settime(r1, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_read_part_table(0x4081, &(0x7f0000001200)="$eJzs07FK+lEUB/Cjw1/4t1j0AHeLQOqnmeQUFQ0N5uDUWGEhiEFauLS09iQ9Ug/QcxiYgZgFWRDE5zOde7/3XM5w79Lz415E5DZvep1hzMhHxGhc7eYjchFRnSS52aP9y0739Kzdfe3Kz8Z8WfGD/bv7SfFvXlr49M615YjjFBH/B0+rB9+dkD+gsH4yvRyNvf/fiznab6TmYSNltVqlVa6k9PZmHyKb35Fl2VTyQ2MsZKXYuhim2/Z1v3PVS9sbW6XUPB+k8k4plev16i9OBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2T6NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgVgAAAP//p6MgDg==")
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

3.375270693s ago: executing program 9 (id=1763):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x4c, 0x10, 0xfffffffffffffdff, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x33822}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
socket$phonet_pipe(0x23, 0x5, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bond0\x00', <r6=>0x0})
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0x100000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x4c}, 0x1, 0xba01}, 0x0)

3.218224182s ago: executing program 8 (id=1764):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
getpeername$l2tp(r0, 0x0, 0x0)

2.954651407s ago: executing program 1 (id=1765):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@polexpire={0xc8, 0x1b, 0x1, 0x0, 0x0, {{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x6e6bbc}}, [@XFRMA_IF_ID={0x8}]}, 0xc8}}, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})

2.197941772s ago: executing program 8 (id=1766):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x4004845}, 0x480c5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x55)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0, 0x4})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f00000001c0)={0x1, 0x1, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x39383ddd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)

2.183766662s ago: executing program 9 (id=1767):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x4c, r3, 0x1, 0x0, 0x0, {0x3d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd, 0x82}, {0x5, 0x87}}]}, 0x4c}}, 0x8)

2.076721869s ago: executing program 0 (id=1768):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x20, r0, 0x5, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}]]}, 0x20}, 0x1, 0x0, 0x0, 0x4040048}, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x201, 0x0)
pipe2$watch_queue(&(0x7f0000001180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
r5 = add_key$keyring(&(0x7f0000001600), &(0x7f0000001640)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r4, 0x7c)
r6 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000080)='*', 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r3, 0x36)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x30, 0x2, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xe08}]}, @CTA_TUPLE_ORIG={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xa5}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000084}, 0x20044804)

2.067891839s ago: executing program 4 (id=1769):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
pipe2(&(0x7f0000000000), 0x80000)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r3, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x802)

2.067298609s ago: executing program 8 (id=1770):
r0 = getpid()
syz_mount_image$fuse(0x0, 0x0, 0x21000, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
chroot(0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)

1.686004421s ago: executing program 0 (id=1771):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000002c0)={0x0, 0xffffdfffffffffff, 0x1000, 0x0, 0x1}, 0x20)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20)
r2 = socket$phonet(0x23, 0x2, 0x1)
set_mempolicy(0x3, &(0x7f0000000000)=0x7fffffff, 0x8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_bond\x00', <r3=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x10000, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r1, &(0x7f00000002c0)={0x2c, 0x4, r3, 0x30, r1}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)

1.168383741s ago: executing program 9 (id=1772):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000c00)={0x44, 0x0, &(0x7f0000000a80)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000007fc0)={0x2020}, 0x2020)

1.096413796s ago: executing program 8 (id=1773):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xf, 0xf}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000022c0)=@newtfilter={0x34, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xffe0}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004400)=@getchain={0x24, 0x66, 0xfff1, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0xe, 0xfff2}, {0x0, 0xfff1}, {0xffff, 0x1ffef}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x800)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r6)

1.077655947s ago: executing program 4 (id=1774):
syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2)
r0 = syz_io_uring_setup(0x106, &(0x7f0000000140)={0x0, 0x5883, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.043360929s ago: executing program 9 (id=1775):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2], 0x3c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[], 0x47)
splice(r5, 0x0, r4, 0x0, 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r7, 0x4068aea3, &(0x7f0000000300)={0xcc, 0x0, 0x1})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

992.388292ms ago: executing program 0 (id=1776):
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
pread64(r0, &(0x7f0000000040)=""/4096, 0x1000, 0x7ffffffffffff8)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r1 = socket$netlink(0x10, 0x3, 0x6)
writev(r1, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, 0x1, 0x4, 0x401, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x9}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x404c084)
mq_unlink(&(0x7f0000000340)='eth0\x00')

766.711904ms ago: executing program 0 (id=1777):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000180)={[{@noblock_validity}, {@dioread_lock}, {@nobh}, {@oldalloc}, {@acl}, {@usrjquota, 0x2e}, {@noacl}, {@nodiscard}, {@jqfmt_vfsv0}, {@usrquota}], [], 0x2c}, 0x1, 0x45e, &(0x7f0000000480)="$eJzs20tvG0UcAPD/2nHfJaGUR0sBQ3lEPJImLdADlyKQekFCgkM5hjStSt0GNUGiVUUDh3JE/QTAEYlPwIleEHACcYU7QqpQLxQOaNHaa2Ps2DhOXLf17ydtPLM7653/7k48O2MHMLLK2Z8kYkdE/BwR4xFRbC1Qrr3cuH5x/s/rF+eTSNM3fk+y3eKP6xfn60WT/HV7npksNFa1WTp/4fRcpbJwLs9PL595d3rp/IXnTp2ZO7lwcuHs7OHDhw7OvPjC7PMbEufOrK57P1jct+foW1demz925e3vvswqtyPf3hxHzcS6j1mOcscT8MS63/3WsjN/7XjBuSVlbX0sIkrV9j8exWquZjxe/WiolQMGKk3TdHPb2kYPYCUF7mBJDLsGwHDUP+iz59/6chO7H0N37UjtASiL+0a+1LaMRSEvU2p6vt1o5Yg4tvLXp9kSq45DAABsrK+z/s+zq/X/CnFfU7m78rmhiYi4OyJ2RcQ9EbE7Iu6NqJa9PyIeWOPxyy359v7Pj1v7CqxH145E8lI+t/Xf/l+99xcTxTy3sxp/KTlxqrJwID8nk1HanOVnuhzj6is/fdJpW3P/L1uy49f7gnk9fhtrGaA7Prc8t56Ym137sDoGeKk9/qQxE5BExJ6I2NvH+2+JiFNPf7GvbUPTRFH3+LsY66NCLdLPI56qXf+VaIm/uapd5ient0Rl4cB0/a5o9/0Pl1/vdPz/v/6DlV3/bave/434J5Lm+dqltR/j8i8fd3ym6ff+35S8WU1vyte9P7e8fG4mYlOy0r5+9t996/l6+Sz+yf2rt/9dEX9/lu/3YERkN/FDEfFwRDyS1/3RiHgsIvZ3if/blx9/p//4ByuL//iarv/aE8XT33zV6fi9Xf9D1dRkvqaX/3+9VnA95w4AAABuF4Xqd+CTwlQjXShMTdW+w787thUqi0vLz5xYfO/s8dp35SeiVKiPdI03jYfO5GPD9fxsS/5gddw4TdN0azU/Nb9YGdScOtCb7R3af+bX4rBrBwzcmubR/MIL7igbMI8O3Ka0fxhd2j+MLu0fRtdq7f9SxI0hVAW4yXz+w+jS/mF0af8wurR/GEnr+V1/t8Suo4N659sxcTUiOpUpDrWGT27vd/coDPus9p4o5Xd7Y03hFqlYNbE5InotfCluVsWG/I8JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7CF5k8=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000100)={0x401, 0x400, 0xec6})
r3 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ppoll(&(0x7f0000000240)=[{r3, 0x3419}], 0x1, 0x0, 0x0, 0x0)

87.380085ms ago: executing program 9 (id=1778):
r0 = socket(0x400000000010, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0xb1, 0x0, 0x0, 0xffeff024}, {0x6, 0x0, 0x4}]}, 0x10)
sendmmsg(r4, &(0x7f0000001c00), 0x400000000000159, 0x40840)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000000)=@ethtool_rx_ntuple={0x35, {0xd, @tcp_ip4_spec={@dev={0xac, 0x14, 0x14, 0x44}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e20, 0x4e24, 0x5}, @ah_ip4_spec={@broadcast, @private=0xa010100, 0xfffffff7, 0x7}, 0x2e67, 0x200, 0x5, 0x10004e55, 0xffffffffffffffff}}})

66.566856ms ago: executing program 4 (id=1779):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000100)='X', 0x1, 0x20008040, &(0x7f000005ffe4)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x4}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x88, 0x1, 0x0, 0x3}, 0xe)
shutdown(r3, 0x1)
recvmmsg(r3, &(0x7f0000000840)=[{{0x0, 0x41, 0x0}}], 0x414, 0x406, 0x0)

0s ago: executing program 8 (id=1780):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e1f, 0x3, 'lc\x00', 0x4, 0x81, 0x5}, {@rand_addr=0x64010102, 0x4e26, 0x0, 0xcb, 0x12d60, 0x9}}, 0x44)

kernel console output (not intermixed with test programs):

