last executing test programs:

12m52.68380031s ago: executing program 32 (id=290):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0xfc, 0x0, 0x0)
symlinkat(&(0x7f0000000040)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x1000)
chdir(&(0x7f00000003c0)='./bus\x00')
fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)

12m52.665755468s ago: executing program 0 (id=292):
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
pipe2$9p(&(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
tee(r2, r5, 0x53, 0x0)
write$binfmt_script(r5, &(0x7f0000000540)={'#! ', './file0'}, 0xb)
tee(r4, r3, 0x9, 0x8)

12m52.184870429s ago: executing program 0 (id=296):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x2810000, &(0x7f0000000000)={[{@usrquota}, {@data_journal}]}, 0x3, 0x57a, &(0x7f0000000300)="$eJzs3d9rW1UcAPDvvW33U10HY6iIFPbgZC5dW39M8GE+ig4H+j5Dm5XRdBlNOtY62PbgXnyRIYg4EN/13cexf8C/YqCDIaPogy+Rm95kaZusWdet2fL5wG3PybnJud977jk5NzeXBDCwxrI/acRrEfFdEnGgrWw48sKx1fVWHlyZzpYk6vUv/k4iyR9rrp/k//fnmVcj4s43EcfSjfVWl5bniuVyaSHPj9fmL45Xl5aPn58vzpZmSxcmp6ZOvjc1+eEH729brG+f+ffHz29/cvLbIys//Hbv4M0kTsVLeVl7HLm0LaReXWvPjMVY/gIjcWrdihOPu/F9qrn/HndH0R+G8n4+EtkYcCCG8l4PvPiuRkQdGFCJ/g8DqjkPaJ7bdzgPfqHd/3j1BGhj/MOrn43Ensa50b6VZM2ZUXa+O7oN9Wd1/P7XrZvZEp0/h1gvWfcxA8CWXLseESeGhzeOf0k+/m3diR7WWV/HoL3/wE66nc1/3uk0/0lb85/oMP/Z36HvbsXm/T+9tw3VdJXN/z7qOP9tXbQaHcpzLzfmfCPJufPlUja2vRIRR2Nkd5Z/1PWckyt3693K2ud/2ZLV35wL5ttxb3j32ufMFGvFJ4m53f3rEa93nP8mrfZPOrR/tj/O9FjH4dKtN7uVbR7/01X/JeKtiLizazXfHn9T8ujrk+ON42G8eVRs9M+Nw3+0Mitry3Y6/qz993U8/lvxjybt12urj1/Hz3v+K0X9aseyrR7/u5IvG+m82eJysVZbmIjYlXy28fHJh89t5pvrZ/EfPfLo8a/T8b83Ir7qMf4bh359o1tZh/jTZ93+Mz21fzYKZu3fOhB6Ttz99OufutW/Jv5r0aX9322kjuaP9DL+9bqBT7LvAAAAAAAAoN+kjXs4k7TQSqdpobD6/Y5DsS8tV6q1Y+cqixdmVu/1HI2RtHml+0Db9yEm8u/DNvOT6/JTEXEwIr4f2tvIF6Yr5ZmdDh4AAAAAAAAAAAAAAAAAAAD6xP4u9/9n/hza6a0Dnjo/+Q2Da9P+vx2/9AT0Je//MLj0fxhc+j8MLv0fBpf+D4Mr7/8u98MA8v4Pg0v/BwAAAAAAAAAAAAAAAAAAAAAAAAAAgG115vTpbKmvPLgyneVnLi0tzlUuHZ8pVecK84vThenKwsXCbKUyWy4Vpivzm71euVK5ODEZi5fHa6Vqbby6tHx2vrJ4oXb2/HxxtnS2NPJMogIAAAAAAAAAAAAAAAAAAIDnS3Vpea5YLpcWJJ7jRBo7V/twv+wEiW1N7PTIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/R8AAP//nI4y/w==")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000880)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x63}, {0x7, [{@any, 0x6, 0x20, "c8af95", 0x7f, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xff, 0x4, "74940b", 0x8006}, {@any, 0x2, 0x2, '\x00\x00#', 0x0, 0x9}, {@none, 0x9, 0xb, "622a1f", 0x4, 0x7}, {@none, 0x1, 0xa, "326f8d", 0x800, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xe, 0x7, "1a751d", 0x2, 0xe}, {@none, 0x9, 0xe, "aa7412", 0x9ea4, 0x1}]}}}, 0x66)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

12m50.956410872s ago: executing program 0 (id=301):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
write(r1, &(0x7f0000000000)="ea", 0x1)
sendto$inet6(r1, &(0x7f0000000200)='\x00', 0x1, 0x48015, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x2}, 0x8)
close(r1)

12m50.560911388s ago: executing program 0 (id=304):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x70, 0x24, 0xe0b, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x40, 0x2, {{0x3, 0x4, 0x0, 0x5, 0xfffffffd, 0x8}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x80000001, 0x6, 0x8, 0x6, 0xd99d}}]}]}}}]}, 0x70}}, 0x0)
sendto$packet(r0, &(0x7f00000002c0)="44c33b69ebc9e05e9bdec0c286dd", 0xe, 0x830, &(0x7f0000000440)={0x11, 0x0, r3, 0x1, 0x2, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}}, 0x14)

12m50.006061205s ago: executing program 0 (id=307):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

12m49.473259245s ago: executing program 0 (id=310):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000022"], 0x48)
r3 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp=r3}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={r2, &(0x7f0000000040)}, 0x20)

12m34.062576104s ago: executing program 33 (id=310):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000022"], 0x48)
r3 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp=r3}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={r2, &(0x7f0000000040)}, 0x20)

10m32.253546664s ago: executing program 3 (id=897):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x34, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002c80)=ANY=[@ANYBLOB="6a0af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a26c7670568982b4e020f698393a1587aee89eb5603111ced3a0f3881f9c24561f1b2607995daa56f151905ea23c22624c12533d3984e835a3c61a7a9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0c884625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130bd030000c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2369149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300005d2c4df17c91e5451f1e44467a1ed30480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf607aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a9963b924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8241ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcfffffffffaffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda420d3e53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fd73c294290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd96058e7bf5b51cce33bd30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c9b2c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbd008fc1be8ea216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d253118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998e340aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1502a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c6d083cf2fb4598a4743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b9314dcdfadafff7ca3243a9c40a67ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b368a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e35fd7834f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e4570600000091c674e6e549227d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb07005dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3badf2f6ffda1360c2786e16937ab61d7dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68ac3c64458943fc59c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5fb3abc96478924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0cb3d67bbcd9b91072659d872976b796e2b81025edb5f45f785e2019ca659be7e8ae953325a27564fdab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfd1016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d0f6c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e7cdd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7b828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c6b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c51ff4040068ae2676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e9f367f2eb36eed56c037991d4026f8c743c1360a29d8177d1250ff303e207f02c33b6009abb9948d7e787c863998f0a5f1b3761e8006c8095dd0adb892e5f020a1e1032f3b4ad237e9573faa2bece611b2af8de93c3157af2a1797f696493dcda51b9c63f31f85f82689d23c1bb1b2027f6583ec9d1418e684183480cb2ce5dae947313be0000000000009b941d0c4e344baf15e63f581e9ead164a550d5d78864b0218ac8a33ee3433de56a991c72a046386223ff52c139ed3ebed412c78112524ee6b3385b2954cc89e2635d4d62d51b18b196716032e9fd4d8a5cefcd8c36125bfb92efc658fb0b7d2e933f9957fc78dc15eb3e0fc77cb84177e41db5a65c7dd3a4b3431d2f52c4c3971a83b12e399b3e91281fa1200591430fcd74269f3f14332b175225120432b0babc737be65257fbc833c096fcb8b1d5731e6f95e8259bc1aa73e75132b28aedf5bb34f5c33c319b4e25b951189d5c03815e0259448ed9c51e6e6c371e387ad82734990a37071c6225a2116db67b503f48460430b6fe6c57eca9b4ddd5c699d1883891f047ac9792eeca5f9465bfe4d6e5faf78d81b376415935d145151a47b23af15d61db53a5afcf0a792afa5e43e2f742449c1a4cbdad69dc5c1013aa36fba2013ffb4b65216618222469ab0a63d141cd11b31caadeea6e9ee58854684350bffc86f09fc563b1a68c03b828ab51fe2e36594ab83cb5a9d4417231b0988bc38b073a88054e8a066b89e24e5d651d891acfd13518f3538c9c6c91bba247ff3a5fd41934a932c7b23bfb7ac9f1a9bf72243e56508ab8e31d99287ad5bb0795e48598b4b752cf801e29d3919ae547b51392bd9bd74b8e2dd5f384b5d721d7a877227797807119746ba65f42c291e3510d80b6c0bcfad2e8bdc51f07c9916f2f9364381b633518d0fc14834aaa5c2302b6040cdc0e09626f3f86cd2eba4736d4c6e0fe8f778851f5484a179fc4c430258f06bf2c08c11a36ff4dd4bd8ff174feaff7c29154d751fbb7c122d515541a9c8421536e032f8fe5170925c83c91600b7e3d9827bf984d30a3193e1b2c3bda2494c67686a7b308ab19d884ff074071b14d8a016758b6aca4b2c9f904cda56ca14fe97b26ba61cc11c95c34e324bceb8d11ccb65744759fb602fdee6f09e07f60a8937da7b2196c6586824961386a81df193491fb050308c96227b84ef9d782b912aed6d2b86e2edb373a0d5a51e6a442eedfe0a3d4b11d8426e6fb6b50a302f03477ee5746189c3765d9c1de0cb0b32f44ef0c8d3e97aecd7a588ce76d4664f7cd4f2d73ef8030144fb459e85656831742dacfcfd018fb1620e5bd2d1913e3d069d0990ddfe4577a4c639485f5fbc7cfe8703842a8e00000000000000000000000000000044013357f3db4f3d593817847481eed577be82a6eb45fb9ffd62ce99fd5e9b5e5ddfada42b2c3a70ad4e21fd09351ce78496f71c28da5e626f6ce1f277021bc094f057a2e9d6f7cd5f778fcb4a6731e03b947740fc8b332eeb9e5104cc8d2bf6eed83907f084f00f616ef29ed7bcbef74319a2ee81ea70b09f0afc61b53b6f96b2edc7e7d76694a8ba9abcc01e1b4476fc254a13d62806ded5170546bc23065572f0a39140659f919f86e0059e22035aae1e954fbb9fa8cf0760cf3c7c1d3e822ec3aecfb1347e947a871c4347571b9f9f6aa21c2257335405cb065dd6e60cfe9d0e5cf4b6ac2f6efa6c4b3d9ce5a41b8b391c8da52e67b5a60c4f791d36fc1f0538301b554ebe115bf2974b17c97f20201fa192eacd8d7c4687e774e08e3d5cd17c5ad52ed0a32fe938ff1d8d4b87d44bab2b3118efb95014c16c5674d8c8c61cd0a8ba3a3f623e4542b30d193a0c81ece179ad4af7db3e3adfce43c886cf50f55b45294f11c1b4fcc42e435f7042651de550b12291cee52c1fb622f654b36918f5de6ac212e847d313bc13c4396e286a085566837d660b51165efb063826ebd341be48ebf9217bb2ea261fd990ed"], &(0x7f0000000100)='GPL\x00'}, 0x41)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000200)='percpu_free_percpu\x00', r0}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0xcc, 0x30, 0xffff, 0x70bd27, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x0, 0x0, 0x0, 0x0, {0x0, 0x2, 0x0, 0x0, 0xfffe}, {0x0, 0x0, 0x0, 0x0, 0xfffd}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x1}}]}, {0x4}, {0xc, 0x3}, {0xc}}}]}]}, 0xcc}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)

10m30.630121562s ago: executing program 3 (id=905):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x3, 0x0, &(0x7f0000000000)="5cdd30", 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd5f, 0x0, 0x0}, 0x4c)
r0 = syz_io_uring_setup(0xd38, &(0x7f0000000680)={0x0, 0x7735, 0x10, 0x201, 0x350}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x36, 0x0, 0x0, 0x4, 0x0, 0x1, 0x20})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

10m29.536794451s ago: executing program 3 (id=910):
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000002480)=ANY=[@ANYBLOB="1201000000000040b40401000000000000010902"], 0x0)
syz_io_uring_setup(0x837, &(0x7f0000000540)={0x0, 0x2b94, 0x80, 0x7, 0x3cf}, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='clear_refs\x00')
syz_io_uring_setup(0x7831, &(0x7f0000000140)={0x0, 0x401, 0x80, 0x1}, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x200)
unshare(0x22020400)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xc3ac, 0xfffffffffffffff9, 0x0, 0x0, 0x4}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

10m25.740515962s ago: executing program 3 (id=925):
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000001200)='./file0\x00', 0x800000, &(0x7f00000004c0)=ANY=[], 0x1, 0x11aa, &(0x7f0000001280)="$eJzs209rI2UcB/Bf/2hramv9V20vPuhFL4PtwVMvRVqQBpS2EVpBmNJUQ2ISMjkk4qFnT74O8ehNEN9A34W3ooheenKWbZZ2W7qH3WUb2P18LvnCNwPPw8DAM8zvbP2n75rHRXac92NyYiKmuxHpPEWKyZiKkZP46O/1/37c3T/Y3qhWN3dS2trYW/0kpbTw3u9f/fDL+3/05778deG3mThd/Prsn7U/T5dOl8/+3/u2UaRGkdqdfsrTYafTzw9b9XTUKJpZSl+06nlRT412Ue9d649bnW53mPL20Xyl26sXRcrbw9SsD1O/k/q9Ycq/yRvtlGVZmq8ET6P283lZlhFl+VK8HGVZlq9EJebi1ZiPhXgtFuP1eCPejLfi7ViKd+LdWL7417jXDQAAAAAAAAAAAAAAAAAAAM8X8/8AAAAAAAAAAAAAAAAAAAAwfub/AQAAAAAAAAAAAAAAAAAAYPzM/wMAAAAAAAAAAAAAAAAAAMD47e4fbG9Uq5s7Kc1G/HUyqA1qo99Rv/VZdfPjdGHx6qp/B4Pa1GW/OurT9X4mKg/6tVv72fjwg1F/v/v08+qNfiWOnv32AQAA4IWQpUu3nu+z7FH9KD30fuDG+X06VqbvbBs8oWL4fTNvteo9QRCEyzDuJxN34eqmj3slAAAAAAAAAAAAPI67+Jxw3HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7rEDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAqwIAAP//DSeWkg==")
open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
mount(&(0x7f0000005440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0xfea7)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0xc, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c6780000335a63bdbcef549ba197fce47ddfdd00000000000000000000a3c5c00c000000a000", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x6]})
umount2(0x0, 0x2)

10m22.306171602s ago: executing program 3 (id=937):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f, 0x4}}, 0x20)
r0 = syz_io_uring_setup(0x81f, &(0x7f0000000100)={0x0, 0x0, 0x3010, 0xffffffff, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000540)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_NOP={0x0, 0x20})
io_uring_enter(r0, 0x47bc, 0x0, 0x21, 0x0, 0x0)

10m12.71528213s ago: executing program 3 (id=967):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)

10m11.310710895s ago: executing program 34 (id=967):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)

9m5.562984374s ago: executing program 6 (id=1230):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10)
sendmmsg$inet(r0, &(0x7f00000008c0)=[{{&(0x7f0000000080)={0x2, 0x4e1e, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000280)="b106d8e6da1a56dbbc6559cba83ab4188b858542ce191eb1300fe05f2a4a515ea418214eed0c9edec2b8bee7f454be00c3bccb3926e9fc9b4693700ecd67aebfcc1fe378e80d1baa12dc67dbfd86883a96ba6ae0ce1f428794748e084132b03a66d29669823c3c52b1cb49462bf251", 0x6f}, {&(0x7f0000001180)="f5b1935310db0e4cbab4828a853927cfb0f1f78b16e7780196b024beff2a7483f1eb1ef7e9aa01356a55af5cd3af42eba76c4166c0a6977fe266524bfb92edc2395f83a17aff75052546a317ea6b248554b20991856824e82cb20d37113c16df72b48d99ec3ad467a8e090193036eabb2a158594a1a602dc0159593739fa1b7a2c77806b45d3e18d416ee8b43ae21c727bb42d77afc5758d09fd8381562b3427c8b04d638233164e2b0b9411e131f746ea1ecd07c71f438950375476b11ee4a337a5ee7587348140c5049cecbb9760db80c808b2d02d36b9471ac6b24ccb279435f2b5b76c3c4004abea5d419ba69b3610b9902c3c860573dce3f6cd06df60c63d7e0baeb5b1f0bf09d517ef212a206d7632a337e2c3a4266ef349b3cb464d998b9f0a08eae2706222c428cdc19fc703eb4822bfb9dde7826cc020fcbe7b9554dc7d6bec7aee70530086f56f85ac0764eb3d1557850c4fa4c15560c2a7c52259cabfb84871e4c39c13f119928380740c3207dc99cdef51dc255ddfe49d95e18f6dbd4e36bba400467bb0f54b7cbbbd2d583643619acba636b47d07b04b42ee693d7b554767337d1eb253ebfc4df7b2430cbdfb44d04f94f70abe9835ad0745525f5d01b4e71ccc9816cdcb6b2c85e51b392e0c608c7ab932479dea760612721c41da93b1ec8545c23fcd5c95cb6a7d58a41552df02be9ae41ccc394b4e3a855defcfa18480faa1dd8e5a18806a098563561ab0607454f79a07b2fe4571b29e2d9413e6a60d372033188b9356bcf3421966ed6673aac2ecad131f9ede70a8f1b71b1ad0cfa1bc8ee91ec6cb7418db420dc5d942d3ec34db354dd29e5d8ea17efd167f90253293590a5843dfe6fbcf94d34bc14bcf2fe9e5594d37af19bdf80365f851ffc643ce24bb31d4bab294df8089fbaf240edd5223e2adcdfbf1de697df78cdcd8be6010d1cc7c5894f11b6fc8421b460cdbaf8c1caad1c08bfc3963d724f79a56e77fa5b73dd89ad8c96b97c27067e5f2a35ae9f9cdf17004056547001292ba9952346d07fba02f5225592385eed16f52437662124fc0c24fb3c100924608f178d413190dc5f0b1dd1b7c45806f7cbdd668a3c484f114e2d1ca9f4eacbd0845903794f695bc9fa49ebadcd18e1ff59cc5b7d444f0684ddf3ddf22e388770c1ba5d3b0eac6989871603a850bdf0171ab470c56a6306acd1494d25379a27f8bd188f885dcf4e40a64c1bf88ae0ff430bab773e9d7bac7fda2f7aa2d4968207356ca35b1a04c081e750471b885fceeae1a10b8a32b51907b51d1792e29345d06669c9efd4ea62368a23c819de6cd6934a1335ecbafb59321dd1a3cb63ec99202d48f7ebf73282f9bea530f7cae700a2cd33324d6d082dc9ab77f755e4d26302eb61bae485b30747de6bb80c023745848d61b341ddba4bb78a7df9e67478dc26926b6ba76f480c5a3abbf9caa73439e0303364923a710188489e68b22c298e0cd7e71bd85705c9abee04dfd508469e6eb14a61cb24e29dc5a8a1ba5cc4feecffa894eb23c1a072f36aa75094aa03b2c8d5efba7914acfe364d1bcae740b69cfd0122fc806f783bec4e695fedbd9dcf89a3c32fc4c7c77fb9608aa337226dca3081660c5aa090ad25290f9b39e6f63ce0dd9c974f79e4e6027bd54751aaa3d17097eeab17531146f5747c6e9547137f936493a88d3d883f4f60700cb221be3e3e8c5c766f124b90ed700c4160b4b1214544da4be68a5cd76674b0411077f13695b2b9977f3fb8cb4b1546a1455dfd622df52c4f9016b3dde4279d89aea3e1a013521947b45efa720140d99fb0d308aa90975016646929e51852ea8f90082983a395aebb6efdbe4e9b35c525223e532ffc5bf22cba77f3d4e0bc3e5b3445096fba08566da8ab949ca0cacaf74c8523dbf3e4c", 0x552}], 0x2}}], 0x2, 0xc044)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000fbff27bd7002fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="14100400040004001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4], 0x4c}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)
write$binfmt_misc(r0, 0x0, 0x0)

9m4.759337522s ago: executing program 6 (id=1235):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10)
listen(r1, 0x2)
r2 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x400, 0x0, 0x54}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_ACCEPT={0xd, 0x40, 0x0, r1, 0x0, 0x0, 0x0, 0x80000, 0x1})
io_uring_enter(r2, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
close(r0)

9m3.334909335s ago: executing program 6 (id=1246):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0xffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x90, 0x0, 0x2, {0x2, 0x0, 0x10001, 0x10000, 0x0, 0x3, {0x0, 0x101, 0x400000, 0x5, 0x0, 0x0, 0x200000, 0x4, 0xfffffffc, 0x6000, 0x1, 0x0, r2, 0x801}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1}, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

9m2.93365571s ago: executing program 6 (id=1250):
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000001200)='./file0\x00', 0x800000, &(0x7f00000004c0)=ANY=[], 0x1, 0x11aa, &(0x7f0000001280)="$eJzs209rI2UcB/Bf/2hramv9V20vPuhFL4PtwVMvRVqQBpS2EVpBmNJUQ2ISMjkk4qFnT74O8ehNEN9A34W3ooheenKWbZZ2W7qH3WUb2P18LvnCNwPPw8DAM8zvbP2n75rHRXac92NyYiKmuxHpPEWKyZiKkZP46O/1/37c3T/Y3qhWN3dS2trYW/0kpbTw3u9f/fDL+3/05778deG3mThd/Prsn7U/T5dOl8/+3/u2UaRGkdqdfsrTYafTzw9b9XTUKJpZSl+06nlRT412Ue9d649bnW53mPL20Xyl26sXRcrbw9SsD1O/k/q9Ycq/yRvtlGVZmq8ET6P283lZlhFl+VK8HGVZlq9EJebi1ZiPhXgtFuP1eCPejLfi7ViKd+LdWL7417jXDQAAAAAAAAAAAAAAAAAAAM8X8/8AAAAAAAAAAAAAAAAAAAAwfub/AQAAAAAAAAAAAAAAAAAAYPzM/wMAAAAAAAAAAAAAAAAAAMD47e4fbG9Uq5s7Kc1G/HUyqA1qo99Rv/VZdfPjdGHx6qp/B4Pa1GW/OurT9X4mKg/6tVv72fjwg1F/v/v08+qNfiWOnv32AQAA4IWQpUu3nu+z7FH9KD30fuDG+X06VqbvbBs8oWL4fTNvteo9QRCEyzDuJxN34eqmj3slAAAAAAAAAAAAPI67+Jxw3HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7rEDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAqwIAAP//DSeWkg==")
open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
mount(&(0x7f0000005440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0xfea7)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0xc, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c6780000335a63bdbcef549ba197fce47ddfdd00000000000000000000a3c5c00c000000a000", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x6]})
prlimit64(0x0, 0xe, 0x0, 0x0)

9m1.664989609s ago: executing program 6 (id=1258):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newlink={0x64, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e22}, @IFLA_GRE_REMOTE={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @loopback}}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x64}, 0x1, 0x0, 0x0, 0x4640}, 0x0)

8m53.746977447s ago: executing program 6 (id=1296):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x7, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f00000002c0)=@x86={0xff, 0x0, 0x3, 0x0, 0xffffffff, 0xe, 0x8, 0xf2, 0xd5, 0x5, 0x6, 0x9, 0x0, 0xc9c, 0x2, 0x8, 0x1, 0x6, 0x9, '\x00', 0x9, 0x7})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m52.500540498s ago: executing program 35 (id=1296):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x7, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f00000002c0)=@x86={0xff, 0x0, 0x3, 0x0, 0xffffffff, 0xe, 0x8, 0xf2, 0xd5, 0x5, 0x6, 0x9, 0x0, 0xc9c, 0x2, 0x8, 0x1, 0x6, 0x9, '\x00', 0x9, 0x7})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m43.946782599s ago: executing program 2 (id=1649):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0xe5c, 0x80000)
r3 = eventfd2(0x4001, 0x800)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r2, 0x7, 0x2, r3})
r4 = eventfd2(0x8, 0x80001)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r4, 0x7, 0x2, r4})

7m42.848849726s ago: executing program 2 (id=1655):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = mq_open(&(0x7f000084dff0)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd', 0x6e93ebbbcc0884f2, 0x100, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)

7m42.06532475s ago: executing program 2 (id=1657):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40a81, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {0x2, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