p11, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  202.610920][ T3561]  loop5: p1 < > p4
[  202.626740][ T3561] loop5: p4 size 8388608 extends beyond EOD, truncated
[  202.639251][ T6896] EXT4-fs (loop11): unable to read superblock
[  202.693618][ T4454] usb 9-1: Using ep0 maxpacket: 8
[  202.813655][ T4454] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  202.871455][ T4454] usb 9-1: config 0 has no interfaces?
[  202.895627][ T4454] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  202.931159][ T4454] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.984978][ T4454] usb 9-1: config 0 descriptor??
[  203.052348][ T5320] udevd[5320]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  203.105899][ T4175] udevd[4175]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  203.208596][ T5320] udevd[5320]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  203.225525][ T4175] udevd[4175]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  203.342387][ T5320] udevd[5320]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  203.360863][ T4175] udevd[4175]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  204.233995][ T6888] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  204.256172][ T5025] usb 9-1: USB disconnect, device number 3
[  204.470580][ T6931] 8021q: adding VLAN 0 to HW filter on device bond2
[  204.660511][ T6944] loop5: detected capacity change from 0 to 128
[  205.968100][ T6959] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  206.020845][ T6959] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  206.100830][ T6959] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  206.159465][ T6959] device bridge_slave_0 left promiscuous mode
[  206.201624][ T6959] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.402996][ T6959] device bridge_slave_1 left promiscuous mode
[  206.441103][ T6959] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.497075][ T6959] bond0: (slave bond_slave_0): Releasing backup interface
[  206.543117][ T6959] bond0: (slave bond_slave_1): Releasing backup interface
[  206.675084][ T6959] team0: Port device team_slave_0 removed
[  206.723133][ T6959] team0: Port device team_slave_1 removed
[  206.734936][ T6959] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  206.742797][ T6959] batman_adv: batadv0: Removing interface: batadv_slave_0
[  206.809751][ T6979] loop8: detected capacity change from 0 to 8
[  207.101761][ T6979] SQUASHFS error: xz decompression failed, data probably corrupt
[  207.109922][ T6979] SQUASHFS error: Failed to read block 0x108: -5
[  207.116560][ T6979] SQUASHFS error: Unable to read metadata cache entry [106]
[  207.124957][ T6979] SQUASHFS error: Unable to read inode 0x101f
[  207.303954][ T6959] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  207.333813][ T6959] batman_adv: batadv0: Removing interface: batadv_slave_1
[  207.435866][ T6960] team0: Mode changed to "broadcast"
[  207.494620][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.7.564'.
[  207.729137][ T6985] netlink: 'syz.8.572': attribute type 1 has an invalid length.
[  208.214729][ T7011] loop5: detected capacity change from 0 to 16
[  208.421755][ T7011] erofs: (device loop5): mounted with root inode @ nid 36.
[  208.469203][ T7011] erofs: (device loop5): z_erofs_lz4_decompress: failed to decompress 1929 in[58, 4038] out[2639]
[  208.483690][ T7011] erofs: (device loop5): z_erofs_readpage: failed to read, err [-117]
[  210.056427][ T7038] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  210.116725][ T7043] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  210.168471][ T7043] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  210.243507][ T7038] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  211.299318][ T7047] syz.8.588 (7047) used greatest stack depth: 16944 bytes left
[  211.533672][ T7074] 9pnet_virtio: no channels available for device syz
[  211.865898][ T7085] loop7: detected capacity change from 0 to 256
[  213.143575][ T7091] kexec: Could not allocate control_code_buffer
[  213.341070][ T4454] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  213.613957][ T4454] usb 7-1: Using ep0 maxpacket: 32
[  213.664670][ T7085] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d)
[  213.745668][ T4454] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.783994][ T4454] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.796836][ T4454] usb 7-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  213.806292][ T4454] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.816880][ T4454] usb 7-1: config 0 descriptor??
[  214.217637][    T9] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.284501][    T9] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.295813][ T4454] ft260 0003:0403:6030.0004: unknown main item tag 0x0
[  214.302733][ T4454] ft260 0003:0403:6030.0004: unknown main item tag 0x0
[  214.456598][ T4454] ft260 0003:0403:6030.0004: hidraw0: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.6-1/input0
[  214.501607][    T9] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.989833][    T9] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.199691][ T4454] ft260 0003:0403:6030.0004: chip code: 0000 0000
[  215.375354][ T4454] ft260 0003:0403:6030.0004: failed to retrieve status: -32
[  216.292929][    T7] Bluetooth: hci2: command 0x0405 tx timeout
[  216.326252][ T7080] ft260 0003:0403:6030.0004: ft260_i2c_read: failed to start transaction, ret -38
[  216.453368][    T7] usb 7-1: reset high-speed USB device number 3 using dummy_hcd
[  217.269318][ T7136] lo speed is unknown, defaulting to 1000
[  217.330997][ T4239] usb 7-1: USB disconnect, device number 3
[  217.441552][ T7163] netlink: 24 bytes leftover after parsing attributes in process `syz.5.622'.
[  217.603630][ T5029] Bluetooth: hci1: command 0x0409 tx timeout
[  217.677772][ T7162] device syzkaller1 entered promiscuous mode
[  218.577605][ T7136] chnl_net:caif_netlink_parms(): no params data found
[  218.645234][ T7183] raw_sendmsg: syz.6.628 forgot to set AF_INET. Fix it!
[  218.709684][ T7189] loop5: detected capacity change from 0 to 512
[  218.878833][ T7189] EXT4-fs (loop5): Ignoring removed oldalloc option
[  219.007962][ T7136] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.017489][ T7136] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.032005][ T7136] device bridge_slave_0 entered promiscuous mode
[  219.251840][ T7189] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nodiscard,oldalloc,,errors=continue. Quota mode: none.
[  219.432895][ T7136] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.461328][ T7136] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.488738][ T7136] device bridge_slave_1 entered promiscuous mode
[  219.547779][ T7136] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.673842][ T4454] Bluetooth: hci1: command 0x041b tx timeout
[  219.736402][ T7136] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.895910][ T7213] 8021q: adding VLAN 0 to HW filter on device bond1
[  219.908078][ T7136] team0: Port device team_slave_0 added
[  220.053579][ T7224] netlink: 8 bytes leftover after parsing attributes in process `syz.8.636'.
[  221.227572][    T9] device hsr_slave_0 left promiscuous mode
[  221.260664][    T9] device hsr_slave_1 left promiscuous mode
[  221.319847][    T9] device veth1_macvtap left promiscuous mode
[  221.388724][    T9] device veth0_macvtap left promiscuous mode
[  221.419946][    T9] device veth1_vlan left promiscuous mode
[  221.479787][    T9] device veth0_vlan left promiscuous mode
[  222.325837][    T7] Bluetooth: hci1: command 0x040f tx timeout
[  222.364151][ T4451] Bluetooth: hci3: command 0x0406 tx timeout
[  223.440674][ T7243] loop5: detected capacity change from 0 to 32768
[  223.541093][ T7243] XFS (loop5): Mounting V5 Filesystem
[  223.672401][    T9] bond0 (unregistering): Released all slaves
[  223.704132][ T7243] XFS (loop5): Ending clean mount
[  223.767414][ T7136] team0: Port device team_slave_1 added
[  223.787416][ T7250] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  223.853999][ T7136] batman_adv: batadv0: Adding interface: batadv_slave_0
[  223.860975][ T7136] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.034765][ T7136] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  224.047870][ T7136] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.055302][ T7136] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.082316][ T7136] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  224.173640][ T4445] XFS (loop5): Unmounting Filesystem
[  224.838561][ T4455] Bluetooth: hci1: command 0x0419 tx timeout
[  224.892939][ T7136] device hsr_slave_0 entered promiscuous mode
[  224.954632][ T7136] device hsr_slave_1 entered promiscuous mode
[  225.023505][ T7136] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  225.031100][ T7136] Cannot create hsr debugfs directory
[  225.423241][ T7303] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  225.452422][ T7304] md: md2 stopped.
[  225.608606][ T7303] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.621943][ T7278] autofs4:pid:7278:autofs_fill_super: called with bogus options
[  225.814950][ T7136] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  225.874744][ T7136] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  225.917939][ T7136] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  225.982016][ T7136] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  227.338054][ T7136] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.869773][ T7346] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  227.946128][ T7346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  228.051284][   T26] kauditd_printk_skb: 50 callbacks suppressed
[  228.051298][   T26] audit: type=1800 audit(1770648713.548:397): pid=7332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.657" name="bus" dev="ramfs" ino=44256 res=0 errno=0
[  228.109732][ T7346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  228.249068][ T7346] device bridge_slave_0 left promiscuous mode
[  228.293694][ T7346] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.348036][ T7346] device bridge_slave_1 left promiscuous mode
[  229.325999][ T7346] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.347559][ T7373] loop6: detected capacity change from 0 to 256
[  229.419796][ T7373] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d)
[  229.463950][ T7346] bond0: (slave bond_slave_0): Releasing backup interface
[  229.636682][ T7346] bond0: (slave bond_slave_1): Releasing backup interface
[  230.013063][ T7346] team0: Port device team_slave_0 removed
[  230.083741][ T7346] team0: Port device team_slave_1 removed
[  230.094184][ T7346] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.101646][ T7346] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.194970][ T7346] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.202454][ T7346] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.373533][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  230.388795][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  230.461486][ T7136] 8021q: adding VLAN 0 to HW filter on device team0
[  230.516576][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  230.550476][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  230.603197][ T6043] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.610329][ T6043] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.669008][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  230.786916][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  230.797177][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  230.806404][ T6043] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.813522][ T6043] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.822197][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  230.842808][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  230.855509][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  230.868535][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  230.879640][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  230.896007][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  230.941156][ T7136] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  231.021752][ T7136] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  231.128077][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  231.151295][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  231.196731][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  231.245683][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  231.321403][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  231.331407][ T7398] loop5: detected capacity change from 0 to 2048
[  231.449834][ T7398] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  231.579008][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  231.855282][ T7398] EXT4-fs (loop5): shut down requested (1)
[  232.122351][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  232.132232][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  232.212830][ T7421] No such timeout policy "syz1"
[  233.006209][ T7136] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.407810][    T9] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.462523][ T7426] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  233.511206][ T7426] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  233.623042][ T7426] bond0: (slave bond_slave_0): Releasing backup interface
[  233.727241][ T7426] bond0: (slave bond_slave_1): Releasing backup interface
[  233.781857][ T7426] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.798567][ T7426] batman_adv: batadv0: Removing interface: batadv_slave_1
[  233.950783][    T9] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.068346][ T7438] lo speed is unknown, defaulting to 1000
[  234.207470][    T9] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.537555][    T9] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.203857][ T7497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  235.339000][ T7497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  235.513423][ T4451] Bluetooth: hci0: command 0x0409 tx timeout
[  235.561478][ T7136] device veth0_vlan entered promiscuous mode
[  235.594763][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  235.607130][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  235.659767][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  235.678576][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  235.711308][ T7438] chnl_net:caif_netlink_parms(): no params data found
[  235.753495][ T7136] device veth1_vlan entered promiscuous mode
[  235.980472][ T7136] device veth0_macvtap entered promiscuous mode
[  236.035506][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  236.045219][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  236.064462][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  236.083784][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  236.094189][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  236.113393][ T7136] device veth1_macvtap entered promiscuous mode
[  236.190881][ T7438] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.213849][ T7438] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.222045][ T7438] device bridge_slave_0 entered promiscuous mode
[  236.241061][ T7438] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.258624][ T7438] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.284417][ T7438] device bridge_slave_1 entered promiscuous mode
[  236.343089][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  237.299995][ T7136] batman_adv: batadv0: Interface activated: batadv_slave_0
[  237.462382][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  237.673903][ T4454] Bluetooth: hci0: command 0x041b tx timeout
[  237.680904][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  237.841590][ T7438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.889296][ T7438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  238.126044][ T7438] team0: Port device team_slave_0 added
[  238.180381][ T7438] team0: Port device team_slave_1 added