7m40.973071266s ago: executing program 2 (id=1663):
syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000000)={[{}, {@check_strict}]}, 0x0, 0x54c, &(0x7f0000000540)="$eJzs3M9uG8cZAPBZmXJUFTUKBI0dxYeN04MLNApJ1zKEAAW2q6W0CckldleBfSqCWgqESmmRpEDjmy9uC7QPkWufoKe+UdBjjwmWSzqOLdL/ksiIfz9AmuHutzPfrIgZkOIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhSne63V4Uhvl4/2a8WLpTFqMl5+ft/edbxZJ+Q4ian7C2Fi61hy69+s3pXzS/roSL7aOLYa0p1sKdn77283df7azMr1+S0A9gdZbs8cEnywOj8FX0QyX1/dg7/VbvZuO8KvJRspvFeVXE21tb3Xf2BlU8yIdZdauqs1GcdkJSF2V8Nf1V3NvevhZnm7eK/fHuTjLM5gdvvN3vdrfi9zYnWVJWxfid9zardC8fDvPx7jSmOd3E3GieiO/ndVxnySiOD4+OD649LvcmqPckQf3HBfW7/X6v1+/3tq5vX7/R7XYeOdB9SHgk4qyftJy173D2huczX/8BAACAH69o+h578/p/dfo+fBQG+TDrnnVaAAAAwHdo+p//i00x/TTbpRB5/Q8AAAA/Nn9/7B67avJK9N//hbJcje5Obv4yOkmauOTkXHvduYdbrAed6MKskWmx1Zk9SrPL0ett0Ovz6C9nxeHj8oieIoGNBQmEf4aNNmbjdlvenp9pe1kf5MNsMy2G7/ZCklxYqbOb9V8+PvprmA7/H+PRhSgcHh0fbP7hT8e3p7ncbVq5ezLbQPHIPooluXx2f9/jQyP+om1qtcklmvW73vbbfXD8K+3lK0/R573wRhvzxnpbrn97/GtNn73NRaNfj3423Uz3nCO/Fy63MZevvtUUb109JYv+aVmcnzU+3a33YBbPdC+eIItrS+5FODx6JYTwRFn8ZFEWAGflcNEqdH/9f3jd7TzDXPvN6v7b73F1vxfebGPe3JhOrJ2NU2b07vIZfb7G3j3/rKvbv8OVNubKPHjRGtv0+6/7/bar6nTx/2Jhv9WwHzV/qHOfnfw5vPbp53fePjr58KODjw4+7vevbXV/0+1e74fV6TBmxZJMAXh5ZeWX0Xr9t6gs88nve9vbvaTey+KySN+Py3xnN4vzcZ2V6V4y3s3iSVnURVoMm8oH+U5WxdX+ZFKUdTwoynhSVPnN6Te/xLOvfqmy8OtxnafVZJglVRanxbhO0jreyas0nuz/bphXe1k5vbiaZGk+yNOkzotx3Cn2yzTbjOMqyx4IzHeycZ0P8qY6jidlPkrKW/EHxXB/lMU7WZWW+aQu2gbnfeXjQVGOkjo/FzbP+mYDwAvi08/v/PHD4+ODT56w8v+vWk9z1aO9nj+LoQIAM8tWaQAAAAAAAAAAAAAA4MXwtPv/VFRensrKc7fTeQFGsbAynwROjTnbeQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATvN1AAAA//92jZ2z")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040040)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x9, 0x3})

7m40.402077983s ago: executing program 2 (id=1667):
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x6c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x3c, 0x2, [@TCA_FLOWER_ACT={0x38, 0x3, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x6c}}, 0x24000000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

7m36.790379146s ago: executing program 2 (id=1673):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000dc0)='>', 0x1}], 0x1}, 0x0)
write$cgroup_subtree(r2, 0x0, 0x0)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000002c0)=""/199, 0xc7}], 0x1}, 0x102)

7m34.60235119s ago: executing program 36 (id=1673):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000dc0)='>', 0x1}], 0x1}, 0x0)
write$cgroup_subtree(r2, 0x0, 0x0)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000002c0)=""/199, 0xc7}], 0x1}, 0x102)

5m23.501465614s ago: executing program 9 (id=2177):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4)
connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendto(r0, &(0x7f0000000740)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865d4e29f0bbd0ed602050000000000002944de604d849a1e", 0x5f, 0x4008044, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000000)='}', 0x1)
sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0)

5m22.988466971s ago: executing program 9 (id=2181):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mincore(&(0x7f0000000000/0xc00000)=nil, 0xc00000, &(0x7f0000000140)=""/142)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x5, 0x10, 0x7, 0x50, 0x12, 0x5, 0x4, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x8080000, 0xdddd0000, 0x8, 0x8, 0xb, 0xe4, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0x4000, 0x9, 0x0, 0x42, 0x5, 0x5, 0xb, 0x15, 0x3, 0xff, 0x87}, {0x6000, 0x1, 0xe, 0x5, 0x3, 0x7, 0x0, 0xa, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0xd, 0x6, 0x4, 0x42, 0xb, 0xff, 0x2, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x83, 0xf7, 0x83}, {0x1000, 0xf000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x5000, 0x7}, 0x80000031, 0x0, 0xdddd0000, 0x2024, 0x0, 0x1500, 0x3000, [0x6800000000000000, 0x204, 0x5b, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m21.7577921s ago: executing program 9 (id=2190):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xa002, &(0x7f0000000140)=0x20000, 0x61, 0x5)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

5m21.070649529s ago: executing program 9 (id=2192):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7e9, &(0x7f00000017c0)="$eJzs3c1rHG8dAPDvbF42SauJIGh7CggaKN2YGlsFDxEPIlgo6Nk2bLahZpMt2U1pQqDpQfAiqHgQ9NKzL/UgePXlqv+EeJAW0TRYT7oys7t53d0kbXa3/fXzgck8M/PMPPPN88yzz+4MuwF8sKbTP7mIKxHxwyRisrk+iYiRLDUcsdDI93p3u5hOSdTr3/pnkuX57aWDYyXN+aXmwqcj4o/fi7iWO17qeHNeLq03U7O11Yez1c2t6w9WF5dLy6W1m3Pz8zduffHWzZN7val//2Xr8ssfff1zv14Yjk89/8GfkliIy81te7vbxbc8/AnTMd38n4yk/8IjvnbRhQ1YMugT4I2kl+ZQ4yqPKzEZQ1mqg7e9AAGAd8KTiKgDAB+Y5LTX/yFDBAD4aGl9DrC3u11sTYP9RKK//vHViBhrxN+6v9nYMty8ZzeW3Qed2EuO3BlJImLqAsqfjoif/+47v0yn6NF9SIB2dp425nu7+WP9f5L2f6OnHyHfccvnu+1Wb+w3fWy1/g/65/fp+OdLJ8d/V/cf6BnL/h4b/4zl21y7b+L06z/3osOuZ+ibTpeO/75y6Nm2g/Hf/kNrU0PNpY9lY76R5P6Dcint2z4eETMxkk+X57Ks7Z+Cmnn131edyj88/vvXj7/7i7T8dH6QI/diOB/1xnN5/8vG60uLtcWLiD2L/2nE1eF28Sf749/kSP0v7Ed6p+NRj1bNN778/Z91ypnGn8bbmk7G31v1ZxGfbVv/B3WZdH0+cTZrDrOtRtHGb/7204lO5R/Ufz6bp+W33gv0Q1r/E93jn0pT1c2tlcVyubRePX8Zf342+YdO2w63//bxZ+3/iLT9jybfztKtlvZ4sVZbn4sYTb55cv2Ng31by638afwzn2l//bdv/42+IH1PeG9/qbvhl6O/ah6qbfyZnU7x91Ya/9K56r9Lot7c59im569XhjqVf7b6n89SM801Z+n/TjnTt2jNAAAAAAAAAAAAAAAAAAAAAAAAAHB+uYi4HEmusJ/O5QqFxm94fzImcuVKtXbtfmVjbSmy38qeipFc66suJw99H+pc8/vwW8s3ji1/ISI+ERE/yY9ny4Vipbw06OABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOnS0d//f5LOCoXGtr/nB312AEDPjA36BACAvvP6DwAfnvO9/o/37DwAgP459/v/etKbEwEA+ubMr//3enseAED/uP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAj925fTud6v/Z3S6my0uPNjdWKo+uL5WqK4XVjWKhWFl/WFiuVJbLpUKxstrxQDuNWblSeTgfaxuPZ2ulam22url1d7WysVa7+2B1cbl0tzTSt8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oyqm1sri+VyaV2iS2K8NN45TxIRAz/D0xJpXV/kAYff0ZB3/jqSteuumWPqvWn8o13yJBdZ1vjxNYd7ifFBdE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA74X/BwAA///YTBJy")
syz_clone(0x0, 0x0, 0xfffffffffffffead, 0x0, 0x0, 0x0)
r2 = syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a038, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r3 = fspick(r2, &(0x7f00000004c0)='./bus\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000500)='\x00', &(0x7f0000000540)='ext4\x00', 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELOBJ={0x1c, 0x14, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x44}}, 0x0)

5m19.002388644s ago: executing program 9 (id=2201):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000005c0)=r2, 0x12)
r5 = openat$cgroup_ro(r3, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1, 0x12)

5m18.24371482s ago: executing program 9 (id=2206):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rxrpc_local\x00', r4}, 0x18)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

5m16.093953873s ago: executing program 37 (id=2206):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rxrpc_local\x00', r4}, 0x18)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

12.495498451s ago: executing program 4 (id=3597):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
r1 = eventfd2(0x9, 0x80800)
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f00000000c0)={0x0, r1})
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000440))

11.010969269s ago: executing program 4 (id=3603):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x18, 0x5, 0x9})
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000140)={0xe200000000000000, 0x3000, 0xfffffffffffffffd, 0x2, 0x2})

10.014365345s ago: executing program 4 (id=3610):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
r0 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x29cc, 0x10100}, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000001480)=[{0x0}, {&(0x7f00000002c0)=""/188, 0xbc}], 0x2})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

8.558265787s ago: executing program 4 (id=3616):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000afb000/0x3000)=nil, 0x3000, 0xa, 0x31, 0xffffffffffffffff, 0xb811e000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, 0x0, 0x5, 0x0)

8.381403641s ago: executing program 5 (id=3617):
remap_file_pages(&(0x7f0000d9c000/0x2000)=nil, 0x2000, 0x0, 0x5fd, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, 0x0, 0x405, 0x70bd2b, 0x25dfdbfe, {}, [{{0x8, 0x1, r2}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
io_submit(0x0, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0])
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000540)={0xb0, 0x0, 0x300, 0x70bd28, 0x25dfdbfd, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x240008d5}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x6c, 0x0, 0xb496be12fe179219, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8, 0x1, r2}, {0x50, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40000}, 0x400c0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r6, 0x1, 0x0, 0x25dfdbff, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)

6.980522756s ago: executing program 5 (id=3621):
unshare(0x20000400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="b70000000000000007000000000000009500e200000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd8404a1c700000000d97899514e64e36cad5eba82010b2d149ac02e5f07000000000000000000000000000000000000000000009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0eead478e46c8ca3e4c5d2b3cb4ad48c830e8003c45f5b2dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cde97565d509effc252599b26555355d7955f551df82ea475a711ec56d00000000a89c7533c9955fd63cd00cb83d1228"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x6, 0x4)
setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f00000000c0)=r0, 0x4)

5.659065045s ago: executing program 5 (id=3626):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000b80)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)='v', 0xf4240}], 0x1}], 0x1, 0x8004)
accept4(r1, 0x0, 0x0, 0x800)

5.278246912s ago: executing program 8 (id=3629):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000070000000000000004"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
io_setup(0x5, &(0x7f0000000e80)=<r0=>0x0)
syz_io_uring_setup(0x4, &(0x7f0000000580), &(0x7f0000000080), 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000080)="8c", 0x1}])

5.138744708s ago: executing program 7 (id=3630):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000130d00"/20, @ANYRES32=0x0, @ANYBLOB="d11101000000000008000500", @ANYRES32=r1, @ANYBLOB="140012800c0001006d6163766c616e"], 0x3c}, 0x1, 0x0, 0x0, 0x4004014}, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000540)={'bond0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{0x301}, {0xfffffffd}]}})

4.62925089s ago: executing program 8 (id=3631):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x63ba, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000000)=0x1, 0x54)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback, 0x8}, 0x1c, 0x0}}], 0x1, 0x40000)
recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/129, 0xfffffffffffffcea}, 0x5}], 0x1, 0x40002042, 0x0)

4.425254094s ago: executing program 7 (id=3632):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x2000)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x8000)

4.30897059s ago: executing program 1 (id=3633):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)={0x4c, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x64}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}]}, 0x4c}}, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000080)={0x11, @private=0xa010102, 0x15, 0x0, 'wrr\x00', 0x0, 0x0, 0x2c}, 0x2c)

4.264189036s ago: executing program 8 (id=3634):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0xff, 0x3}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r1, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

4.080262193s ago: executing program 5 (id=3635):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'syzkaller0\x00'})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r4, {0x0, 0xe}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xc, 0x0, 0x1, 0xfc}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
openat$tun(0xffffffffffffff9c, 0x0, 0x102, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, 0x0)
sendmsg$nl_route_sched(r8, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3.854332381s ago: executing program 1 (id=3636):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000180)=""/2, 0x2}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

3.360874666s ago: executing program 4 (id=3637):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa04710, &(0x7f0000000100)={[{@user_xattr}, {@i_version}, {@noblock_validity}, {@abort}, {@mblk_io_submit}, {@data_err_ignore}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@noblock_validity}, {@test_dummy_encryption}, {@bsdgroups}]}, 0x1, 0x453, &(0x7f0000000c40)="$eJzs281vFOUfAPDvzLbw+/HWivgColbR2PjS0oLKwYtGEw+amOgBj7UtBFmooTUR0mg1Bo+GxLvxaOJf4EkvRj2ZeNW7ISHaC+hpzczOlO2yu7R06xb280kGnmfm2T7Pt888O8/MMw2gb41k/yQRuyLit4gYqmdXFxip/3dteXH67+XF6SRqtTf/TPJyV5cXp8ui5ed2FpnRNCL9NCkqWW3+/IXTU9Xq7LkiP75w5r3x+fMXnjl1Zurk7MnZs5PHjh09MvH8c5PPrj2YJGl7aHfW1gMfzh3c/+rbl16fPn7pnZ++yUrvKo43xrERaUN6JAv8r1quudzj3ahsC9ndkE4Gbl6GraESEVl3Debjfygqcb3zhuKVT3raOGBTZdem7e0PL9VaqbTcC9x2kuh1C4DeKC/02f1vuf1HU48t4cqL9Rugq8ni9LXl+lY/MrByLz+4ifeuIxFxfOmfL7MtuvgcAgCgne+y+c/TreZ/adzbUG5PsTY0HBF3RcTeiLg7IvZFxD0Redn7IuL+G2pIO9bfvDR04/wnvXzLwa1BNv97oVjbWj3/W2n3cKXI7c7jH0xOnKrOHi5+J6MxuD3LT3So4/uXf/283bHG+V+2ZfWXc8GiHZcHmh7QzUwtTOWT0i648nHEgYFW8ScrKwFJROyPiAPr+9F7ysSpJ78+2K7QzePvoM0603rUvop4Iuv/WrIUTfGXks7rk+P/i+rs4fHyrLjRz79cfKNd/RuKvwuy/t+x+vxvLjKcNK7Xzq+/jou/f9b2nuZWz/9tyVt5v2wr9n0wtbBwbiJiW/Janl+1f/L6Z8t8WT6Lf/RQ6/G/t/hMVs8DEZGdxA9GxEMR8XDR9kci4tGIONQh/h9feuzdW49/c2Xxz7T8/ls5/5v6f/2Jyukfvm1X/9r6/2ieGi325N9/N7HWBm7kdwcAAAC3izR/Bz5Jx1bSaTo2Vn+Hf1/sSKtz8wtPnZh7/+xM/V354RhMyyddQw3PQyeSpeIn1vOTxbPi8viR4rnxF5X/5/mx6bnqTI9jh363s834z/xR6XXrgE3XhXU04DbVPP47v7IB3Elc/6F/Gf/Qv4x/6F+txv9HTXlrAXBncv2H/mX8Q/8y/qF/Gf/Qlzbyd/0S/ZyIdEs0Y5MSQ1ujGT1M9PqbCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DQAA//82merZ")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0x10)

3.19724541s ago: executing program 7 (id=3638):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)

3.0014322s ago: executing program 8 (id=3639):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x810, &(0x7f00000001c0)={[{@flushoncommit}, {@datasum}, {@max_inline={'max_inline', 0x3d, [0x65, 0x30, 0x37, 0x33, 0x65, 0x36]}}, {@space_cache}, {@nodatasum}, {@nobarrier}, {@notreelog}, {@user_subvol_rm}, {@ssd}, {@noenospc_debug}, {@clear_cache}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@rescan_uuid_tree}, {@nodiscard}, {@max_inline={'max_inline', 0x3d, [0x65, 0x31, 0x36, 0x6d, 0x32, 0x34]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
r0 = open(&(0x7f00000002c0)='.\x00', 0x0, 0x51)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000100)={0x7, 0xffd, 0x1, 0xff, 0x0, 0xfff9, 0x2401})

2.90037755s ago: executing program 1 (id=3640):
setresuid(0x0, 0xee00, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x4, 0xc9, 0x6}}}, 0x8)

2.260521402s ago: executing program 1 (id=3641):
r0 = syz_io_uring_setup(0x12ac, &(0x7f00000002c0)={0x0, 0x7495, 0x0, 0x2, 0x29e}, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$l2tp(0x2, 0x2, 0x73)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f00000000c0)=@in={0x2, 0x4e21, @multicast1}, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.946108076s ago: executing program 5 (id=3642):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)=ANY=[@ANYBLOB="020100000e000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000005000500000000000a00000000000000fe8092d59736ee0f2c880000000000bb0000000000ebff000200130003"], 0x70}}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffffffffffc, 0x0, 0x0, 0x1000000000}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x3c}, 0xa, @in=@multicast2, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffff, 0x1001}}, 0xe8)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

1.187370032s ago: executing program 8 (id=3643):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0xe}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xc, 0x0, 0x1, 0xfc}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
openat$tun(0xffffffffffffff9c, 0x0, 0x102, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r7)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

1.157364848s ago: executing program 7 (id=3644):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x200000, 0x10)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8)

929.394008ms ago: executing program 4 (id=3645):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
r1 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x14, &(0x7f0000000000), 0x4)

759.312719ms ago: executing program 1 (id=3646):
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0)
sigaltstack(&(0x7f0000000480)={&(0x7f0000002080)=""/4140, 0x0, 0x102c}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

530.272461ms ago: executing program 7 (id=3647):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000003c0)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x1, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x18}}}}}}}, 0x0)

337.788305ms ago: executing program 5 (id=3648):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x4, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@mcast2, 0x2, 0x2b}, 0xa, @in6=@empty, 0x0, 0x4, 0x2}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

70.528788ms ago: executing program 1 (id=3649):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000600)='cpuacct.usage\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000080)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x38)

7.345866ms ago: executing program 7 (id=3650):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x40, @tick, {0x40, 0xff}, {0x12, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @tick=0x5f6, {0x3}, {0x80, 0x1}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)
read$snapshot(r1, 0x0, 0xffffffbf)
ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000140))

0s ago: executing program 8 (id=3651):
r0 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1}}}], 0x20}, 0x4008804)
sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f00000002c0)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000180)=[{&(0x7f0000002800)="3282db78e0ea55c52d87bc2a166b9e46818f5faca0b3a411e056b7928ccacd30019d925e47ecd2f92675d1d80000000000000004007d002ae359e2b5d768e71db355cf220bb96b7a64e1d2629c3e21c5decd0e2e6f107e35a8081587d3dc42a0bc0d0c5e85c355c9cbadd6e8f8014acb52d24b961a3989d5102d540829ad660fdca299e7e74a71ed264d75a3e1dfb8331f1b441972bc5941fa418cfee6139c15eda91b1ecf8887e108b15c4c7505c31efe205c875a7c854aa65bcc2e04ea6739f968547df4ae455ecd6b0566ef52705630df27d81e2a544ecc09f8c73cec559d206644acdc56c717e19f04613456b8d7a386c0a700c032d0165c3b3f5716aa7f24e6fca522f91350793d13ba7f887e7b48cd3e6e41139d0deb8de9aeac59bf750ce0000000000000000000000000f18d233cdc36efdead60d008963851bc819e1b4551b3f13bbf6c18ea0165c66f5261c9ec61f0914c6ffb8506596b61392aa5d906994608b36096a2f5c0f3fef95bf6ddb78c8d07eee5e815c9a2a3d21a054e6fd032be118e9a3f4d016db35b5048e20f1859680e5571822934769e6f9361babb4766dc073d1dabfb220daa1cf4e7206b2b8aa7b55d1396273690ec7a8d36ffbfe2a68a9547758d3ece744be07d320147c0e92e0b63f9b86ec19670ea43b7f596b347d8b9116506356d0279d21f6a0cab3056c27dec074e8dac12c1d99afcd84f82a47a0cb5093c7a221f7fb624e2f6e9eeca4e5050fc3be50bbdc62d41333b4243336a5590e49658a10b5c8624eb2410d68e64f230fdcf4689495c0bf62403c2eaad20d1d8fb185ebefac64aa0eb1d36ccacf61ec28b4ec24dba53b21ed5c5f727cccb0d614884908957138d2c30560e88f128af21ccc9fd64d229f35b2f76d0ee9e25f9e4390a55a8600449774ca116e3ba523c9c5d39abcf09a36127c17fc6194711f20307ead0d5bbbe2aa3f677156b8856411a8045159df771ac3e3d5828e359c24a59d65e92f4112fb6825536751f82e9d55e89853a03c693d418c4d2cccb61c6f60ad304a68d15fc20edaec9af4725f47c8e1724cffbd1716a7873716d278ee6f150", 0x306}, {&(0x7f0000002b40)="da752f575198baaac222d34e85893d37a6bd281687872ed9151c56f415698f3fecf56eebf5edb42ed5d54e0419b2a13128d3ad19b6eed6b450aad46baaa57203e0d4f567d8d79fe07e7b3142de43e55cf69c65db2469175cf60c82f49d0f9dc4c4dde733a14d57f4117ed2f46aea5950ff0176d73349c2808eee62ce1c7d846ffdf65211f3192dabe5b3ac1516ad90e618d0ca9e4ac2778acabeac244f2f90af2616647e5cf8ab5e2ac404ebf2a866c8a73f68ae2cc4523e63e3a1aa5ab60a23e4c47534bda546042120c5333d91fefc68226bc9149d282937797a2fe036a58c9ecd19e54bcfb85d3f75ec7c74d86be94ef6b9191e0fa86d2a9330af3f592e24bc30b84632e5121bf04abc0e12f4073f6678ad97b786cc73b8175e35eda542e3631d283a3ca6fef91607ec7dee1b4a62bae169cc8fb64e8bdef95474f0b3c526f69ce55281e18016a4785875ba99e313fd63f66cfd36234bcc6048f25bce8cce39cf709eb10e1ea88497ff7401aae0d4a7e07f14691b6c4b75dc16e2586744317ffbb9966d8bfb16efcdf6ab308426e5c1aec6a6636122ffaca89af3b03834612b93989d0bbb251a42c1b48b86ac7162ad8d5cbf3d6cfccdc590724ff6caa85320f9d5beea2370b8c0533c19422c9097a7164651ad9d8f9cca4ea7815e53fd9c42eab1cb76b451cd3b18cf31c16d01731efd1506b844f52d2f173c825a7f8814ada5f6361a48f20250df6b98965d0c85f3df3b72b2ac49f3ed52e6fa30d7d3d54d95e8bd13ec2ed4883feb3b778d624ff0c1a3ec900671acd0ff00edc7b96d1cad51fba25565c67ce0e62302dbff8f68c0de8330c44704b2f019a7afc753538ed61f3744f286735af18a8f5e7ae3fd66e4562565b31a9e5d947a06ea69ee5f0ea97d2e832e1bbc9e74498a2f99473ef8822ad0254013fefff6c4c35d84072307633de00985a6477ff6480e75171a50", 0x2af}], 0x2}, 0x8400)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x80, @local}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000000640)="455b1c1ed5900423c15445e625bc121395a1ca64b3dd6f8aeb723872f617d717a26bf00271b580f6822a2c6896c756f9884b052d314f2a0e782a11c793063457ccd878782b6599e2c51e40ed5142e32cf8b07a76201b7644ac62f011223e925d8565cde47b522a9b86be7847318bfeaf58de2c6a1aebf00c39a22ec6de373ec332917b7586bf8298180eb89831e03feae224ca839e8ca7041056cb9ed42abcd994", 0xa1}, {&(0x7f0000000800)="7e24225d7d1bf3f2c2e3350446b32bcc9a579c864b87c0b26e9513f1a964562cd0fb40e07a028a9e4a8509c6183dc2c51a7f307806ce093fad8f167b3f1656081a0f4b15e021952a5e40d65779b924ed3fd175df8673c7544e9e3b11bc621acae054258215e76d7f16569f3436c00fcc7c6c154f87afc22e0ad2a3737a8f6e1cdf815f357d0b10e57e633006dd00e8cc5c66ddb415a93124d45ef1e687b1e29d9fb742d4f8b91f69854f7ba2eaec1b2782a4807fba2fc86bb82f320faa5da21794d4e6b2795f823dd429c33bb5a117ec441e28", 0xd3}, {&(0x7f0000003ac0)="2a53cd0770cb56176efb16f6bf334dfef1f5138261dd4641915d3f662d3e6212d68f8d4858c19d4cbbf02e016a68afaf64659aff236eaa40ce011e346911d56e41edb29a99f36bc3f3079676185bb9ed6e4d64515fa6e044d944f125c1361526d3fec0c10665e67591c7c8decc2fea5b5d7bfd31a001598bf9e38f888e20277e4dd0b162bc875a663cb089875eab632120f0c0fe060af1b786c841d40016ee27ca43c8b074c156f4035ed224b1d27955ab4165a7a5a489a1c415aadfd8b9bc807cb827560958776e4c9e809428d14f99b3370d9e092e43087b85838e48a9f27a29e96217afdf21ed539d0861bb72e99cfe6e1f3f0ed26bf7451d40f524e2fcd31da1e66facc779f8f9c9feb51666c11e33ed855e83e5511599061325ae57642d3edcd7374de47cd2e9956d9532cc138dcfaf24f0b12c3fc26f186d49f55d2b93e469ac4d2aef0801dc544ca6f41b806a81339717f1c6c46703d3829801b6a53ff73565a11424c16074524ac02e01e4a43c4f3ed6170e7ff5c0a7a7ea74f78e2a31b5f4b7558e402b01d969034fe36fc5b95e8d137d8668ae8cbfc671f4dec2b9c15527800ed2875ecdd550f1962e20c1cb3ebd581e91a1d75439dbde359750dc85b21f65907200ef7e782a5410fc8e1a72623fd839a6f82eb020973ab492569f145621f9ba31b0e889fb3fb257b36222ac3893bfbac673f5d4061667e4f946135f3a23c057fa178a1ffbc8911bde08bb7229a411b4cbe809ff63e10870a9e5a15ff97f3b7726c7f3d3090ecfc6e59d2297a51141381fc2d52de860ce5d90382326aaf013e05548c07ca6c508143d7c1d2075ea08ac37f8c5c6ee3ced89dc11abbd4e3a07e248de32621ac942cb4eb597340ab7c67f5a6652bdb4b977fe9114bb33ca989797b55b3ae5eea8125323a6f390ccb51826ffce0e2c200dd2152452b1b36cf92707e94a5cb62236dfccaecc300725a68627ee1660a3bffa1228ab55f3bf8c00c4bd0406339e1d17a80d1ff3ae5883e3bf66e9fdfad30e01b974387adbeb23c5fc60940d35de39a8f5e517b47790d5552804abe836b0cbcf3fc846db2d6574e9088110bb7754a72ac83a5d4ef254c5e1c965e19cdb9fc9daa14ad75e84749980ad6a2b3934a77ff80adac04299d86c988969bb2e437856985678b95fc70cfabcc0205a0d167235491c41472c369145e9fee64b4d8ddebd9ceaea11119abf06e496d02630f28fc5a352544afb449943adbeed345d77397640789a307bf4730c4204abfb2c4fe82b49eb43111ee36a58bb49c4d678cb5353389e6f7eb68b5d3c19df072e01ab6379c602ee958fd4e44a83ebedcb504e2f39bb379571edc4666dc6bbabe84f8bb3ed7f29130d4f9242fe6217d23dfac7da46078ca09c4a24634d3b384ea715fed43d11509de3fd343a78364382c9439af4a5ab9dd3a7d175ccb75663fa8c0ab50c00bc666ee907a76b23cd079a22e70fb130855f608a3ad4a4742a713b66d01a54ca1eeb9dd8f2d1e6b472ba54625aea553fb9ac", 0x43c}], 0x3}, 0x0)
recvmsg(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/4096, 0x1000}], 0x1}, 0x40010040)