[  238.312571][ T7438] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.357267][ T7438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.485749][ T7438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.535292][ T7438] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.569419][ T7438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.656968][ T7438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.689514][ T7136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.700718][ T7136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.714536][ T7136] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.727641][ T7534] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  238.738579][ T7534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  238.746839][ T7534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  238.778926][ T7534] device bridge_slave_0 left promiscuous mode
[  238.802655][ T7534] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.841532][ T7534] device bridge_slave_1 left promiscuous mode
[  238.863110][ T7534] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.920902][ T7534] bond0: (slave bond_slave_0): Releasing backup interface
[  239.056913][ T7534] bond0: (slave bond_slave_1): Releasing backup interface
[  239.122737][ T7534] team0: Port device team_slave_0 removed
[  239.184905][ T7534] team0: Port device team_slave_1 removed
[  239.201070][ T7534] batman_adv: batadv0: Removing interface: batadv_slave_0
[  239.215748][ T7534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  239.224248][ T7534] batman_adv: batadv0: Removing interface: batadv_slave_1
[  239.294260][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  239.303114][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  239.372117][ T7136] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.387235][ T7136] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.399883][ T7572] fuse: Unknown parameter 'grou00000000000000000000'
[  239.431692][ T7572] loop5: detected capacity change from 0 to 1024
[  239.434117][ T7136] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.457515][ T7136] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.642556][ T7438] device hsr_slave_0 entered promiscuous mode
[  239.655122][ T7438] device hsr_slave_1 entered promiscuous mode
[  239.720817][ T7581] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  239.763813][ T4455] Bluetooth: hci0: command 0x040f tx timeout
[  240.283059][ T7438] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  240.300682][ T7572] EXT4-fs (loop5): mounted filesystem without journal. Opts: user_xattr,i_version,,errors=continue. Quota mode: none.
[  240.318819][ T7438] Cannot create hsr debugfs directory
[  240.324702][ T7572] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.455067][ T4463] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.462943][ T4463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.511462][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  240.563820][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.571673][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.628184][ T7585] 8021q: adding VLAN 0 to HW filter on device bond2
[  240.689986][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  241.046193][ T7604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.699'.
[  241.066092][ T7611] loop9: detected capacity change from 0 to 512
[  241.152548][ T7615] netlink: 4 bytes leftover after parsing attributes in process `syz.5.701'.
[  241.168769][ T7611] EXT4-fs (loop9): Test dummy encryption mode enabled
[  241.189201][ T7611] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  241.215910][ T7615] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  241.225894][ T7615] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  241.234606][ T7615] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  241.242805][ T7615] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  241.266288][ T7611] EXT4-fs error (device loop9): ext4_orphan_get:1426: comm syz.9.700: bad orphan inode 131083
[  241.286239][ T7611] EXT4-fs (loop9): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,journal_dev=0x0000000000000002,,errors=continue. Quota mode: none.
[  241.298991][ T7615] netlink: 4 bytes leftover after parsing attributes in process `syz.5.701'.
[  242.262027][   T13] Bluetooth: hci0: command 0x0419 tx timeout
[  242.824633][ T7611] fscrypt (loop9): Error allocating 'xts(aes)' transform: -4
[  244.482022][ T7650] ODEBUG: Out of memory. ODEBUG disabled
[  244.625275][    T9] device hsr_slave_0 left promiscuous mode
[  244.641056][    T9] device hsr_slave_1 left promiscuous mode
[  244.653936][    T9] device bridge_slave_1 left promiscuous mode
[  244.660180][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.682480][    T9] device bridge_slave_0 left promiscuous mode
[  244.692598][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.722916][    T9] device veth1_macvtap left promiscuous mode
[  244.733751][    T9] device veth0_macvtap left promiscuous mode
[  244.741065][    T9] device veth1_vlan left promiscuous mode
[  244.752870][    T9] device veth0_vlan left promiscuous mode
[  245.068706][    T9] bond2 (unregistering): Released all slaves
[  245.163618][    T9] bond1 (unregistering): (slave batadv_slave_1): Releasing backup interface
[  245.188227][    T9] bond1 (unregistering): Released all slaves
[  245.521362][    T9] team0 (unregistering): Port device team_slave_1 removed
[  245.561069][    T9] team0 (unregistering): Port device team_slave_0 removed
[  245.636047][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  245.687218][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  246.001401][    T9] bond0 (unregistering): Released all slaves
[  246.156645][ T7695] xt_hashlimit: size too large, truncated to 1048576
[  246.206792][ T7695] xt_hashlimit: invalid rate
[  246.681892][ T7438] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  246.787082][ T7438] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  246.925972][ T7438] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  246.955939][ T7438] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  248.796617][ T7738] loop8: detected capacity change from 0 to 4096
[  248.935413][ T7743] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  248.974934][   T26] audit: type=1800 audit(3918132382.483:398): pid=7738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.725" name="file1" dev="loop8" ino=15 res=0 errno=0
[  249.021360][ T7736] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  249.083738][ T7438] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.100302][ T7736] Remounting filesystem read-only
[  249.123608][ T7736] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  249.148110][ T7748] netlink: 'syz.2.727': attribute type 10 has an invalid length.
[  249.215060][ T7748] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  249.270751][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  249.303726][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  249.328656][ T7438] 8021q: adding VLAN 0 to HW filter on device team0
[  249.378416][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  249.395037][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  249.420568][ T6048] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.427705][ T6048] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.467697][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  249.560441][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  249.612510][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  249.709564][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.716709][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.095307][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  250.226481][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  250.405437][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  250.580670][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  250.679229][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  250.749465][ T7778] Cannot find del_set index 4 as target
[  250.802287][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  251.035440][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  251.466327][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  251.498019][ T6448] NILFS (loop8): disposed unprocessed dirty file(s) when detaching log writer
[  251.539066][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  251.605080][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  251.625872][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  252.334149][ T7784] netlink: 'syz.2.735': attribute type 1 has an invalid length.
[  252.981215][ T7784] 8021q: adding VLAN 0 to HW filter on device bond3
[  253.016805][ T7786] bond3: (slave gretap1): making interface the new active one
[  253.672737][ T7786] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  253.798390][ T7799] loop5: detected capacity change from 0 to 1024
[  253.863508][ T7497] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  253.873102][ T7438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  254.232501][ T7814] No such timeout policy "syz1"
[  255.652710][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  255.661382][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  255.675584][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  255.681426][ T7438] 8021q: adding VLAN 0 to HW filter on device batadv0
[  255.681903][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  255.757161][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  255.773362][ T5025] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  255.789386][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  255.839513][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  255.865390][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  255.887708][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  255.905575][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  255.924591][ T7438] device veth0_vlan entered promiscuous mode
[  255.955561][ T7438] device veth1_vlan entered promiscuous mode
[  256.009646][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  256.018435][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  256.033175][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  256.033393][ T5025] usb 9-1: Using ep0 maxpacket: 32
[  256.042935][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  256.077712][ T7438] device veth0_macvtap entered promiscuous mode
[  256.118688][ T7438] device veth1_macvtap entered promiscuous mode
[  256.173886][ T5025] usb 9-1: config 0 has an invalid interface number: 12 but max is 0
[  256.182400][ T5025] usb 9-1: config 0 has no interface number 0
[  256.212355][ T7438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.216304][ T5025] usb 9-1: config 0 interface 12 has no altsetting 0
[  256.241511][ T7438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.269681][ T7438] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.280498][ T7854] netlink: 'syz.2.747': attribute type 10 has an invalid length.
[  256.292941][ T7845] could not allocate digest TFM handle cryptd(blake2b-160)
[  256.294650][ T7854] netlink: 40 bytes leftover after parsing attributes in process `syz.2.747'.
[  256.378153][ T7854] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  256.427113][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  256.437389][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  256.454002][ T5025] usb 9-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  256.457593][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  256.472959][ T5025] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.483981][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  256.494847][ T5025] usb 9-1: Product: syz
[  256.504659][ T5025] usb 9-1: Manufacturer: syz
[  256.504963][ T7438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.513762][ T5025] usb 9-1: SerialNumber: syz
[  256.642647][ T7438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.671518][ T5025] usb 9-1: config 0 descriptor??
[  256.846493][ T7438] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.247608][ T7859] netlink: 16 bytes leftover after parsing attributes in process `syz.9.748'.
[  257.286929][ T7862] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  257.295939][ T7862] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  257.304712][ T7862] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  257.313462][ T7862] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  257.347539][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  257.370285][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  257.396959][ T7438] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.431444][ T7438] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.514102][ T7438] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.522843][ T7438] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.030677][ T7883] No such timeout policy "syz1"
[  258.356133][ T4461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.373714][ T4461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.419048][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  258.483624][ T4463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.491467][ T4463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.510286][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  259.963414][ T5025] f81534 9-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  259.971844][ T5025] f81534 9-1:0.12: f81534_find_config_idx: read failed: -71
[  260.897261][ T5025] f81534 9-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  260.905383][ T5025] f81534: probe of 9-1:0.12 failed with error -71
[  260.922808][ T5025] usb 9-1: USB disconnect, device number 4
[  261.443470][ T7931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.761'.
[  262.784202][ T7941] netlink: 16 bytes leftover after parsing attributes in process `syz.3.765'.
[  264.042825][   T26] audit: type=1326 audit(3918132397.543:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  264.231046][   T26] audit: type=1326 audit(3918132397.573:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  264.536759][    T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.265165][   T26] audit: type=1326 audit(3918132397.573:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.274190][ T7987] netlink: 'syz.5.775': attribute type 11 has an invalid length.
[  266.300899][   T26] audit: type=1326 audit(3918132397.573:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.415323][   T26] audit: type=1326 audit(3918132397.573:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.448043][    T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.497452][   T26] audit: type=1326 audit(3918132397.573:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.566984][ T7999] loop8: detected capacity change from 0 to 4096
[  266.581464][   T26] audit: type=1326 audit(3918132397.573:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.610670][    T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.671475][ T7999] ntfs3: loop8: Different NTFS' sector size (1024) and media sector size (512)
[  266.752014][   T26] audit: type=1326 audit(3918132397.573:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.808151][    T9] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.840375][   T26] audit: type=1326 audit(3918132397.573:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.930718][   T26] audit: type=1326 audit(3918132397.573:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508f6c3f79 code=0x7ffc0000
[  266.994683][ T8010] loop5: detected capacity change from 0 to 512
[  267.258842][ T8010] EXT4-fs (loop5): Test dummy encryption mode enabled
[  267.574067][ T8010] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  268.094518][ T8010] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.780: bad orphan inode 131083
[  268.119637][ T8018] loop9: detected capacity change from 0 to 4096
[  268.137533][ T8010] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,norecovery,,errors=continue. Quota mode: none.
[  268.200590][ T7999] overlayfs: upper fs does not support tmpfile.
[  268.280335][ T8029] loop3: detected capacity change from 0 to 2048
[  268.807190][ T7999] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  268.992738][ T8029] EXT4-fs (loop3): cluster size (2048) smaller than block size (4096)
[  269.002565][ T8012] netlink: 12 bytes leftover after parsing attributes in process `syz.9.781'.
[  269.242453][ T8010] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  270.542976][ T8068] 9p filesystem being mounted at /172/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  274.505944][ T8122] UBIFS error (pid: 8122): cannot open "./file0", error -22
[  274.564698][ T8129] loop9: detected capacity change from 0 to 512
[  275.526756][    T9] device hsr_slave_0 left promiscuous mode
[  275.544053][    T9] device hsr_slave_1 left promiscuous mode
[  275.587659][ T8129] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  275.603501][ T8129] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  275.674952][    T9] device bridge_slave_1 left promiscuous mode
[  275.701551][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.737536][    T9] device bridge_slave_0 left promiscuous mode
[  275.746104][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.765577][    T9] device veth1_macvtap left promiscuous mode
[  275.771655][    T9] device veth0_macvtap left promiscuous mode
[  275.781425][    T9] device veth1_vlan left promiscuous mode
[  275.789795][    T9] device veth0_vlan left promiscuous mode
[  277.159203][    T9] bond1 (unregistering): (slave batadv_slave_1): Releasing backup interface
[  277.214065][    T9] bond1 (unregistering): Released all slaves
[  277.367440][    T9] team0 (unregistering): Port device bridge1 removed
[  277.807115][    T9] team0 (unregistering): Port device team_slave_1 removed
[  277.855139][    T9] team0 (unregistering): Port device team_slave_0 removed
[  277.921221][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  277.971514][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.182464][ T8188] loop8: detected capacity change from 0 to 512
[  278.226931][    T9] bond0 (unregistering): Released all slaves
[  278.266835][ T8188] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  278.313389][ T8188] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  278.325974][ T8188] System zones: 1-12
[  278.383903][ T8188] EXT4-fs (loop8): 1 truncate cleaned up
[  278.389709][ T8188] EXT4-fs (loop8): mounted filesystem without journal. Opts: nogrpid,errors=remount-ro,jqfmt=vfsv0,nodioread_nolock,debug,noquota,. Quota mode: none.
[  279.999695][ T8218] netlink: 40 bytes leftover after parsing attributes in process `syz.3.822'.
[  280.056929][ T8218] netlink: 40 bytes leftover after parsing attributes in process `syz.3.822'.
[  280.092803][ T8218] netlink: 40 bytes leftover after parsing attributes in process `syz.3.822'.
[  280.109549][ T8220] 9p filesystem being mounted at /28/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  280.154466][ T8218] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[  280.467582][ T8226] loop9: detected capacity change from 0 to 512
[  280.582372][ T8226] EXT4-fs (loop9): Test dummy encryption mode enabled
[  280.613413][ T8226] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  280.702348][ T8226] EXT4-fs error (device loop9): ext4_orphan_get:1426: comm syz.9.825: bad orphan inode 131083
[  280.741453][ T8226] EXT4-fs (loop9): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,norecovery,,errors=continue. Quota mode: none.
[  281.657368][ T8278] device syzkaller0 entered promiscuous mode
[  281.788376][ T8286] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  281.910272][ T8291] loop8: detected capacity change from 0 to 512
[  282.140232][ T8291] EXT4-fs (loop8): mounted filesystem without journal. Opts: noauto_da_alloc,noinit_itable,nojournal_checksum,grpquota,errors=remount-ro,norecovery,. Quota mode: writeback.
[  283.421269][ T8318] loop3: detected capacity change from 0 to 8
[  285.896481][ T8351] device syzkaller1 entered promiscuous mode
[  285.920479][ T8354] loop8: detected capacity change from 0 to 512
[  286.018378][ T8356] netlink: 12 bytes leftover after parsing attributes in process `syz.2.846'.
[  286.295371][ T8354] EXT4-fs (loop8): Quota format mount options ignored when QUOTA feature is enabled
[  286.606158][ T8354] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  286.692681][ T8354] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  286.702593][ T8354] EXT4-fs (loop8): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  286.736345][ T8354] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  286.753511][ T8354] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e118, mo2=0000]
[  286.773657][ T8354] EXT4-fs (loop8): too many log groups per flexible block group
[  286.810179][ T8354] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  286.817888][ T8354] EXT4-fs (loop8): mount failed
[  288.540688][ T8395] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.665507][ T8400] lo speed is unknown, defaulting to 1000
[  289.590901][ T8400] chnl_net:caif_netlink_parms(): no params data found
[  290.639062][ T4455] Bluetooth: hci5: command 0x0409 tx timeout
[  291.776027][ T8400] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.793585][ T8400] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.801831][ T8400] device bridge_slave_0 entered promiscuous mode
[  291.839189][ T8400] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.849887][ T8400] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.868587][ T8400] device bridge_slave_1 entered promiscuous mode
[  293.338671][ T4239] Bluetooth: hci5: command 0x041b tx timeout
[  294.135893][ T8400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  294.214682][ T8400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  294.339795][ T8400] team0: Port device team_slave_0 added
[  294.388578][ T8400] team0: Port device team_slave_1 added
[  294.442027][ T8400] batman_adv: batadv0: Adding interface: batadv_slave_0
[  294.449315][ T8400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.476385][ T8400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.488771][ T8400] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.515639][ T8400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.941410][ T8400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  295.323301][ T8400] device hsr_slave_0 entered promiscuous mode
[  295.353784][ T8400] device hsr_slave_1 entered promiscuous mode
[  295.357508][ T4455] Bluetooth: hci5: command 0x040f tx timeout
[  295.491060][ T8490] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  295.560387][ T8493] loop9: detected capacity change from 0 to 128
[  295.584310][ T8495] netlink: 'syz.2.882': attribute type 4 has an invalid length.
[  295.713819][ T8493] vfat filesystem being mounted at /47/file0 supports timestamps until 2107-12-31 (0x10391447e)
[  296.568348][ T8507] attempt to access beyond end of device
[  296.568348][ T8507] loop9: rw=2049, want=521, limit=128
[  296.590745][ T8509] netlink: 24 bytes leftover after parsing attributes in process `syz.2.885'.
[  296.705956][ T8493] attempt to access beyond end of device
[  296.705956][ T8493] loop9: rw=524288, want=369, limit=128
[  297.257860][ T8525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  297.433444][ T4239] Bluetooth: hci5: command 0x0419 tx timeout
[  297.814451][ T8534] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.821859][ T8534] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.932149][ T5022] kernel read not supported for file [userfaultfd] (pid: 5022 comm: kworker/1:9)
[  298.005545][ T8400] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  298.040889][ T8400] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  298.059059][ T8400] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  298.072366][ T8400] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  298.401354][ T8400] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.456823][ T8558] netlink: 12 bytes leftover after parsing attributes in process `syz.2.891'.
[  298.542461][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  298.554733][ T6043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  298.607717][ T8400] 8021q: adding VLAN 0 to HW filter on device team0
[  298.647853][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  298.682862][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  298.713731][ T4455] Bluetooth: hci2: command 0x0406 tx timeout
[  298.725696][ T4406] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.732844][ T4406] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.761427][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  298.802216][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  298.831067][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  298.865448][ T4461] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.872837][ T4461] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.997753][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  299.024753][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  299.226307][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  299.561576][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  299.708271][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  299.744180][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  299.752867][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  299.780357][ T8400] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  299.811362][ T8581] fuse: Bad value for 'fd'
[  299.838735][ T8400] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  299.938563][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  299.972573][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  300.014349][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  300.038455][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  300.049089][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  300.126200][ T8565] loop9: detected capacity change from 0 to 40427
[  300.199863][ T8565] F2FS-fs (loop9): invalid crc value
[  300.392833][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  300.405206][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  300.415800][ T8565] F2FS-fs (loop9): Found nat_bits in checkpoint
[  300.436804][ T8400] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.492164][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  300.501906][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  300.549507][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  300.557817][ T8565] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  300.575098][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  300.599394][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  300.630626][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  300.659599][ T8400] device veth0_vlan entered promiscuous mode
[  300.713111][ T8565] attempt to access beyond end of device
[  300.713111][ T8565] loop9: rw=2049, want=45112, limit=40427
[  300.717273][ T8400] device veth1_vlan entered promiscuous mode
[  300.804975][ T7136] attempt to access beyond end of device
[  300.804975][ T7136] loop9: rw=2049, want=45120, limit=40427
[  300.871589][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  300.887864][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  300.916350][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  300.935583][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  300.951553][ T8400] device veth0_macvtap entered promiscuous mode
[  300.973017][ T8617] netlink: 'syz.3.909': attribute type 1 has an invalid length.
[  301.029769][ T8619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.907'.
[  301.040346][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  301.066224][ T8620] bond1: (slave gretap1): making interface the new active one
[  301.086207][ T8620] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  301.120215][ T8400] device veth1_macvtap entered promiscuous mode
[  301.137462][ T8400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.156265][ T8400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.166656][ T8400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.180606][ T8400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.198567][ T8400] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.235664][ T8623] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  302.101700][ T8632] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.109366][ T8632] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.326714][ T8632] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  303.369737][ T8632] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.704837][ T8632] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.714046][ T8632] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.724252][ T8632] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.733911][ T8632] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.894368][ T8632] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  303.903728][ T8632] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  303.912717][ T8632] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  303.921614][ T8632] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  303.940283][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  303.963597][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  304.136569][ T8652] netlink: 'syz.2.917': attribute type 16 has an invalid length.
[  304.149905][ T8652] netlink: 'syz.2.917': attribute type 17 has an invalid length.
[  304.181789][ T8652] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  304.208949][ T8652] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  304.270674][ T8652] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  304.311998][ T8400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.325741][ T8400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.339704][ T8400] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.350392][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  304.365139][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  304.382523][ T8660] device syzkaller1 entered promiscuous mode
[  304.394724][ T8400] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.405691][ T8400] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.419328][ T8400] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.430046][ T8400] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.677283][ T4465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.705843][ T4465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.747810][ T8674] netlink: 'syz.3.922': attribute type 27 has an invalid length.
[  304.770960][ T4465] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  304.812701][ T7501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.860445][ T7501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.693140][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  306.812631][ T8698] xt_hashlimit: max too large, truncated to 1048576
[  306.820103][ T8698] xt_hashlimit: overflow, try lower: 0/0
[  308.313793][ T8714] netlink: 'syz.0.935': attribute type 21 has an invalid length.
[  308.325776][ T8714] netlink: 132 bytes leftover after parsing attributes in process `syz.0.935'.
[  308.354475][ T8714] netlink: 'syz.0.935': attribute type 1 has an invalid length.
[  308.362149][ T8714] netlink: 12 bytes leftover after parsing attributes in process `syz.0.935'.
[  308.416148][ T8714] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  308.425415][ T8718] MPTCP: addr_signal error, rm_addr=1
[  311.334836][ T8750] loop9: detected capacity change from 0 to 8
[  311.411202][ T8750] unable to read id index table
[  311.775851][ T8761] netlink: 16 bytes leftover after parsing attributes in process `syz.9.944'.
[  312.423120][ T8770] netlink: 4 bytes leftover after parsing attributes in process `syz.2.949'.
[  315.025320][ T8808] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  315.792066][ T8809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.956'.
[  315.838200][ T8805] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  316.109393][ T8838] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  316.128525][ T5022] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  316.634727][ T5022] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  316.711050][ T5022] usb 4-1: config 0 interface 0 has no altsetting 0
[  317.014809][ T5022] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  317.038691][ T5022] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  317.177067][ T5022] usb 4-1: Product: syz
[  317.197755][ T5022] usb 4-1: Manufacturer: syz
[  317.204324][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  317.219838][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  317.345819][ T5022] usb 4-1: SerialNumber: syz
[  317.503723][ T5022] usb 4-1: config 0 descriptor??
[  317.647920][ T5022] usb 4-1: selecting invalid altsetting 0
[  317.904223][ T5022] usb 4-1: USB disconnect, device number 2
[  319.937849][ T8903] sctp: [Deprecated]: syz.8.977 (pid 8903) Use of int in max_burst socket option.
[  319.937849][ T8903] Use struct sctp_assoc_value instead
[  321.129222][ T8916] loop3: detected capacity change from 0 to 512
[  321.305479][ T8930] loop0: detected capacity change from 0 to 256