kernel console output (not intermixed with test programs):

] type 2 family 0 port 20000 - 0
[  636.550982][T11045] loop8: detected capacity change from 0 to 32768
[  636.700264][T11045] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  636.991342][T11045] XFS (loop8): Ending clean mount
[  637.008314][T11045] XFS (loop8): Quotacheck needed: Please wait.
[  637.067780][T11045] XFS (loop8): Quotacheck: Done.
[  637.659240][ T9822] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  638.823087][T11092] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  639.324319][T11101] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  639.845725][T11107] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  640.332821][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  640.341993][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  640.393028][ T6861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  640.402829][ T6861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  642.787968][T11154] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1773'.
[  645.093356][ T1864] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  645.277619][ T1864] usb 9-1: Using ep0 maxpacket: 16
[  645.330636][ T1864] usb 9-1: config 0 has an invalid interface number: 41 but max is 0
[  645.339268][ T1864] usb 9-1: config 0 has no interface number 0
[  645.345608][ T1864] usb 9-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  645.356261][ T1864] usb 9-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  645.367103][ T1864] usb 9-1: config 0 interface 41 has no altsetting 0
[  645.432995][ T1864] usb 9-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  645.442842][ T1864] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  645.451330][ T1864] usb 9-1: Product: syz
[  645.455722][ T1864] usb 9-1: Manufacturer: syz
[  645.461022][ T1864] usb 9-1: SerialNumber: syz
[  645.499109][ T1864] usb 9-1: config 0 descriptor??
[  645.507540][T11191] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  645.515341][T11191] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  645.845924][T11191] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  645.877583][T11191] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  646.574518][ T1864] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  646.982503][T11213] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1798'.
[  647.894860][ T1864] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): Error reading RX_CTL register:ffffffb9
[  647.947824][ T1864] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0000:ffffffb9
[  647.960696][ T1864] CoreChips 9-1:0.41: probe with driver CoreChips failed with error -71
[  648.040761][ T1864] usb 9-1: USB disconnect, device number 4
[  648.338972][T11230] loop9: detected capacity change from 0 to 512
[  648.408874][T11230] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  648.733857][T10864] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.372519][T11250] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1810'.
[  649.781111][T11257] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1811'.
[  652.190602][T11281] overlayfs: failed to clone upperpath
[  653.328398][T11293] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1823'.
[  655.130359][   T30] audit: type=1326 audit(1764326847.147:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11316 comm="syz.4.1832" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f83cd98f749 code=0x0
[  660.381951][T11419] netlink: 'syz.7.1843': attribute type 39 has an invalid length.
[  660.410738][T11419] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.472214][T11421] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1844'.
[  660.582808][T11419] bridge_slave_0 (unregistering): left allmulticast mode
[  660.590402][T11419] bridge_slave_0 (unregistering): left promiscuous mode
[  660.598034][T11419] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.408690][T11437] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1849'.
[  662.355127][T11452] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  662.355341][T11452] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  662.355533][T11452] comedi comedi3: 8255: I/O port conflict (0x16,4)
[  662.355723][T11452] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  662.355912][T11452] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  662.356108][T11452] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  662.356298][T11452] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  662.356804][T11452] comedi comedi3: 8255: I/O port conflict (0xe,4)
[  662.357009][T11452] comedi comedi3: 8255: I/O port conflict (0xfd,4)
[  662.357201][T11452] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  662.357393][T11452] comedi comedi3: 8255: I/O port conflict (0xffffffffffffffff,4)
[  662.357594][T11452] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  662.357787][T11452] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  662.357982][T11452] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  662.358171][T11452] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  662.358359][T11452] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4)
[  662.358561][T11452] comedi comedi3: 8255: I/O port conflict (0x7f,4)
[  665.200496][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  665.208068][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  665.835315][ T9823] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  665.874438][T11490] fuse: Unknown parameter 'f0x000000000000000400000000000000000000'
[  667.217633][ T9823] Bluetooth: hci3: command 0x0406 tx timeout
[  668.039769][T11527] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1883'.
[  668.298025][T11528] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1883'.
[  670.437405][T11550] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1891'.
[  672.162847][T11571] tipc: Enabled bearer <udp:s>, priority 10
[  672.416198][T11576] netlink: 232 bytes leftover after parsing attributes in process `syz.7.1902'.
[  673.621435][ T5860] tipc: Node number set to 10005162
[  673.769031][T11586] loop9: detected capacity change from 0 to 32768
[  673.992014][T11586] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  674.471550][T11586] XFS (loop9): Ending clean mount
[  674.484438][T11586] XFS (loop9): Quotacheck needed: Please wait.
[  674.583639][T11586] XFS (loop9): Quotacheck: Done.
[  674.858822][T10864] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  675.220268][T11604] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1911'.
[  675.352240][T11604] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1911'.
[  676.277646][T11618] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1914'.
[  676.768370][T11623] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  676.775782][T11623] overlayfs: failed to set xattr on upper
[  676.782058][T11623] overlayfs: ...falling back to redirect_dir=nofollow.
[  676.789383][T11623] overlayfs: ...falling back to index=off.
[  676.795425][T11623] overlayfs: conflicting lowerdir path
[  677.856207][T11638] IPVS: Scheduler module ip_vs_ not found
[  677.887951][T11646] IPVS: length: 24 != 12792
[  678.456761][T11651] overlayfs: failed to clone upperpath
[  678.897901][ T5860] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  679.096882][ T5860] usb 9-1: Using ep0 maxpacket: 32
[  679.181224][ T5860] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  679.191865][ T5860] usb 9-1: config 0 has no interfaces?
[  679.197856][ T5860] usb 9-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  679.208921][ T5860] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.341186][ T5860] usb 9-1: config 0 descriptor??
[  681.335149][T11689] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1938'.
[  681.929775][T11692] sctp: [Deprecated]: syz.5.1940 (pid 11692) Use of struct sctp_assoc_value in delayed_ack socket option.
[  681.929775][T11692] Use struct sctp_sack_info instead
[  682.025614][ T6133] usb 9-1: USB disconnect, device number 5
[  682.581014][T11706] netlink: 'syz.8.1943': attribute type 1 has an invalid length.
[  682.717200][T11706] 8021q: adding VLAN 0 to HW filter on device bond1
[  683.069454][T11708] bond1: (slave veth3): Enslaving as an active interface with a down link
[  683.087332][T11706] bond1: entered allmulticast mode
[  685.259977][ T9369] libceph: connect (1)[c::]:6789 error -101
[  685.266388][ T9369] libceph: mon0 (1)[c::]:6789 connect error
[  685.348084][T11742] ceph: No mds server is up or the cluster is laggy
[  686.142854][T11755] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1959'.
[  686.626096][T11763] overlayfs: failed to clone upperpath
[  686.690211][T11763] overlayfs: failed to clone upperpath
[  688.265531][T11777] loop9: detected capacity change from 0 to 2048
[  691.907182][T11823] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1983'.
[  693.452191][T11827] loop9: detected capacity change from 0 to 32768
[  693.532694][T11827] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  693.541427][T11827] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  693.621438][T11827] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  693.635434][ T9369] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  693.642742][ T9369] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  693.932869][ T9369] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 290ms
[  693.944397][ T9369] gfs2: fsid=syz:syz.0: jid=0: Done
[  693.951018][T11827] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  694.232190][   T30] audit: type=1804 audit(1764326896.263:198): pid=11838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1987" name="file0" dev="tmpfs" ino=2427 res=1 errno=0
[  694.360179][T11827] gfs2: fsid=syz:syz.0: found 1 quota changes
[  694.372749][T11844] netlink: 1319 bytes leftover after parsing attributes in process `syz.5.1990'.
[  694.732155][T11836] loop8: detected capacity change from 0 to 8192
[  694.760604][T10864] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 404
[  694.777578][T10864] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1
[  694.788758][T10864] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:10864 [syz-executor] gfs2_quota_sync+0x660/0xae0
[  694.801137][T10864] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  694.811481][T10864] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  694.872513][ T9369] libceph: connect (1)[c::]:6789 error -101
[  694.882241][ T9369] libceph: mon0 (1)[c::]:6789 connect error
[  694.948570][ T9369] libceph: connect (1)[c::]:6789 error -101
[  694.955124][ T9369] libceph: mon0 (1)[c::]:6789 connect error
[  695.178559][ T9369] libceph: connect (1)[c::]:6789 error -101
[  695.186737][ T9369] libceph: mon0 (1)[c::]:6789 connect error
[  695.268377][ T9369] libceph: connect (1)[c::]:6789 error -101
[  695.275016][ T9369] libceph: mon0 (1)[c::]:6789 connect error
[  695.480913][T11846] ceph: No mds server is up or the cluster is laggy
[  695.512580][T11847] ceph: No mds server is up or the cluster is laggy
[  696.124752][ T9822] FAT-fs (loop8): error, invalid access to FAT (entry 0x0000e1b1)
[  696.133563][ T9822] FAT-fs (loop8): Filesystem has been set read-only
[  697.249903][T11875] netlink: 'syz.4.2001': attribute type 1 has an invalid length.
[  697.280511][T11879] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2000'.
[  697.453048][T11875] bond4: (slave gretap1): making interface the new active one
[  697.463672][T11875] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  697.881551][T11889] overlayfs: failed to clone upperpath
[  700.029103][T10864] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  700.038521][T10864] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  700.045492][T10864] gfs2: fsid=syz:syz.0: File system withdrawn
[  700.052153][T10864] CPU: 0 UID: 0 PID: 10864 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  700.052345][T10864] Tainted: [W]=WARN
[  700.052399][T10864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  700.052491][T10864] Call Trace:
[  700.052546][T10864]  <TASK>
[  700.052603][T10864]  __dump_stack+0x26/0x30
[  700.052788][T10864]  dump_stack_lvl+0x1df/0x270
[  700.052978][T10864]  dump_stack+0x1e/0x25
[  700.053138][T10864]  gfs2_withdraw+0x1ec1/0x2020
[  700.053298][T10864]  ? __pfx_autoremove_wake_function+0x10/0x10
[  700.053550][T10864]  gfs2_consist_inode_i+0x1a9/0x240
[  700.053743][T10864]  inode_go_instantiate+0x12f9/0x1e90
[  700.053925][T10864]  ? kmsan_get_metadata+0xfb/0x160
[  700.054094][T10864]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  700.054341][T10864]  ? __pfx_inode_go_instantiate+0x10/0x10
[  700.054501][T10864]  gfs2_instantiate+0x24f/0x4b0
[  700.054690][T10864]  gfs2_glock_wait+0x26a/0x3b0
[  700.054890][T10864]  gfs2_glock_nq+0x16ba/0x2f40
[  700.055061][T10864]  ? kmsan_get_metadata+0xfb/0x160
[  700.055233][T10864]  ? kmsan_get_metadata+0xfb/0x160
[  700.055436][T10864]  do_sync+0x6c4/0x1610
[  700.055632][T10864]  ? gfs2_quota_sync+0x660/0xae0
[  700.055877][T10864]  ? kmsan_get_metadata+0xfb/0x160
[  700.056035][T10864]  ? gfs2_quota_sync+0x660/0xae0
[  700.056249][T10864]  gfs2_quota_sync+0x660/0xae0
[  700.056492][T10864]  gfs2_sync_fs+0x57/0x100
[  700.056670][T10864]  ? __pfx_gfs2_sync_fs+0x10/0x10
[  700.056874][T10864]  sync_filesystem+0x131/0x3c0
[  700.057019][T10864]  ? shrink_dcache_for_umount+0xf9/0x210
[  700.057213][T10864]  generic_shutdown_super+0x8d/0x4b0
[  700.057429][T10864]  kill_block_super+0x42/0xd0
[  700.057577][T10864]  gfs2_kill_sb+0x4aa/0x580
[  700.057765][T10864]  ? __pfx_gfs2_kill_sb+0x10/0x10
[  700.057924][T10864]  deactivate_locked_super+0xcb/0x3c0
[  700.058136][T10864]  deactivate_super+0x12f/0x140
[  700.058334][T10864]  cleanup_mnt+0x6fb/0x780
[  700.058486][T10864]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  700.058737][T10864]  ? __pfx___cleanup_mnt+0x10/0x10
[  700.058904][T10864]  __cleanup_mnt+0x22/0x30
[  700.059057][T10864]  task_work_run+0x209/0x2b0
[  700.059232][T10864]  exit_to_user_mode_loop+0x2d1/0x370
[  700.059409][T10864]  do_syscall_64+0x1e3/0xfa0
[  700.059605][T10864]  ? irqentry_exit+0x16/0x60
[  700.059793][T10864]  ? clear_bhb_loop+0x40/0x90
[  700.059956][T10864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.060118][T10864] RIP: 0033:0x7fc8cfb90a77