[  321.339656][ T8926] loop9: detected capacity change from 0 to 4096
[  321.720415][ T8930] vfat filesystem being mounted at /11/file1 supports timestamps until 2107-12-31 (0x10390e2fe)
[  322.082058][ T8916] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,errors=remount-ro,. Quota mode: writeback.
[  322.215113][ T8916] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.283663][ T8926] NILFS (loop9): unrecognized mount option "01777777777777777777777"
[  323.047469][ T8926] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  323.073707][ T8939] EXT4-fs error (device loop3): ext4_map_blocks:629: inode #2: block 3: comm syz.3.979: lblock 0 mapped to illegal pblock 3 (length 1)
[  323.133386][ T8939] EXT4-fs (loop3): Remounting filesystem read-only
[  323.263745][ T8946] capability: warning: `syz.9.987' uses deprecated v2 capabilities in a way that may be insecure
[  323.315707][ T8950] netlink: 'syz.9.987': attribute type 3 has an invalid length.
[  326.282822][ T8990] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  329.507413][ T9028] netlink: 'syz.2.1003': attribute type 10 has an invalid length.
[  329.532590][ T9028] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1003'.
[  329.552311][ T9028] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  329.619456][ T9032] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.752899][ T9032] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.822495][ T9042] loop9: detected capacity change from 0 to 2048
[  329.850845][ T9032] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.952485][ T9032] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.985351][ T9042] EXT4-fs (loop9): mounted filesystem without journal. Opts: barrier=0x0000000000000000,resuid=0x0000000000000000,auto_da_alloc=0x000000000000ffff,usrjquota=,,errors=continue. Quota mode: none.
[  330.010889][ T9042] EXT4-fs error (device loop9): ext4_find_extent:929: inode #2: comm syz.9.1007: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  330.162101][ T9032] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.197916][ T9032] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.251983][ T9032] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.315542][ T9032] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  331.073956][ T9060] device vlan2 entered promiscuous mode
[  331.107860][ T9060] device bond0 entered promiscuous mode
[  331.238893][ T9060] device bond_slave_0 entered promiscuous mode
[  331.502835][ T9060] device bond_slave_1 entered promiscuous mode
[  331.828174][ T9071] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  331.876883][ T9074] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  331.897314][ T9074] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  331.955953][ T9080] netlink: 52 bytes leftover after parsing attributes in process `syz.8.1017'.
[  333.396619][ T9086] netlink: 76 bytes leftover after parsing attributes in process `syz.8.1017'.
[  333.466057][ T9086] netlink: 52 bytes leftover after parsing attributes in process `syz.8.1017'.
[  336.499641][ T9133] loop9: detected capacity change from 0 to 512
[  337.213841][ T9133] EXT4-fs (loop9): Ignoring removed oldalloc option
[  337.239956][ T9133] EXT4-fs error (device loop9): ext4_xattr_inode_iget:401: comm syz.9.1027: inode #15947535: comm syz.9.1027: iget: illegal inode #
[  337.259028][ T9133] EXT4-fs (loop9): Remounting filesystem read-only
[  337.265730][ T9133] EXT4-fs error (device loop9): ext4_xattr_inode_iget:406: comm syz.9.1027: error while reading EA inode 15947535 err=-117
[  337.279580][ T9133] EXT4-fs (loop9): Remounting filesystem read-only
[  337.286338][ T9133] EXT4-fs error (device loop9): ext4_xattr_inode_iget:401: comm syz.9.1027: inode #261888: comm syz.9.1027: iget: illegal inode #
[  337.304958][ T9133] EXT4-fs (loop9): Remounting filesystem read-only
[  337.311629][ T9133] EXT4-fs error (device loop9): ext4_xattr_inode_iget:406: comm syz.9.1027: error while reading EA inode 261888 err=-117
[  337.325376][ T9133] EXT4-fs (loop9): Remounting filesystem read-only
[  337.332208][ T9133] EXT4-fs (loop9): 1 orphan inode deleted
[  337.339661][ T9133] EXT4-fs (loop9): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,debug_want_extra_isize=0x0000000000000022,noauto_da_alloc,jqfmt=vfsv1,oldalloc,init_itable,. Quota mode: none.
[  338.792434][ T9162] af_packet: tpacket_rcv: packet too big, clamped from 108 to 4294967272. macoff=96
[  339.228775][ T9173] loop3: detected capacity change from 0 to 4096
[  339.375582][ T9175] 9pnet: p9_fd_create_unix (9175): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  339.496329][ T9173] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  339.638510][ T9173] ntfs3: loop3: Failed to load $Extend.
[  340.006300][   T13] Bluetooth: hci1: command 0x0406 tx timeout
[  341.521890][   T26] kauditd_printk_skb: 14 callbacks suppressed
[  341.521916][   T26] audit: type=1804 audit(3918132475.023:423): pid=9185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1039" name="bus" dev="ramfs" ino=51565 res=1 errno=0
[  341.766222][   T26] audit: type=1804 audit(3918132475.033:424): pid=9185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1039" name="bus" dev="ramfs" ino=51565 res=1 errno=0
[  341.826412][ T9168] tipc: Failed to remove unknown binding: 66,0,0/0:2110042165/2110042166
[  341.844196][ T9168] tipc: Failed to remove unknown binding: 66,0,0/0:2110042165/2110042166
[  347.888607][ T9272] device ipip0 entered promiscuous mode
[  348.708095][ T9285] loop9: detected capacity change from 0 to 512
[  348.931993][ T9285] EXT4-fs error (device loop9): ext4_read_inode_bitmap:140: comm syz.9.1058: Invalid inode bitmap blk 4 in block_group 0
[  349.127616][ T9299] netlink: 'syz.8.1063': attribute type 39 has an invalid length.
[  349.143710][ T9285] EXT4-fs (loop9): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,grpquota,noload,nobarrier,usrquota,,errors=continue. Quota mode: writeback.
[  350.072902][   T26] audit: type=1107 audit(3918132483.571:425): pid=9301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  351.317875][ T9317] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1067'.
[  351.334827][ T9317] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  351.343699][ T9317] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  351.352595][ T9317] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  351.361409][ T9317] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  351.471186][ T9321] loop0: detected capacity change from 0 to 4096
[  351.503832][ T9321] NILFS (loop0): unrecognized mount option "01777777777777777777777"
[  351.543488][ T9317] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1067'.
[  352.740141][ T9295] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[  354.633519][ T4254] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  357.114177][ T4254] usb 1-1: unable to get BOS descriptor or descriptor too short
[  357.363886][ T4254] usb 1-1: unable to read config index 0 descriptor/start: -71
[  357.406295][ T4254] usb 1-1: can't read configurations, error -71
[  357.871494][ T9398] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  357.925653][ T9410] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1088'.
[  358.001938][ T9410] netlink: 'syz.3.1088': attribute type 5 has an invalid length.
[  358.030861][ T9410] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1088'.
[  361.855911][ T9446] loop3: detected capacity change from 0 to 128
[  363.730934][ T9469] loop0: detected capacity change from 0 to 512
[  367.971514][ T9539] device syzkaller0 entered promiscuous mode
[  368.009992][ T9539] netlink: 'syz.3.1122': attribute type 10 has an invalid length.
[  368.223760][ T9539] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  368.353535][   T26] audit: type=1326 audit(3918132501.791:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  368.473753][   T26] audit: type=1326 audit(3918132501.811:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  368.558759][   T26] audit: type=1326 audit(3918132501.811:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  368.689649][   T26] audit: type=1326 audit(3918132501.811:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f002f68384e code=0x7ffc0000
[  368.763538][   T26] audit: type=1326 audit(3918132501.811:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f002f68384e code=0x7ffc0000
[  368.796237][   T26] audit: type=1326 audit(3918132501.811:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  369.458333][   T26] audit: type=1326 audit(3918132501.891:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  369.481220][   T26] audit: type=1326 audit(3918132501.891:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  369.605212][   T26] audit: type=1326 audit(3918132501.891:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  369.627973][   T26] audit: type=1326 audit(3918132501.891:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9549 comm="syz.9.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f002f6c2f79 code=0x7ffc0000
[  369.642751][ T9566] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1130'.
[  369.813381][ T4455] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  371.050613][ T9585] xt_policy: neither incoming nor outgoing policy selected
[  371.351063][ T5025] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  371.645433][ T5025] usb 4-1: Using ep0 maxpacket: 32
[  371.766560][ T5025] usb 4-1: config 0 has an invalid interface number: 188 but max is 0
[  371.785134][ T5025] usb 4-1: config 0 has no interface number 0
[  371.793370][ T4455] usb 1-1: Using ep0 maxpacket: 32
[  371.805817][ T5025] usb 4-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  371.913539][ T4455] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[  371.925226][ T4455] usb 1-1: config 0 has no interface number 0
[  371.938127][ T4455] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  372.016586][ T5025] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  372.033857][ T5025] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.058716][ T5025] usb 4-1: Product: syz
[  372.074227][ T5025] usb 4-1: Manufacturer: syz
[  372.084652][ T5025] usb 4-1: SerialNumber: syz
[  372.103530][ T4455] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  372.112619][ T4455] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.114858][ T5025] usb 4-1: config 0 descriptor??
[  372.133164][ T4455] usb 1-1: Product: syz
[  372.142266][ T4455] usb 1-1: Manufacturer: syz
[  372.152860][ T4455] usb 1-1: SerialNumber: syz
[  372.166881][ T9568] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  372.172021][ T4455] usb 1-1: config 0 descriptor??
[  372.213772][ T9564] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  372.397028][ T9568] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  372.442670][ T9564] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  373.644790][ T9649] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1144'.
[  373.688768][ T9650] sctp: [Deprecated]: syz.8.1145 (pid 9650) Use of struct sctp_assoc_value in delayed_ack socket option.
[  373.688768][ T9650] Use struct sctp_sack_info instead
[  374.633408][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  374.642763][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  374.651106][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  374.659424][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  374.667790][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  375.723420][ T5025] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  375.773004][ T5025] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  375.829610][ T4455] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  375.840437][ T4455] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  375.857027][ T4455] asix: probe of 1-1:0.188 failed with error -71
[  375.868304][ T4455] usb 1-1: USB disconnect, device number 5
[  375.894230][ T9706] sctp: [Deprecated]: syz.9.1157 (pid 9706) Use of struct sctp_assoc_value in delayed_ack socket option.
[  375.894230][ T9706] Use struct sctp_sack_info instead
[  375.898698][ T5025] asix: probe of 4-1:0.188 failed with error -71
[  376.020820][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1158'.
[  376.139371][ T5025] usb 4-1: USB disconnect, device number 3
[  378.028970][ T9752] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000
[  378.124610][ T9756] ipt_REJECT: ECHOREPLY no longer supported.
[  378.604045][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  378.616561][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  378.723411][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  378.731759][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  378.740155][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  378.748544][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.085137][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.093464][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.101753][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.110132][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.118465][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.126762][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  384.403831][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  384.403850][   T26] audit: type=1326 audit(3918132517.891:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9826 comm="syz.9.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f002f6c2f79 code=0x7fc00000
[  384.484138][ T9831] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1193'.
[  384.645139][ T9844] xt_l2tp: missing protocol rule (udp|l2tpip)
[  384.771973][ T9852] 9p filesystem being mounted at /103/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  384.913006][ T9856] netlink: 'syz.0.1197': attribute type 10 has an invalid length.
[  384.983792][ T9821] loop3: detected capacity change from 0 to 32768
[  385.613497][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  385.621868][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  385.630199][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  385.638481][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  385.729927][ T9821] jfs filesystem being mounted at /88/bus supports timestamps until 2106-02-07 (0xffffffff)
[  385.941128][ T9884] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  388.544542][ T9917] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1210'.
[  388.620198][   T26] audit: type=1326 audit(3918132522.121:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  388.735880][   T26] audit: type=1326 audit(3918132522.171:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbf18f0dd97 code=0x7ffc0000
[  388.758356][   T26] audit: type=1326 audit(3918132522.171:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbf18eb5399 code=0x7ffc0000
[  388.874462][   T26] audit: type=1326 audit(3918132522.171:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  388.915241][   T26] audit: type=1326 audit(3918132522.171:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  388.963376][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  388.971742][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  388.980108][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  388.988451][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  388.996777][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.005078][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.013397][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.053119][   T26] audit: type=1326 audit(3918132522.171:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  389.090977][   T26] audit: type=1326 audit(3918132522.171:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  389.128670][ T9933] overlayfs: failed to clone upperpath
[  389.239118][   T26] audit: type=1326 audit(3918132522.171:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  389.298130][ T9937] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1218'.
[  389.339653][   T26] audit: type=1326 audit(3918132522.171:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  389.420464][   T26] audit: type=1326 audit(3918132522.171:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  389.552174][   T26] audit: type=1326 audit(3918132522.181:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbf18f0dd97 code=0x7ffc0000
[  389.575537][   T26] audit: type=1326 audit(3918132522.181:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbf18eb5399 code=0x7ffc0000
[  389.623411][ T5025] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  390.113441][   T26] audit: type=1326 audit(3918132522.181:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  390.173078][   T26] audit: type=1326 audit(3918132522.181:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  390.270599][ T5025] usb 4-1: Using ep0 maxpacket: 8
[  390.302753][   T26] audit: type=1326 audit(3918132522.181:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  390.355343][   T26] audit: type=1326 audit(3918132522.181:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  390.420473][   T26] audit: type=1326 audit(3918132522.191:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbf18f0dd97 code=0x7ffc0000
[  390.457936][ T9971] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  390.457936][ T9971] The task syz.9.1225 (9971) triggered the difference, watch for misbehavior.
[  390.509758][   T26] audit: type=1326 audit(3918132522.191:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbf18eb5399 code=0x7ffc0000
[  390.535779][ T5025] usb 4-1: unable to get BOS descriptor or descriptor too short
[  390.557608][   T26] audit: type=1326 audit(3918132522.191:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.3.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fbf18f13f79 code=0x7ffc0000
[  391.455367][ T5025] usb 4-1: config 7 has an invalid interface number: 142 but max is 0
[  391.503317][ T5025] usb 4-1: config 7 has no interface number 0
[  391.700179][ T5025] usb 4-1: New USB device found, idVendor=045e, idProduct=0775, bcdDevice=dd.6d
[  391.712258][ T5025] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.741185][ T5025] usb 4-1: Product: syz
[  391.752519][ T5025] usb 4-1: Manufacturer: syz
[  391.771654][ T5025] usb 4-1: SerialNumber: syz
[  391.873127][T10001] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  392.060681][ T9937] udc-core: couldn't find an available UDC or it's busy
[  392.067992][ T9937] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  392.473409][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  392.481800][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  392.490440][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  392.574843][ T5025] usb 4-1: USB disconnect, device number 4
[  392.884207][T10030] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1236'.
[  393.746307][T10038] loop0: detected capacity change from 0 to 4096
[  394.176229][T10038] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  394.265065][T10048] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1243'.
[  394.303780][T10044] loop3: detected capacity change from 0 to 7
[  394.327260][T10048] bridge2: port 1(veth5) entered blocking state
[  394.415835][T10048] bridge2: port 1(veth5) entered disabled state
[  394.423664][T10048] device veth5 entered promiscuous mode
[  394.440159][T10044] Dev loop3: unable to read RDB block 7
[  394.463729][T10044]  loop3: unable to read partition table
[  394.470111][T10044] loop3: partition table beyond EOD, truncated
[  394.930486][T10044] loop_reread_partitions: partition scan of loop3 (���������C�j̖�P=ý?�}X���	���%��`��ހ���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  395.236776][T10048] bridge2: port 2(veth7) entered blocking state
[  395.278945][T10048] bridge2: port 2(veth7) entered disabled state
[  395.314149][T10048] device veth7 entered promiscuous mode
[  395.406053][T10068] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  396.478656][T10083] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  399.885120][T10118] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1259'.
[  400.600454][T10118] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  400.608769][T10118] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  400.616573][T10144] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1265'.
[  400.617106][T10118] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  400.634346][T10118] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  403.205703][T10183] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1273'.
[  403.405288][T10198] loop3: detected capacity change from 0 to 512
[  403.423619][T10199] HTB: quantum of class 4000A is big. Consider r2q change.
[  403.450941][T10189] device syzkaller0 entered promiscuous mode
[  403.892970][T10183] HTB: quantum of class 4000A is big. Consider r2q change.
[  404.236397][T10198] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,nodiscard,dioread_nolock,,errors=continue. Quota mode: none.
[  404.506029][T10212] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1277'.
[  410.206351][   T26] kauditd_printk_skb: 16 callbacks suppressed
[  410.206367][   T26] audit: type=1804 audit(3918148927.708:482): pid=10292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.1297" name="/newroot/127/file1" dev="fuse" ino=1 res=1 errno=0
[  410.301169][T10298] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1295'.
[  410.562298][   T26] audit: type=1800 audit(3918148927.708:483): pid=10292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1297" name="/" dev="fuse" ino=1 res=0 errno=0
[  410.859562][   T26] audit: type=1804 audit(3918148927.708:484): pid=10292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.1297" name="/newroot/127/file1" dev="fuse" ino=1 res=1 errno=0
[  410.899165][   T26] audit: type=1800 audit(3918148927.708:485): pid=10292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1297" name="/" dev="fuse" ino=1 res=0 errno=0
[  411.207018][   T26] audit: type=1800 audit(3918148928.708:486): pid=10315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1301" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  411.353391][ T4454] Bluetooth: hci5: command 0x0406 tx timeout
[  411.535009][T10343] device ip6gre1 entered promiscuous mode
[  411.542791][ T5024] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  411.553785][T10343] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  411.562160][ T5024] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  411.571714][ T4254] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  411.850554][T10363] bond1: (slave ip6gretap1): making interface the new active one
[  411.863418][ T5024] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  411.873505][T10363] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  411.963493][ T4254] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  412.012365][T10374] lo speed is unknown, defaulting to 1000
[  412.066147][T10377] 9pnet: Insufficient options for proto=fd
[  413.171134][   T26] audit: type=1800 audit(3918148930.668:487): pid=10390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1313" name="/" dev="fuse" ino=1 res=0 errno=0
[  413.196598][   T26] audit: type=1804 audit(3918148930.668:488): pid=10396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.1313" name="/newroot/131/file1" dev="fuse" ino=1 res=1 errno=0
[  413.334836][T10409] device syzkaller0 entered promiscuous mode
[  415.643612][   T26] audit: type=1326 audit(3918148933.148:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  415.695746][   T26] audit: type=1326 audit(3918148933.158:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  415.755018][   T26] audit: type=1326 audit(3918148933.168:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  415.778326][   T26] audit: type=1326 audit(3918148933.168:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  415.831969][   T26] audit: type=1326 audit(3918148933.168:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  415.964628][T10462] lo speed is unknown, defaulting to 1000
[  416.003306][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  416.337853][   T26] audit: type=1326 audit(3918148933.168:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  416.526129][   T26] audit: type=1326 audit(3918148933.168:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  416.548903][   T26] audit: type=1326 audit(3918148933.168:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  416.598091][   T26] audit: type=1326 audit(3918148933.168:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb9e3da84e code=0x7ffc0000
[  416.629631][   T26] audit: type=1326 audit(3918148933.168:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.8.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  417.903387][T10479] lo speed is unknown, defaulting to 1000
[  418.061616][T10479] chnl_net:caif_netlink_parms(): no params data found
[  418.186288][T10479] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.211630][T10479] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.233583][T10479] device bridge_slave_0 entered promiscuous mode
[  418.242432][T10479] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.259270][T10479] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.273901][T10479] device bridge_slave_1 entered promiscuous mode
[  418.321270][T10479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.335826][T10479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.384677][T10479] team0: Port device team_slave_0 added
[  418.403953][T10479] team0: Port device team_slave_1 added
[  418.450888][T10479] batman_adv: batadv0: Adding interface: batadv_slave_0
[  418.503391][T10479] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  418.621510][T10479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  418.698845][T10479] batman_adv: batadv0: Adding interface: batadv_slave_1
[  418.729853][T10479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.010356][T10479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.666649][T10479] device hsr_slave_0 entered promiscuous mode
[  419.744226][T10479] device hsr_slave_1 entered promiscuous mode
[  419.826928][T10479] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  419.838772][T10479] Cannot create hsr debugfs directory
[  419.936341][   T13] Bluetooth: hci6: command 0x0409 tx timeout
[  420.057439][T10543] Invalid option length (1047662) for dns_resolver key
[  420.228858][T10526] lo speed is unknown, defaulting to 1000
[  421.573491][T10526] chnl_net:caif_netlink_parms(): no params data found
[  421.673495][ T4454] Bluetooth: hci7: command 0x0409 tx timeout
[  422.061269][ T4455] Bluetooth: hci6: command 0x041b tx timeout
[  422.862663][T10589] device ip6gre1 entered promiscuous mode
[  422.894712][T10526] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.926478][T10526] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.942140][T10589] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  422.949387][T10526] device bridge_slave_0 entered promiscuous mode
[  423.026646][T10526] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.043360][T10526] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.051838][T10526] device bridge_slave_1 entered promiscuous mode
[  423.247845][T10526] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  423.322114][T10526] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  423.350948][ T5024] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  423.363047][ T5024] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  423.763614][ T4451] Bluetooth: hci7: command 0x041b tx timeout
[  424.015485][ T5025] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  424.116018][ T4451] Bluetooth: hci6: command 0x040f tx timeout
[  424.153430][ T5024] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  424.233763][T10526] team0: Port device team_slave_0 added
[  424.280306][T10479] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  424.314324][T10526] team0: Port device team_slave_1 added
[  424.325895][T10479] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  424.363851][T10479] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  424.383426][ T4254] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  424.407847][T10479] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  424.634191][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  424.650112][T10526] batman_adv: batadv0: Adding interface: batadv_slave_0
[  424.661082][T10526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.316501][T10526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  425.657362][T10526] batman_adv: batadv0: Adding interface: batadv_slave_1
[  425.666784][T10526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.843371][ T4451] Bluetooth: hci7: command 0x040f tx timeout
[  425.976029][T10526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  426.163448][ T4451] Bluetooth: hci6: command 0x0419 tx timeout
[  426.440742][T10526] device hsr_slave_0 entered promiscuous mode
[  426.468098][T10526] device hsr_slave_1 entered promiscuous mode
[  426.509795][T10526] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  426.521708][T10526] Cannot create hsr debugfs directory
[  427.502890][T10479] 8021q: adding VLAN 0 to HW filter on device bond0
[  427.641198][T10479] 8021q: adding VLAN 0 to HW filter on device team0
[  427.691819][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  427.761621][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  427.923693][ T4455] Bluetooth: hci7: command 0x0419 tx timeout
[  427.952548][T10682] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1366'.
[  428.153306][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  428.154612][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  428.282051][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  428.291442][ T7501] bridge0: port 1(bridge_slave_0) entered blocking state
[  428.298584][ T7501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  428.398953][T10682] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1366'.
[  428.423798][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  429.366284][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  429.401611][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  429.413884][ T7501] bridge0: port 2(bridge_slave_1) entered blocking state
[  429.420962][ T7501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  429.471602][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  429.491253][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  429.554085][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  429.583964][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  429.612926][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  429.637342][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  429.671022][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  429.698833][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  429.730590][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  429.758767][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  429.790272][T10705] netlink: 'syz.8.1371': attribute type 1 has an invalid length.
[  429.831096][T10705] 8021q: adding VLAN 0 to HW filter on device bond2
[  429.870885][T10707] device bond2 entered promiscuous mode
[  429.877663][T10707] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  429.890613][T10707] device bond2 left promiscuous mode
[  429.961104][T10708] bond2: (slave ip6gretap1): making interface the new active one
[  429.972472][T10708] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  429.982879][T10479] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  429.995436][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  430.007430][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  430.344724][T10526] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  431.473242][T10526] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  431.494870][T10526] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  431.659040][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  431.673583][ T7501] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  431.700923][T10526] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  431.789131][T10479] 8021q: adding VLAN 0 to HW filter on device batadv0
[  431.932886][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  431.960390][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  432.066522][T10479] device veth0_vlan entered promiscuous mode
[  432.131828][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  432.144298][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  432.187159][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  432.224005][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  433.038962][T10479] device veth1_vlan entered promiscuous mode
[  433.215712][T10526] 8021q: adding VLAN 0 to HW filter on device bond0
[  433.550808][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  433.646576][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  433.974341][T10479] device veth0_macvtap entered promiscuous mode