[  700.060233][T10864] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  700.060368][T10864] RSP: 002b:00007ffe5a722a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  700.060513][T10864] RAX: 0000000000000000 RBX: 00007fc8cfc13d7d RCX: 00007fc8cfb90a77
[  700.060615][T10864] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe5a722b40
[  700.060710][T10864] RBP: 00007ffe5a722b40 R08: 0000000000000000 R09: 0000000000000000
[  700.060811][T10864] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe5a723bd0
[  700.060910][T10864] R13: 00007fc8cfc13d7d R14: 00000000000a98f0 R15: 00007ffe5a723c10
[  700.061053][T10864]  </TASK>
[  703.276623][T11910] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2014'.
[  703.305545][T11910] gtp0: entered promiscuous mode
[  706.114481][T11895] Set syz1 is full, maxelem 65536 reached
[  706.178263][T11928] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2017'.
[  708.829271][T11955] loop8: detected capacity change from 0 to 32768
[  708.860320][T11955] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.2024 (11955)
[  708.885469][T11955] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  708.896289][T11955] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[  709.132333][T11955] BTRFS info (device loop8): enabling ssd optimizations
[  709.139958][T11955] BTRFS info (device loop8): turning on async discard
[  709.147223][T11955] BTRFS info (device loop8): enabling free space tree
[  709.317030][T11981] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2029'.
[  709.410552][T11983] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2029'.
[  709.678847][ T9822] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  711.299569][T12001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  711.501131][T12001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  711.709953][T12001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  713.231085][T12022] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2043'.
[  715.079059][T12053] loop8: detected capacity change from 0 to 64
[  716.073048][T12067] netlink: 1347 bytes leftover after parsing attributes in process `syz.9.2062'.
[  716.447224][ T6133] usb 9-1: new low-speed USB device number 6 using dummy_hcd
[  716.627919][ T6133] usb 9-1: config 7 has an invalid interface number: 30 but max is 0
[  716.636704][ T6133] usb 9-1: config 7 has no interface number 0
[  716.643016][ T6133] usb 9-1: config 7 interface 30 has no altsetting 0
[  716.701885][ T6133] usb 9-1: string descriptor 0 read error: -22
[  716.709250][ T6133] usb 9-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=10.9c
[  716.718803][ T6133] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  716.760235][ T6133] usb_ehset_test 9-1:7.30: probe with driver usb_ehset_test failed with error -32
[  717.014890][T12072] loop8: detected capacity change from 0 to 512
[  717.039511][T12072] EXT4-fs: Ignoring removed mblk_io_submit option
[  717.046782][T12072] EXT4-fs: inline encryption not supported
[  717.053207][T12072] EXT4-fs: Ignoring removed mblk_io_submit option
[  717.131838][T12072] EXT4-fs (loop8): Test dummy encryption mode enabled
[  717.139802][T12072] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  717.214642][T12072] EXT4-fs (loop8): 1 truncate cleaned up
[  717.223419][T12072] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  717.517818][T12072] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  718.024850][T12086] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000.
[  718.074801][ T6133] usb 9-1: USB disconnect, device number 6
[  719.867616][ T9822] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.819379][ T9823] Bluetooth: hci1: command 0x0406 tx timeout
[  726.639356][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  726.646206][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  728.507338][T12164] loop8: detected capacity change from 0 to 4096
[  728.570177][T12164] EXT4-fs (loop8): Test dummy encryption mode enabled
[  728.612056][T12164] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  728.919384][T12164] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  729.454904][ T9822] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.026148][T12194] netlink: 9 bytes leftover after parsing attributes in process `syz.7.2102'.
[  731.152117][T12194] netlink: 9 bytes leftover after parsing attributes in process `syz.7.2102'.
[  734.867131][ T9369] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  735.057203][ T9369] usb 10-1: Using ep0 maxpacket: 16
[  735.111109][T12244] loop8: detected capacity change from 0 to 4096
[  735.255761][T12248] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  735.347568][   T30] audit: type=1800 audit(1764326937.373:199): pid=12244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2118" name="file2" dev="loop8" ino=16 res=0 errno=0
[  736.460012][ T9369] usb 10-1: unable to get BOS descriptor or descriptor too short
[  736.471310][ T9369] usb 10-1: unable to read config index 0 descriptor/start: -71
[  736.479460][ T9369] usb 10-1: can't read configurations, error -71
[  738.883745][T12278] netlink: 'syz.7.2128': attribute type 39 has an invalid length.
[  740.177992][T12307] batadv_slave_1: entered promiscuous mode
[  740.220673][T12304] batadv_slave_1: left promiscuous mode
[  740.393232][T12310] netlink: 'syz.8.2138': attribute type 10 has an invalid length.
[  740.402474][T12310] team0: Device dummy0 is up. Set it down before adding it as a team port
[  741.700832][T12329] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2144'.
[  741.714003][T12329] bridge0: port 2(bridge_slave_1) entered disabled state
[  741.722765][T12329] bridge0: port 1(bridge_slave_0) entered disabled state
[  741.984436][T12333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  742.098475][T12336] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2147'.
[  742.128739][T12333] batman_adv: batadv0: Removing interface: batadv_slave_0
[  742.238351][T12338] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2147'.
[  742.385784][T12340] erspan0: entered promiscuous mode
[  742.405661][T12340] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2146'.
[  742.420895][ T4209] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  742.440290][T12336] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2147'.
[  742.458751][T12338] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2147'.
[  742.479418][ T4209] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  743.118061][T11378] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  743.732827][T11378] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  744.017261][T12092] Bluetooth: hci1: command 0x0406 tx timeout
[  744.171701][T12357] xt_TCPMSS: Only works on TCP SYN packets
[  744.286765][ T5856] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  744.534775][ T5856] usb 9-1: Using ep0 maxpacket: 32
[  744.588624][ T5856] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  744.600661][ T5856] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  744.611013][ T5856] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  744.620790][ T5856] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.834995][ T5856] usb 9-1: config 0 descriptor??
[  745.263863][T12360] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2155'.
[  745.331919][ T5856] savu 0003:1E7D:2D5A.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0
[  745.555562][ T5856] usb 9-1: USB disconnect, device number 7
[  745.860393][T12369] lo: entered allmulticast mode
[  745.888872][T12369] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2159'.
[  746.205758][T12368] lo: left allmulticast mode
[  747.605876][T12399] loop9: detected capacity change from 0 to 1764
[  747.906701][T12404] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2170'.
[  747.982909][T12404] 8021q: adding VLAN 0 to HW filter on device bond2
[  748.110597][T12404] bond2: entered allmulticast mode
[  748.195981][T12404] ip6gretap1: entered allmulticast mode
[  748.207076][T12404] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  749.001310][T12425] netlink: 'syz.5.2179': attribute type 4 has an invalid length.
[  749.059861][T12429] netlink: 'syz.5.2179': attribute type 4 has an invalid length.
[  750.008400][T12445] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2186'.
[  750.893528][T12455] netlink: 'syz.8.2191': attribute type 4 has an invalid length.
[  751.924380][T12457] loop9: detected capacity change from 0 to 2048
[  752.075303][T12457] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  752.298507][T12469] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  752.325990][T12469] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  752.339936][T12469] EXT4-fs (loop9): This should not happen!! Data will be lost
[  752.339936][T12469] 
[  752.351341][T12469] EXT4-fs (loop9): Total free blocks count 0
[  752.357925][T12469] EXT4-fs (loop9): Free/Dirty block details
[  752.364040][T12469] EXT4-fs (loop9): free_blocks=2415919104
[  752.370701][T12469] EXT4-fs (loop9): dirty_blocks=16
[  752.376023][T12469] EXT4-fs (loop9): Block reservation details
[  752.382423][T12469] EXT4-fs (loop9): i_reserved_data_blocks=1
[  752.640957][T12457] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000900.
[  753.145687][T10864] EXT4-fs error (device loop9): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 11
[  753.193112][T10864] EXT4-fs error (device loop9): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 11
[  753.289919][T12469] syz.9.2192 (12469) used greatest stack depth: 3088 bytes left
[  753.984100][T12489] pim6reg99999999: entered allmulticast mode
[  754.064500][T12491] hugetlbfs: syz.8.2205 (12491): Using mlock ulimits for SHM_HUGETLB is obsolete
[  754.124334][T11374] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.545184][T11374] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.802361][T11374] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  755.078002][T11374] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  755.581382][T11374] bridge_slave_1: left allmulticast mode
[  755.587631][T11374] bridge_slave_1: left promiscuous mode
[  755.594370][T11374] bridge0: port 2(bridge_slave_1) entered disabled state
[  755.609756][T11374] bridge_slave_0: left allmulticast mode
[  755.615661][T11374] bridge_slave_0: left promiscuous mode
[  755.623109][T11374] bridge0: port 1(bridge_slave_0) entered disabled state
[  756.102967][T11374] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  756.228679][T11374] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  756.273719][T11374] bond0 (unregistering): Released all slaves
[  756.884814][T12092] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  756.894634][T12092] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  756.907613][T12092] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  756.921753][T12092] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  756.928319][T11374] hsr_slave_0: left promiscuous mode
[  756.935333][T12092] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  756.963752][T11374] hsr_slave_1: left promiscuous mode
[  756.972438][T11374] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  756.980480][T11374] batman_adv: batadv0: Removing interface: batadv_slave_0
[  757.041347][T11374] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  757.049432][T11374] batman_adv: batadv0: Removing interface: batadv_slave_1
[  757.088266][T11374] veth1_macvtap: left promiscuous mode
[  757.094050][T11374] veth0_macvtap: left promiscuous mode
[  757.100287][T11374] veth1_vlan: left promiscuous mode
[  757.105820][T11374] veth0_vlan: left promiscuous mode
[  758.080807][T11374] team0 (unregistering): Port device team_slave_1 removed
[  758.120894][T11374] team0 (unregistering): Port device team_slave_0 removed
[  758.454062][T12532] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  758.463705][T12532] ref_ctr increment failed for inode: 0xa83 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88811692b000
[  758.478390][   T30] audit: type=1804 audit(1764326960.483:200): pid=12532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2220" name="file0" dev="tmpfs" ino=2691 res=1 errno=0
[  758.553332][T12518] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  759.067746][T12092] Bluetooth: hci1: command tx timeout
[  759.253885][T12544] overlayfs: failed to clone upperpath
[  759.340562][T12542] syz_tun (unregistering): left allmulticast mode
[  759.860084][T12549] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  759.867546][T12549] overlayfs: failed to set xattr on upper
[  759.873457][T12549] overlayfs: ...falling back to redirect_dir=nofollow.
[  759.880837][T12549] overlayfs: ...falling back to metacopy=off.
[  759.887212][T12549] overlayfs: ...falling back to index=off.
[  759.893193][T12549] overlayfs: ...falling back to uuid=null.
[  759.918096][T12510] chnl_net:caif_netlink_parms(): no params data found
[  761.024084][   T30] audit: type=1326 audit(1764326963.053:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12562 comm="syz.4.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83cd98f749 code=0x7fc00000
[  761.082987][T12561] loop8: detected capacity change from 0 to 4096
[  761.091281][T12569] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2231'.
[  761.100790][T12569] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2231'.
[  761.110164][T12569] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2231'.
[  761.119748][T12569] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2231'.
[  761.136900][T12092] Bluetooth: hci1: command tx timeout
[  761.205653][T12510] bridge0: port 1(bridge_slave_0) entered blocking state
[  761.213582][T12510] bridge0: port 1(bridge_slave_0) entered disabled state
[  761.221733][T12510] bridge_slave_0: entered allmulticast mode
[  761.233217][T12510] bridge_slave_0: entered promiscuous mode
[  761.257509][T12571] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  761.261453][T12510] bridge0: port 2(bridge_slave_1) entered blocking state
[  761.277662][T12510] bridge0: port 2(bridge_slave_1) entered disabled state
[  761.285593][T12510] bridge_slave_1: entered allmulticast mode
[  761.295905][T12510] bridge_slave_1: entered promiscuous mode