[  434.029897][T10526] 8021q: adding VLAN 0 to HW filter on device team0
[  434.047163][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  434.083757][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  434.244396][T10479] device veth1_macvtap entered promiscuous mode
[  434.276030][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  434.299465][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  434.344810][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.351938][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  434.555718][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  434.714693][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  434.863458][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.870646][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  435.007996][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  435.062135][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  435.103352][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.134548][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  435.165541][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.203872][T10479] batman_adv: batadv0: Interface activated: batadv_slave_0
[  435.239917][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.281008][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.302405][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.355639][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.384841][T10479] batman_adv: batadv0: Interface activated: batadv_slave_1
[  435.396794][T10808] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  435.409852][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  435.425128][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  435.443812][T10808] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1386'.
[  435.461682][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  435.509010][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  435.530827][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  435.545559][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  435.554725][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  435.566310][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  435.576184][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  435.585469][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  435.601969][T10479] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  435.619430][T10479] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  435.632001][T10479] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  435.645464][T10479] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  435.668238][T10526] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  435.692022][T10526] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  435.810823][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  435.831757][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  435.863462][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  435.872303][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  435.880985][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  435.889957][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  437.201277][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  438.223349][ T7501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  438.231198][ T7501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  438.283133][T10848] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1393'.
[  438.378944][ T6048] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  438.380862][T10848] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1393'.
[  438.403526][ T6048] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  438.449148][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  438.490457][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  438.518617][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  438.531555][T10859] tipc: Started in network mode
[  438.554787][T10859] tipc: Node identity 4, cluster identity 4711
[  438.577366][T10859] tipc: Node number set to 4
[  438.612762][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  438.702369][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  438.725069][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  438.742665][T10526] 8021q: adding VLAN 0 to HW filter on device batadv0
[  439.456892][T10891] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  439.995491][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  440.003099][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  442.549982][T10946] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  442.576292][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  442.584043][T10946] CIFS mount error: No usable UNC path provided in device string!
[  442.584043][T10946] 
[  442.594544][T10946] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  442.697432][ T7497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  442.822413][ T7497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  443.085354][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  443.094957][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  443.114246][T10526] device veth0_vlan entered promiscuous mode
[  443.122858][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  443.207470][T10949] loop1: detected capacity change from 0 to 1024
[  443.276759][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  443.926365][T10526] device veth1_vlan entered promiscuous mode
[  444.071517][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  444.085044][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  444.122155][T10526] device veth0_macvtap entered promiscuous mode
[  444.146452][T10526] device veth1_macvtap entered promiscuous mode
[  444.164868][T10967] loop1: detected capacity change from 0 to 256
[  444.188995][T10526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.221249][T10526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.239778][T10526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.262186][T10526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.278774][T10526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.332258][T10526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.368053][T10526] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.381739][T10526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.394008][T10967] exfat: Deprecated parameter 'utf8'
[  444.409249][T10526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.428207][T10526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.837732][T10526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.895123][T10526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.987759][T10526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.163913][T10526] batman_adv: batadv0: Interface activated: batadv_slave_1
[  445.173221][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  445.182759][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  445.202671][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  445.252409][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  445.322681][T10967] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  445.367918][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  445.451726][T10967] exfat filesystem being mounted at /6/file0 supports timestamps until 2107-12-31 (0x10391447f)
[  445.463455][ T6015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  446.250719][T10526] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  446.259872][T10526] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  446.285674][T10526] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  446.339838][T10526] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  447.615423][ T4406] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  447.644756][ T4406] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  447.834567][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  447.851595][T11013] netlink: 'syz.8.1431': attribute type 13 has an invalid length.
[  452.011955][T11013] netdevsim netdevsim8 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  452.028508][T11013] netdevsim netdevsim8 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  452.040615][T11013] netdevsim netdevsim8 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  452.055929][T11013] netdevsim netdevsim8 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  452.135210][T11013] netdevsim netdevsim8 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  452.143781][T11013] netdevsim netdevsim8 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  452.152157][T11013] netdevsim netdevsim8 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  452.161310][T11013] netdevsim netdevsim8 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  452.294672][ T6015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.329896][ T6015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.361578][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  454.570427][T11081] loop4: detected capacity change from 0 to 256
[  454.577483][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  455.780355][T11081] vfat filesystem being mounted at /0/file1 supports timestamps until 2107-12-31 (0x10391447e)
[  459.335975][T11132] loop4: detected capacity change from 0 to 256
[  462.259540][T11132] FAT-fs (loop4): Directory bread(block 64) failed
[  462.266174][T11132] FAT-fs (loop4): Directory bread(block 65) failed
[  462.272752][T11132] FAT-fs (loop4): Directory bread(block 66) failed
[  462.279362][T11132] FAT-fs (loop4): Directory bread(block 67) failed
[  462.285990][T11132] FAT-fs (loop4): Directory bread(block 68) failed
[  462.292536][T11132] FAT-fs (loop4): Directory bread(block 69) failed
[  462.299290][T11132] FAT-fs (loop4): Directory bread(block 70) failed
[  462.306150][T11132] FAT-fs (loop4): Directory bread(block 71) failed
[  462.312752][T11132] FAT-fs (loop4): Directory bread(block 72) failed
[  462.319409][T11132] FAT-fs (loop4): Directory bread(block 73) failed
[  462.352659][T11132] vfat filesystem being mounted at /2/bus supports timestamps until 2107-12-31 (0x10391447e)
[  462.426791][T11145] loop1: detected capacity change from 0 to 128
[  462.582986][T11145] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  462.711740][T11145] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  462.773500][T11145] ext2 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  468.185472][T11213] lo speed is unknown, defaulting to 1000
[  468.803269][ T5022] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  471.383480][ T5022] usb 5-1: device descriptor read/all, error -71
[  481.563679][T11338] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  481.572950][T11338] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  481.582488][T11338] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  485.890616][T11389] bond3: (slave bridge1): Enslaving as an active interface with an up link
[  486.012369][T11389] bond3: (slave bridge2): Enslaving as an active interface with a down link
[  486.048632][T11402] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1519'.
[  486.161646][T11404] gfs2: gfs2 mount does not exist
[  486.713456][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  486.934984][T11410] device syzkaller0 entered promiscuous mode
[  487.970437][T11432] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  488.401797][T11451] loop4: detected capacity change from 0 to 128
[  488.556294][T11451] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  489.404748][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  489.404763][   T26] audit: type=1800 audit(3918149006.908:503): pid=11451 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1534" name="file1" dev="loop4" ino=94 res=0 errno=0
[  489.522811][   T26] audit: type=1800 audit(3918149006.998:504): pid=11464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1534" name="file1" dev="loop4" ino=94 res=0 errno=0
[  490.679245][T11489] loop4: detected capacity change from 0 to 256
[  490.837680][T11489] vfat filesystem being mounted at /20/bus supports timestamps until 2107-12-31 (0x10391447e)
[  497.113277][T11587] tipc: Started in network mode
[  497.120569][T11587] tipc: Node identity ac14140f, cluster identity 4711
[  497.138465][T11587] tipc: New replicast peer: 10.1.1.2
[  497.144825][T11587] tipc: Enabled bearer <udp:syz2>, priority 10
[  497.765620][T11600] xt_policy: output policy not valid in PREROUTING and INPUT
[  499.186582][ T4454] tipc: Node number set to 2886997007
[  500.577505][T11637] netlink: 20 bytes leftover after parsing attributes in process `syz.9.1575'.
[  501.437432][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  501.443825][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  507.150833][T11710] loop4: detected capacity change from 0 to 256
[  507.224221][T11719] netlink: 'syz.8.1595': attribute type 1 has an invalid length.
[  507.771684][T11710] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  508.113369][T11710] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  508.175680][T11723] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  508.185416][T11723] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  508.195069][T11723] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  508.245804][T11710] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  508.525078][T11710] exfat filesystem being mounted at /32/file0 supports timestamps until 2107-12-31 (0x10391447f)
[  509.188259][T11747] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1601'.
[  513.501889][T11804] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1615'.
[  513.697465][T11808] syz.1.1616 (11808): drop_caches: 2
[  513.745380][T11804] device hsr_slave_0 left promiscuous mode
[  513.862583][T11815] device syzkaller0 entered promiscuous mode
[  515.291449][T11832] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  515.367017][T11832] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  515.455204][T11841] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  515.664552][T11845] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  515.812844][T11845] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  516.073901][T11845] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  516.123787][T11845] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  516.132127][T11845] netlink: 'syz.0.1620': attribute type 29 has an invalid length.
[  516.511858][T11864] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1629'.
[  518.682830][T11882] netlink: 76 bytes leftover after parsing attributes in process `syz.8.1632'.
[  521.789370][T11944] device syzkaller0 entered promiscuous mode
[  521.810777][T11944] net_ratelimit: 1 callbacks suppressed
[  521.810796][T11944] 0: reclassify loop, rule prio 0, protocol 800
[  523.746725][T11972] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  523.771810][T11972] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  524.374765][T12004] sctp: [Deprecated]: syz.1.1654 (pid 12004) Use of struct sctp_assoc_value in delayed_ack socket option.
[  524.374765][T12004] Use struct sctp_sack_info instead
[  526.625362][T12012] bond0: (slave bond_slave_0): Releasing backup interface
[  526.674606][T12012] device bond_slave_0 left promiscuous mode
[  528.976208][T12057] netlink: 'syz.4.1667': attribute type 1 has an invalid length.
[  529.011840][T12068] loop1: detected capacity change from 0 to 512
[  529.212601][T12068] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  529.709271][T12068] EXT4-fs (loop1): 1 truncate cleaned up
[  529.722011][T12057] 8021q: adding VLAN 0 to HW filter on device bond1
[  529.737298][T12063] bond1: (slave vlan2): making interface the new active one
[  529.747321][T12063] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  529.784057][ T6048] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  529.793518][T12068] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,mb_optimize_scan=0x0000000000000001,errors=remount-ro,nombcache,. Quota mode: none.
[  532.025648][T12097] loop4: detected capacity change from 0 to 16
[  532.124207][T12097] erofs: (device loop4): mounted with root inode @ nid 36.
[  533.122744][T12114] binder: 12113:12114 ioctl c0306201 0 returned -14
[  534.416128][T12136] sch_tbf: burst 480 is lower than device lo mtu (65550) !
[  535.077152][T12150] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1686'.
[  535.180794][   T26] audit: type=1326 audit(3918149052.678:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  535.331761][   T26] audit: type=1326 audit(3918149052.678:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  535.361725][   T26] audit: type=1326 audit(3918149052.678:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  535.396752][   T26] audit: type=1326 audit(3918149052.678:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  535.430653][   T26] audit: type=1326 audit(3918149052.678:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  535.471681][T12163] loop1: detected capacity change from 0 to 16
[  535.609384][   T26] audit: type=1326 audit(3918149052.688:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  536.563681][   T26] audit: type=1326 audit(3918149052.688:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  536.586609][   T26] audit: type=1326 audit(3918149052.688:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  536.609241][   T26] audit: type=1326 audit(3918149052.688:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  536.631825][   T26] audit: type=1326 audit(3918149052.688:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12154 comm="syz.8.1687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9e419f79 code=0x7ffc0000
[  536.656773][T12163] erofs: (device loop1): mounted with root inode @ nid 36.
[  537.223367][T12195] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1698'.
[  537.367900][T12193] 9p filesystem being mounted at /46/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  537.493888][T12210] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1701'.
[  537.510069][T12210] unsupported nlmsg_type 40
[  538.009330][T12210] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1701'.
[  538.298975][T12220] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1704'.
[  540.146878][T12253] device syzkaller0 entered promiscuous mode
[  540.176705][T12259] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1715'.
[  542.390831][T12294] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1724'.
[  544.035230][T12297] netlink: 'syz.9.1725': attribute type 1 has an invalid length.
[  544.361200][T12297] device bond1 entered promiscuous mode
[  544.380002][T12297] 8021q: adding VLAN 0 to HW filter on device bond1
[  544.651303][T12320] binder: 12319:12320 ioctl c0306201 0 returned -14
[  544.681504][T12306] bond1: (slave veth7): Enslaving as an active interface with a down link
[  544.885863][T12330] bridge0: the hash_elasticity option has been deprecated and is always 16
[  544.957307][    T7] Bluetooth: hci7: command 0x0406 tx timeout
[  544.966778][    T7] Bluetooth: hci6: command 0x0406 tx timeout
[  547.769238][T12345] sctp: [Deprecated]: syz.8.1735 (pid 12345) Use of struct sctp_assoc_value in delayed_ack socket option.
[  547.769238][T12345] Use struct sctp_sack_info instead
[  549.024803][T12362] device vlan2 entered promiscuous mode
[  549.091811][T12362] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1740'.
[  549.498363][T12369] affs: No valid root block on device nullb0
[  550.691721][T12353] syz.8.1738 sent an empty control message without MSG_MORE.
[  550.975682][T12396] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1746'.
[  550.985252][T12396] netlink: set zone limit has 8 unknown bytes
[  551.573363][T12389] device syzkaller0 entered promiscuous mode
[  552.634365][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  556.296880][T12446] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1757'.
[  556.414533][T12446] 9pnet: Insufficient options for proto=fd
[  557.746524][T12472] bridge0: port 3(vlan3) entered blocking state
[  557.823320][T12472] bridge0: port 3(vlan3) entered disabled state
[  557.852398][T12472] device vlan3 entered promiscuous mode
[  559.952802][T12518] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1775'.
[  560.072331][T12518] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1775'.
[  562.242245][   T27] INFO: task syz.2.1270:10168 blocked for more than 144 seconds.
[  562.399776][   T27]       Not tainted syzkaller #0
[  562.423022][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  562.478770][   T27] task:syz.2.1270      state:D stack:25712 pid:10168 ppid:  4198 flags:0x00004004
[  562.571217][   T27] Call Trace:
[  562.574715][   T27]  <TASK>
[  562.577661][   T27]  __schedule+0x11ef/0x43c0
[  562.582218][   T27]  ? release_firmware_map_entry+0x190/0x190
[  562.588174][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  562.594217][   T27]  ? lock_chain_count+0x20/0x20
[  562.599081][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[  562.604152][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[  562.609724][   T27]  schedule+0x11b/0x1e0
[  562.613974][   T27]  schedule_preempt_disabled+0xf/0x20
[  562.619362][   T27]  rwsem_down_read_slowpath+0x548/0x9d0
[  562.624986][   T27]  ? down_write_killable_nested+0x90/0x90
[  562.630720][   T27]  ? read_lock_is_recursive+0x10/0x10
[  562.665079][   T27]  ? __rwlock_init+0x140/0x140
[  562.669889][   T27]  ? do_quotactl+0x710/0x710
[  562.674715][   T27]  down_read+0x96/0x2e0
[  562.678915][   T27]  ? do_quotactl+0x710/0x710
[  562.692452][   T27]  iterate_supers+0xa4/0x1d0
[  562.733345][   T27]  __se_sys_quotactl+0x33b/0x6f0
[  562.738354][   T27]  ? __x64_sys_quotactl+0xa0/0xa0
[  562.881021][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  562.894985][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  563.357503][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  563.363757][   T27]  ? lock_chain_count+0x20/0x20
[  563.368648][   T27]  ? vtime_user_exit+0x2c8/0x3e0
[  563.414741][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[  563.449064][   T27]  do_syscall_64+0x4c/0xa0
[  563.478915][   T27]  ? clear_bhb_loop+0x30/0x80
[  563.499411][   T27]  ? clear_bhb_loop+0x30/0x80
[  563.523206][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  563.529215][   T27] RIP: 0033:0x7f8933deff79
[  563.533895][   T27] RSP: 002b:00007f893204b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  563.542337][   T27] RAX: ffffffffffffffda RBX: 00007f893406afa0 RCX: 00007f8933deff79
[  563.580395][   T27] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000102
[  563.623356][   T27] RBP: 00007f8933e866e0 R08: 0000000000000000 R09: 0000000000000000
[  563.631379][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  563.673468][   T27] R13: 00007f893406b038 R14: 00007f893406afa0 R15: 00007ffdaebca508
[  563.682050][   T27]  </TASK>
[  563.720382][   T27] INFO: task syz.3.1277:10198 blocked for more than 145 seconds.
[  563.753428][   T27]       Not tainted syzkaller #0
[  563.758415][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  563.800752][   T27] task:syz.3.1277      state:D stack:25616 pid:10198 ppid:  7438 flags:0x00004004
[  563.823310][   T27] Call Trace:
[  563.826635][   T27]  <TASK>
[  563.829576][   T27]  __schedule+0x11ef/0x43c0
[  563.871455][   T27]  ? release_firmware_map_entry+0x190/0x190
[  563.893438][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  563.899485][   T27]  ? lock_chain_count+0x20/0x20
[  563.953320][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[  563.970700][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[  563.988783][   T27]  schedule+0x11b/0x1e0
[  564.005405][   T27]  schedule_preempt_disabled+0xf/0x20
[  564.017601][   T27]  rwsem_down_read_slowpath+0x548/0x9d0
[  564.033753][   T27]  ? down_write_killable_nested+0x90/0x90
[  564.052963][   T27]  ? read_lock_is_recursive+0x10/0x10
[  564.069850][   T27]  ? __rwlock_init+0x140/0x140
[  564.084775][   T27]  ? do_quotactl+0x710/0x710
[  564.099857][   T27]  down_read+0x96/0x2e0
[  564.113060][   T27]  ? do_quotactl+0x710/0x710
[  564.126052][   T27]  iterate_supers+0xa4/0x1d0
[  564.140212][   T27]  __se_sys_quotactl+0x33b/0x6f0
[  564.159436][   T27]  ? __x64_sys_quotactl+0xa0/0xa0
[  564.172500][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  564.191204][   T27]  ? lock_chain_count+0x20/0x20
[  564.207427][   T27]  ? vtime_user_exit+0x2c8/0x3e0
[  564.222481][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[  564.240146][   T27]  do_syscall_64+0x4c/0xa0
[  564.256027][   T27]  ? clear_bhb_loop+0x30/0x80
[  564.271831][   T27]  ? clear_bhb_loop+0x30/0x80
[  564.295784][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  564.313406][   T27] RIP: 0033:0x7fbf18f13f79
[  564.327976][   T27] RSP: 002b:00007fbf1716f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  564.355543][   T27] RAX: ffffffffffffffda RBX: 00007fbf1918efa0 RCX: 00007fbf18f13f79
[  564.380624][   T27] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000101
[  564.423267][   T27] RBP: 00007fbf18faa6e0 R08: 0000000000000000 R09: 0000000000000000
[  564.431289][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  564.464580][   T27] R13: 00007fbf1918f038 R14: 00007fbf1918efa0 R15: 00007ffcb148b398
[  564.501304][   T27]  </TASK>
[  564.516374][   T27] 
[  564.516374][   T27] Showing all locks held in the system:
[  564.533204][   T27] 1 lock held by khungtaskd/27:
[  564.538093][   T27]  #0: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  564.574401][   T27] 2 locks held by getty/3948:
[  564.579123][   T27]  #0: ffff88802ca16098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  564.603178][   T27]  #1: ffffc900025ce2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x5df/0x1a70
[  564.623173][   T27] 1 lock held by syz-executor/4445:
[  564.628409][   T27]  #0: ffff88807a8220e0 (&type->s_umount_key#51){++++}-{3:3}, at: deactivate_super+0xa0/0xd0
[  564.663172][   T27] 2 locks held by kworker/u4:8/4461:
[  564.668495][   T27]  #0: ffff8880b903a358 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  564.697652][   T27]  #1: ffff8880b9027888 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x4fe/0x7d0
[  564.732513][   T27] 1 lock held by syz.2.1270/10168:
[  564.741263][   T27]  #0: ffff88807a8220e0 (&type->s_umount_key#51){++++}-{3:3}, at: iterate_supers+0xa4/0x1d0
[  564.756392][   T27] 1 lock held by syz.3.1277/10198:
[  564.761556][   T27]  #0: ffff88807a8220e0 (&type->s_umount_key#51){++++}-{3:3}, at: iterate_supers+0xa4/0x1d0
[  564.772160][   T27] 2 locks held by syz.8.1770/12497:
[  564.777446][   T27] 1 lock held by sed/12572:
[  564.781998][   T27] 
[  564.784392][   T27] =============================================
[  564.784392][   T27] 
[  564.792802][   T27] NMI backtrace for cpu 1
[  564.797150][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  564.804356][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  564.814421][   T27] Call Trace:
[  564.817798][   T27]  <TASK>
[  564.820735][   T27]  dump_stack_lvl+0x188/0x250
[  564.825438][   T27]  ? show_regs_print_info+0x20/0x20
[  564.830656][   T27]  ? load_image+0x400/0x400
[  564.835176][   T27]  ? tick_nohz_tick_stopped+0x7b/0xb0
[  564.840569][   T27]  ? nmi_cpu_backtrace+0x1b2/0x3d0
[  564.845705][   T27]  nmi_cpu_backtrace+0x3a2/0x3d0
[  564.850658][   T27]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  564.856822][   T27]  ? _printk+0xda/0x130
[  564.860994][   T27]  ? load_image+0x400/0x400
[  564.865517][   T27]  ? load_image+0x400/0x400
[  564.870034][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  564.876113][   T27]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  564.882111][   T27]  watchdog+0xe0f/0xe50
[  564.886287][   T27]  kthread+0x436/0x520
[  564.890362][   T27]  ? hungtask_pm_notify+0x40/0x40
[  564.895395][   T27]  ? kthread_blkcg+0xd0/0xd0
[  564.899996][   T27]  ret_from_fork+0x1f/0x30
[  564.904433][   T27]  </TASK>
[  564.908064][   T27] Sending NMI from CPU 1 to CPUs 0:
[  564.913409][    C0] NMI backtrace for cpu 0
[  564.913421][    C0] CPU: 0 PID: 12497 Comm: syz.8.1770 Not tainted syzkaller #0
[  564.913439][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  564.913447][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60
[  564.913470][    C0] Code: 84 00 00 00 00 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 90 bc 10 0c 48 89 de 5b e9 17 42 44 00 00 00 cc cc 00 00 cc 48 8b 04 24 <65> 48 8b 0d e4 4e 89 7e 65 8b 15 e5 4e 89 7e 81 e2 00 01 ff 00 74
[  564.913483][    C0] RSP: 0018:ffffc9000393f528 EFLAGS: 00000297
[  564.913498][    C0] RAX: ffffffff81b09fab RBX: ffff88803cd0b010 RCX: ffff88807bac0000
[  564.913511][    C0] RDX: 0000000000000000 RSI: 00000000000001fe RDI: 0000000000000094
[  564.913521][    C0] RBP: 0000000000000094 R08: ffffea00015dc033 R09: 1ffffd40002bb806
[  564.913532][    C0] R10: dffffc0000000000 R11: fffff940002bb807 R12: dffffc0000000000
[  564.913544][    C0] R13: 00000000000001fe R14: 00000000000001fe R15: ffff88803cd0b00c
[  564.913555][    C0] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  564.913569][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  564.913581][    C0] CR2: 00007f47da90b6b0 CR3: 00000000734ab000 CR4: 00000000003506f0
[  564.913595][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  564.913605][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  564.913615][    C0] Call Trace:
[  564.913621][    C0]  <TASK>
[  564.913626][    C0]  __tlb_remove_page_size+0x19b/0x3f0
[  564.913650][    C0]  unmap_page_range+0x1093/0x2500
[  564.913681][    C0]  unmap_vmas+0x131/0x250
[  564.913696][    C0]  ? unmap_page_range+0x2500/0x2500
[  564.913709][    C0]  ? __mutex_lock_common+0x465/0x2400
[  564.913728][    C0]  ? exit_mm_release+0x16/0x30
[  564.913748][    C0]  exit_mmap+0x3b9/0x640
[  564.913765][    C0]  ? vm_brk+0x20/0x20
[  564.913786][    C0]  ? uprobe_clear_state+0x2f6/0x460
[  564.913802][    C0]  ? mm_update_next_owner+0x522/0x640
[  564.913821][    C0]  __mmput+0x115/0x3b0
[  564.913836][    C0]  exit_mm+0x588/0x6e0
[  564.913849][    C0]  ? xacct_add_tsk+0x4a0/0x4a0
[  564.913867][    C0]  ? do_exit+0x20c0/0x20c0
[  564.913880][    C0]  ? __ia32_sys_timer_delete+0x40/0x40
[  564.913896][    C0]  ? hrtimer_try_to_cancel+0x3c9/0x410
[  564.913913][    C0]  ? taskstats_exit+0x439/0xab0
[  564.913930][    C0]  ? tty_audit_exit+0x14e/0x1f0
[  564.913948][    C0]  do_exit+0x5a9/0x20c0
[  564.913963][    C0]  ? put_task_struct+0x80/0x80
[  564.913979][    C0]  ? lock_chain_count+0x20/0x20
[  564.913999][    C0]  do_group_exit+0x12e/0x300
[  564.914013][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  564.914030][    C0]  get_signal+0x6ca/0x12c0
[  564.914053][    C0]  arch_do_signal_or_restart+0xe7/0x12c0
[  564.914079][    C0]  ? force_sig_info_to_task+0x320/0x3d0
[  564.914097][    C0]  ? get_sigframe_size+0x10/0x10
[  564.914118][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  564.914141][    C0]  ? exit_to_user_mode_loop+0x3b/0x130
[  564.914157][    C0]  exit_to_user_mode_loop+0x9e/0x130
[  564.914171][    C0]  exit_to_user_mode_prepare+0xee/0x180
[  564.914190][    C0]  irqentry_exit_to_user_mode+0x5/0x30
[  564.914212][    C0]  exc_page_fault+0x88/0x100
[  564.914229][    C0]  asm_exc_page_fault+0x22/0x30
[  564.914244][    C0] RIP: 0033:0x7fdb9e2d04f7
[  564.914256][    C0] Code: Unable to access opcode bytes at RIP 0x7fdb9e2d04cd.
[  564.914264][    C0] RSP: 002b:00007fdb9c656120 EFLAGS: 00010202
[  564.914276][    C0] RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007fdb9e419f79
[  564.914286][    C0] RDX: 00007fdb9c656140 RSI: 00007fdb9c656270 RDI: 000000000000000b
[  564.914296][    C0] RBP: 00007fdb9e4b06e0 R08: 0000000000000000 R09: 0000000000000000
[  564.914306][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  564.914316][    C0] R13: 00007fdb9e695038 R14: 00007fdb9e694fa0 R15: 00007ffcdfad0ef8
[  564.914333][    C0]  </TASK>
[  564.985888][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  565.313939][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  565.321125][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  565.331169][   T27] Call Trace:
[  565.334446][   T27]  <TASK>
[  565.337374][   T27]  dump_stack_lvl+0x188/0x250
[  565.342048][   T27]  ? show_regs_print_info+0x20/0x20
[  565.347236][   T27]  ? load_image+0x400/0x400
[  565.351738][   T27]  panic+0x2e5/0x810
[  565.355621][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  565.361254][   T27]  ? bpf_jit_dump+0xd0/0xd0
[  565.365751][   T27]  ? nmi_trigger_cpumask_backtrace+0x260/0x280
[  565.371899][   T27]  watchdog+0xe4e/0xe50
[  565.376080][   T27]  kthread+0x436/0x520
[  565.380150][   T27]  ? hungtask_pm_notify+0x40/0x40
[  565.385172][   T27]  ? kthread_blkcg+0xd0/0xd0
[  565.389758][   T27]  ret_from_fork+0x1f/0x30
[  565.394175][   T27]  </TASK>
[  565.397552][   T27] Kernel Offset: disabled
[  565.401873][   T27] Rebooting in 86400 seconds..