[  761.503212][T12510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  761.528063][T12510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  761.751906][   T30] audit: type=1326 audit(1764326963.763:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12562 comm="syz.4.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f83cd98f749 code=0x7fc00000
[  761.793897][T12510] team0: Port device team_slave_0 added
[  761.821681][T12510] team0: Port device team_slave_1 added
[  761.959546][T12510] batman_adv: batadv0: Adding interface: batadv_slave_0
[  761.966811][T12510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  761.993317][T12510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  762.155307][T12510] batman_adv: batadv0: Adding interface: batadv_slave_1
[  762.163068][T12510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  762.189734][T12510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  762.488147][T12510] hsr_slave_0: entered promiscuous mode
[  762.499314][T12510] hsr_slave_1: entered promiscuous mode
[  762.508722][T12510] debugfs: 'hsr0' already exists in 'hsr'
[  762.514654][T12510] Cannot create hsr debugfs directory
[  762.737183][   T30] audit: type=1326 audit(1764326964.763:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.4.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83cd98f749 code=0x7ffc0000
[  762.760375][   T30] audit: type=1326 audit(1764326964.763:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.4.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83cd98f749 code=0x7ffc0000
[  762.787331][   T30] audit: type=1326 audit(1764326964.763:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.4.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83cd98f749 code=0x7ffc0000
[  762.810717][   T30] audit: type=1326 audit(1764326964.773:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.4.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83cd98f749 code=0x7ffc0000
[  762.833877][   T30] audit: type=1326 audit(1764326964.793:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.4.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83cd98f749 code=0x7ffc0000
[  762.856841][   T30] audit: type=1326 audit(1764326964.813:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.4.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83cd98f749 code=0x7ffc0000
[  762.882290][   T30] audit: type=1326 audit(1764326964.813:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.4.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83cd98f749 code=0x7ffc0000
[  763.218447][T12092] Bluetooth: hci1: command tx timeout
[  763.553153][T12606] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2245'.
[  764.059244][T12510] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  764.094747][T12510] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  764.131221][T12510] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  764.199847][T12510] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  765.261075][T12510] 8021q: adding VLAN 0 to HW filter on device bond0
[  765.307280][T12092] Bluetooth: hci1: command tx timeout
[  765.389350][T12510] 8021q: adding VLAN 0 to HW filter on device team0
[  765.422394][ T6859] bridge0: port 1(bridge_slave_0) entered blocking state
[  765.430144][ T6859] bridge0: port 1(bridge_slave_0) entered forwarding state
[  765.484647][ T6859] bridge0: port 2(bridge_slave_1) entered blocking state
[  765.492407][ T6859] bridge0: port 2(bridge_slave_1) entered forwarding state
[  766.179177][T12643] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2259'.
[  766.233097][T12643] netlink: 'syz.4.2259': attribute type 10 has an invalid length.
[  766.250250][T12643] 8021q: adding VLAN 0 to HW filter on device bond0
[  766.269894][T12643] team0: Port device bond0 added
[  766.299607][T12645] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2259'.
[  766.380040][T12645] team0 (unregistering): Port device team_slave_0 removed
[  766.396239][T12645] team0 (unregistering): Port device team_slave_1 removed
[  766.414159][T12645] team0 (unregistering): Port device dummy0 removed
[  766.455410][T12645] team0 (unregistering): Port device bond0 removed
[  766.828262][T12649] overlayfs: failed to clone upperpath
[  767.177960][T12510] 8021q: adding VLAN 0 to HW filter on device batadv0
[  767.648924][T12510] veth0_vlan: entered promiscuous mode
[  767.678333][T12664] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2265'.
[  767.772275][T12510] veth1_vlan: entered promiscuous mode
[  768.057477][T12510] veth0_macvtap: entered promiscuous mode
[  768.147463][T12510] veth1_macvtap: entered promiscuous mode
[  768.320100][T12510] batman_adv: batadv0: Interface activated: batadv_slave_0
[  768.395636][T12510] batman_adv: batadv0: Interface activated: batadv_slave_1
[  768.483105][T11378] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  768.541237][T11378] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  768.599156][ T4209] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  768.641090][ T4209] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  768.654490][T12676] loop8: detected capacity change from 0 to 8
[  768.687527][T12676] SQUASHFS error: lzo decompression failed, data probably corrupt
[  768.695650][T12676] SQUASHFS error: Failed to read block 0x62b: -5
[  768.703550][T12676] SQUASHFS error: Unable to read metadata cache entry [629]
[  768.712021][T12676] SQUASHFS error: Unable to read inode 0x11f
[  770.797027][ T6129] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  770.988151][ T6129] usb 9-1: Using ep0 maxpacket: 16
[  771.030206][ T6129] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  771.040962][ T6129] usb 9-1: config 0 has no interfaces?
[  771.096006][ T6129] usb 9-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  771.106076][ T6129] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.114563][ T6129] usb 9-1: Product: syz
[  771.119155][ T6129] usb 9-1: Manufacturer: syz
[  771.123986][ T6129] usb 9-1: SerialNumber: syz
[  771.209141][ T6129] usb 9-1: config 0 descriptor??
[  773.851163][ T6129] usb 9-1: USB disconnect, device number 8
[  774.167480][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  774.167567][   T30] audit: type=1804 audit(1764326976.203:213): pid=12758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2289" name="file0" dev="tmpfs" ino=2557 res=1 errno=0
[  774.299854][T11378] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  774.308603][T11378] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  774.465678][T11370] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  774.477316][T11370] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  775.419077][T12779] netlink: 'syz.8.2295': attribute type 1 has an invalid length.
[  775.503680][T12779] bond3: entered promiscuous mode
[  775.510711][T12779] 8021q: adding VLAN 0 to HW filter on device bond3
[  775.575818][T12779] bond3: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  775.589054][T12779] bond3: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  775.599872][T12779] bond3: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  775.828928][T12783] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2296'.
[  776.163413][T12792] bond3: left promiscuous mode
[  776.170157][T12792] ipip0: left promiscuous mode
[  778.095091][T12832] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2310'.
[  778.491380][T12839] syz_tun: entered allmulticast mode
[  778.532258][T12837] syz_tun: left allmulticast mode
[  779.985078][T12859] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2318'.
[  780.100062][T12859] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2318'.
[  782.217419][   T30] audit: type=1326 audit(1764326984.193:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.241524][   T30] audit: type=1326 audit(1764326984.193:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.266870][   T30] audit: type=1326 audit(1764326984.203:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.291359][   T30] audit: type=1326 audit(1764326984.203:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.314425][   T30] audit: type=1326 audit(1764326984.203:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.338032][   T30] audit: type=1326 audit(1764326984.203:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.361956][   T30] audit: type=1326 audit(1764326984.203:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.385190][   T30] audit: type=1326 audit(1764326984.203:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.409091][   T30] audit: type=1326 audit(1764326984.203:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  782.432639][   T30] audit: type=1326 audit(1764326984.203:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12869 comm="syz.8.2321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7fc00000
[  783.864011][T12881] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2327'.
[  784.674659][T12885] loop1: detected capacity change from 0 to 32768
[  784.735311][T12885] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2326 (12885)
[  784.785114][T12881] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2327'.
[  784.874978][T12885] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  784.886604][T12885] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  785.111987][T12885] BTRFS info (device loop1): rebuilding free space tree
[  785.168829][T12885] BTRFS info (device loop1): disabling free space tree
[  785.176251][T12885] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  785.186726][T12885] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  785.217766][T12885] BTRFS info (device loop1): enabling ssd optimizations
[  785.225274][T12885] BTRFS info (device loop1): turning off barriers
[  785.233511][T12885] BTRFS info (device loop1): disabling tree log
[  785.240348][T12885] BTRFS info (device loop1): turning on async discard
[  785.247560][T12885] BTRFS info (device loop1): force clearing of disk cache
[  785.254915][T12885] BTRFS info (device loop1): enabling auto defrag
[  785.261986][T12885] BTRFS info (device loop1): force zlib compression, level 3
[  785.269788][T12885] BTRFS info (device loop1): max_inline set to 4096
[  786.442548][T12510] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  786.985841][T12915] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2334'.
[  788.070879][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  788.077948][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  789.923440][T12929] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: 1
[  789.932996][T12929] ref_ctr increment failed for inode: 0xa40 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88811692aa00
[  789.969946][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  789.970051][   T30] audit: type=1804 audit(1764326991.953:280): pid=12929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2340" name="file0" dev="tmpfs" ino=2624 res=1 errno=0
[  790.118472][T12929] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: -1
[  790.128234][T12929] ref_ctr decrement failed for inode: 0xa40 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88811692aa00
[  790.139879][T12929] uprobe: syz.5.2340:12929 failed to unregister, leaking uprobe
[  797.012173][T13003] loop8: detected capacity change from 0 to 32768
[  797.057994][T13003] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.2365 (13003)
[  797.123732][T13003] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  797.134270][T13003] BTRFS error (device loop8): unsupported checksum algorithm: 4
[  797.147399][T13003] BTRFS error (device loop8): open_ctree failed: -22
[  799.143070][ T9823] Bluetooth: hci1: command 0x0406 tx timeout
[  799.914351][T13042] netlink: 'syz.8.2377': attribute type 2 has an invalid length.
[  799.938780][T13042] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2377'.
[  801.768485][T13060] team0: Port device team_slave_0 removed
[  805.266988][T13098] netlink: 232 bytes leftover after parsing attributes in process `syz.1.2399'.
[  806.975636][T13116] loop8: detected capacity change from 0 to 512
[  807.288854][T13116] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  807.302245][T13116] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  807.504068][T13113] orangefs_mount: mount request failed with -4
[  807.547556][ T9822] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  807.889326][T13127] loop8: detected capacity change from 0 to 512
[  807.984511][T13127] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  807.997800][T13127] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  808.097940][T13127] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  808.188066][T13127] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28
[  808.201150][T13127] EXT4-fs (loop8): This should not happen!! Data will be lost
[  808.201150][T13127] 
[  808.211343][T13127] EXT4-fs (loop8): Total free blocks count 0
[  808.217927][T13127] EXT4-fs (loop8): Free/Dirty block details
[  808.224058][T13127] EXT4-fs (loop8): free_blocks=65280
[  808.229786][T13127] EXT4-fs (loop8): dirty_blocks=2
[  808.235673][T13127] EXT4-fs (loop8): Block reservation details
[  808.242115][T13127] EXT4-fs (loop8): i_reserved_data_blocks=2
[  808.296066][T13134] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 1 with error 28
[  808.443281][T13139] ipt_REJECT: ECHOREPLY no longer supported.
[  808.601812][T13140] netlink: 'syz.7.2411': attribute type 3 has an invalid length.
[  808.610949][T13140] netlink: 'syz.7.2411': attribute type 3 has an invalid length.
[  808.890671][T13143] netlink: 'syz.8.2413': attribute type 1 has an invalid length.
[  808.993001][T13143] 8021q: adding VLAN 0 to HW filter on device bond4
[  809.134155][T13146] bond4: (slave ip6erspan0): making interface the new active one
[  809.150842][T13146] bond4: (slave ip6erspan0): Enslaving as an active interface with an up link
[  809.438889][T13143] macvlan2: entered promiscuous mode
[  809.444451][T13143] macvlan2: entered allmulticast mode
[  809.453685][T13143] bond4: entered promiscuous mode
[  809.459179][T13143] ip6erspan0: entered promiscuous mode
[  809.469400][T13143] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  809.481010][T13143] bond4: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  809.499327][T13143] bond4: left promiscuous mode
[  809.504328][T13143] ip6erspan0: left promiscuous mode
[  809.571782][T13149] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2415'.
[  809.819827][T13149] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2415'.
[  811.039981][T13168] syzkaller0: entered promiscuous mode
[  811.046010][T13168] syzkaller0: entered allmulticast mode
[  813.205765][T13186] batman_adv: batadv0: Adding interface: dummy0
[  813.212635][T13186] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  813.238677][T13186] batman_adv: batadv0: Interface activated: dummy0
[  815.969836][T13207] ptrace attach of "./syz-executor exec"[5812] was attempted by ""[13207]
[  816.493730][T13224] netlink: 'syz.5.2442': attribute type 1 has an invalid length.
[  816.720823][T13227] bond4: (slave geneve2): making interface the new active one
[  816.732021][T13227] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  816.947613][   T58] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  816.978240][   T58] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  816.996787][   T58] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  817.038884][   T58] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  817.135800][T13231] netlink: 'syz.1.2444': attribute type 1 has an invalid length.
[  817.231209][T13231] bond1: entered promiscuous mode
[  817.238317][T13231] 8021q: adding VLAN 0 to HW filter on device bond1
[  817.312967][T13235] 8021q: adding VLAN 0 to HW filter on device bond1
[  817.322300][T13235] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  817.332853][T13235] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  817.358976][T13235] bond1: (slave gre1): making interface the new active one
[  817.366846][T13235] gre1: entered promiscuous mode
[  817.382271][T13235] bond1: (slave gre1): Enslaving as an active interface with an up link
[  821.160366][   T30] audit: type=1804 audit(1764327023.173:281): pid=13262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2454" name="bus" dev="ramfs" ino=39017 res=1 errno=0
[  821.260533][   T30] audit: type=1804 audit(1764327023.223:282): pid=13262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2454" name="bus" dev="ramfs" ino=39017 res=1 errno=0
[  824.810430][T13307] netlink: 'syz.7.2467': attribute type 27 has an invalid length.
[  824.818911][T13307] netlink: 'syz.7.2467': attribute type 4 has an invalid length.
[  824.827762][T13307] netlink: 144 bytes leftover after parsing attributes in process `syz.7.2467'.
[  830.020478][T13390] netlink: 'syz.1.2476': attribute type 1 has an invalid length.
[  830.125817][T13390] bond2: entered promiscuous mode
[  830.132758][T13390] 8021q: adding VLAN 0 to HW filter on device bond2
[  830.345113][T13392] 8021q: adding VLAN 0 to HW filter on device bond3
[  830.363690][T13392] bond2: (slave bond3): making interface the new active one
[  830.371658][T13392] bond3: entered promiscuous mode
[  830.381613][T13392] bond2: (slave bond3): Enslaving as an active interface with an up link
[  830.437431][T13390] bond2: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  830.450886][T13390] bond2: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  830.654385][T13400] netlink: 'syz.4.2479': attribute type 3 has an invalid length.
[  830.668017][T13400] netlink: 'syz.4.2479': attribute type 3 has an invalid length.
[  831.227523][T13403] loop8: detected capacity change from 0 to 2048
[  831.260550][T13409] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2483'.
[  831.329406][T13403] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024)
[  831.484970][T13411] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  832.511989][T13424] netlink: 'syz.4.2488': attribute type 4 has an invalid length.
[  832.533365][T13424] netlink: 'syz.4.2488': attribute type 4 has an invalid length.
[  833.257290][T13433] xt_l2tp: missing protocol rule (udp|l2tpip)
[  833.531384][T13436] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2492'.
[  834.699165][T13444] loop1: detected capacity change from 0 to 32768
[  834.711697][T13444] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2495 (13444)
[  834.735385][T13444] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  834.747394][T13444] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  834.995414][T13444] BTRFS info (device loop1): rebuilding free space tree
[  835.024826][T13444] BTRFS info (device loop1): disabling free space tree
[  835.032392][T13444] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  835.042777][T13444] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  835.099214][T13444] BTRFS info (device loop1): enabling ssd optimizations
[  835.107738][T13444] BTRFS info (device loop1): turning off barriers
[  835.114398][T13444] BTRFS info (device loop1): disabling tree log
[  835.121125][T13444] BTRFS info (device loop1): turning on async discard
[  835.128368][T13444] BTRFS info (device loop1): force clearing of disk cache
[  835.135714][T13444] BTRFS info (device loop1): enabling auto defrag
[  835.142662][T13444] BTRFS info (device loop1): force zlib compression, level 3
[  835.150437][T13444] BTRFS info (device loop1): max_inline set to 4096
[  835.343465][T12510] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  836.575070][T13480] tipc: Started in network mode
[  836.582439][T13480] tipc: Node identity 4, cluster identity 4711
[  836.589066][T13480] tipc: Node number set to 4
[  837.287109][T13496] syzkaller0: entered promiscuous mode
[  837.292920][T13496] syzkaller0: entered allmulticast mode
[  840.292513][T13510] bridge0: port 2(bridge_slave_1) entered disabled state
[  840.302536][T13510] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.041438][T13510] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  841.073373][T13510] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  842.175858][T13380] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  842.193367][T13380] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  842.228896][T13380] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  842.298199][T13380] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  842.491696][T13529] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2519'.
[  843.653538][T13540] netlink: 'syz.5.2525': attribute type 1 has an invalid length.
[  843.751349][T13540] 8021q: adding VLAN 0 to HW filter on device bond5
[  843.822580][T13540] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2525'.
[  843.832369][T13540] bond5: entered promiscuous mode
[  843.838905][T13540] bond5: entered allmulticast mode
[  843.868237][T13540] bond0: (slave dummy0): Releasing backup interface
[  843.917291][T13540] bond5: (slave dummy0): making interface the new active one
[  843.924928][T13540] dummy0: entered promiscuous mode
[  843.932230][T13540] dummy0: entered allmulticast mode
[  843.944310][T13540] bond5: (slave dummy0): Enslaving as an active interface with an up link
[  844.096674][T13540] bond5 (unregistering): (slave dummy0): Releasing active interface
[  844.104948][T13540] dummy0: left promiscuous mode
[  844.111302][T13540] dummy0: left allmulticast mode
[  844.154310][T13540] bond5 (unregistering): Released all slaves
[  844.955866][T13567] netlink: 'syz.1.2533': attribute type 1 has an invalid length.
[  845.109672][T13569] 8021q: adding VLAN 0 to HW filter on device bond5
[  845.125633][T13569] bond4: (slave bond5): making interface the new active one
[  845.135923][T13569] bond4: (slave bond5): Enslaving as an active interface with an up link
[  845.203496][T13567] bond4: (slave gretap1): Enslaving as a backup interface with an up link
[  845.229653][T13567] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2533'.
[  845.245781][T13567] 8021q: adding VLAN 0 to HW filter on device bond4
[  845.539332][T13574] loop1: detected capacity change from 0 to 128
[  845.791989][T13577] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2536'.
[  849.500816][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  849.507656][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  850.471529][   T30] audit: type=1326 audit(1764327052.393:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.494796][   T30] audit: type=1326 audit(1764327052.403:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.517992][   T30] audit: type=1326 audit(1764327052.413:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.541481][   T30] audit: type=1326 audit(1764327052.413:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.564474][   T30] audit: type=1326 audit(1764327052.443:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.588049][   T30] audit: type=1326 audit(1764327052.443:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.611061][   T30] audit: type=1326 audit(1764327052.443:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.634615][   T30] audit: type=1326 audit(1764327052.493:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.657695][   T30] audit: type=1326 audit(1764327052.493:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  850.680747][   T30] audit: type=1326 audit(1764327052.493:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.7.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[  852.834119][T13620] ipip0: entered allmulticast mode
[  853.242642][T13609] overlayfs: failed to clone upperpath
[  855.504486][T13646] loop1: detected capacity change from 0 to 40427
[  855.543916][T13646] F2FS-fs (loop1): invalid crc value
[  855.918587][T13646] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  855.998100][T13646] F2FS-fs (loop1): Start checkpoint disabled!
[  856.038844][T13646] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  856.071181][T13646] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  856.434559][T13646] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  856.454538][T13652] syz.1.2556: attempt to access beyond end of device
[  856.454538][T13652] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  856.887478][T13380] kworker/u8:25: attempt to access beyond end of device
[  856.887478][T13380] loop1: rw=2049, sector=45224, nr_sectors = 16 limit=40427
[  856.902244][T13380] CPU: 1 UID: 0 PID: 13380 Comm: kworker/u8:25 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  856.902436][T13380] Tainted: [W]=WARN
[  856.902492][T13380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  856.902607][T13380] Workqueue: writeback wb_workfn (flush-7:1)
[  856.902813][T13380] Call Trace:
[  856.902869][T13380]  <TASK>
[  856.902931][T13380]  __dump_stack+0x26/0x30
[  856.903107][T13380]  dump_stack_lvl+0x1df/0x270
[  856.903293][T13380]  dump_stack+0x1e/0x25
[  856.903456][T13380]  f2fs_handle_critical_error+0xa6f/0xc20
[  856.903655][T13380]  f2fs_stop_checkpoint+0x65/0x80
[  856.903820][T13380]  f2fs_write_end_io+0x101c/0x1bc0
[  856.904039][T13380]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  856.904200][T13380]  bio_endio+0xeb4/0x1010
[  856.904377][T13380]  submit_bio_noacct+0x2009/0x2930
[  856.904610][T13380]  submit_bio+0x57c/0x630
[  856.904792][T13380]  f2fs_submit_write_bio+0x92/0x250
[  856.905024][T13380]  __submit_merged_bio+0x16f/0x6a0
[  856.905241][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  856.905426][T13380]  __submit_merged_write_cond+0x458/0x9a0
[  856.905671][T13380]  f2fs_write_data_pages+0x4bb2/0x5480
[  856.905997][T13380]  ? f2fs_balance_fs_bg+0x11e7/0x1240
[  856.906205][T13380]  ? stack_depot_save_flags+0x35/0x7b0
[  856.906376][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.906523][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.906700][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.906863][T13380]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  856.907106][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.907270][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  856.907437][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.907597][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  856.907768][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.907948][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  856.908119][T13380]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  856.908279][T13380]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  856.908442][T13380]  do_writepages+0x3f2/0x860
[  856.908629][T13380]  ? stack_depot_save_flags+0x35/0x7b0
[  856.908794][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.909049][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.909241][T13380]  __writeback_single_inode+0x101/0x1190
[  856.909451][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.909631][T13380]  writeback_sb_inodes+0xac1/0x1cb0
[  856.909989][T13380]  wb_writeback+0x4ce/0xc00
[  856.910195][T13380]  ? queue_io+0x471/0x790
[  856.910387][T13380]  wb_workfn+0x397/0x1910
[  856.910554][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  856.910748][T13380]  ? __pfx_wb_workfn+0x10/0x10
[  856.910908][T13380]  process_scheduled_works+0xb91/0x1d80
[  856.911179][T13380]  worker_thread+0xedf/0x1590
[  856.911414][T13380]  kthread+0xd5c/0xf00
[  856.911543][T13380]  ? __pfx_worker_thread+0x10/0x10
[  856.911766][T13380]  ? __pfx_kthread+0x10/0x10
[  856.911902][T13380]  ret_from_fork+0x1f5/0x4c0
[  856.912100][T13380]  ? __pfx_kthread+0x10/0x10
[  856.912247][T13380]  ret_from_fork_asm+0x1a/0x30
[  856.912469][T13380]  </TASK>
[  857.208517][T13380] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  857.215699][T13380] CPU: 1 UID: 0 PID: 13380 Comm: kworker/u8:25 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  857.215891][T13380] Tainted: [W]=WARN
[  857.215946][T13380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  857.216068][T13380] Workqueue: writeback wb_workfn (flush-7:1)
[  857.216274][T13380] Call Trace:
[  857.216334][T13380]  <TASK>
[  857.216388][T13380]  __dump_stack+0x26/0x30
[  857.216555][T13380]  dump_stack_lvl+0x1df/0x270
[  857.216743][T13380]  dump_stack+0x1e/0x25
[  857.216902][T13380]  f2fs_handle_critical_error+0xa6f/0xc20
[  857.217106][T13380]  f2fs_stop_checkpoint+0x65/0x80
[  857.217277][T13380]  f2fs_write_end_io+0x101c/0x1bc0
[  857.217490][T13380]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  857.217654][T13380]  bio_endio+0xeb4/0x1010
[  857.217820][T13380]  submit_bio_noacct+0x2009/0x2930
[  857.218047][T13380]  submit_bio+0x57c/0x630
[  857.218235][T13380]  f2fs_submit_write_bio+0x92/0x250
[  857.218453][T13380]  __submit_merged_bio+0x16f/0x6a0
[  857.218668][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.218855][T13380]  __submit_merged_write_cond+0x458/0x9a0
[  857.219100][T13380]  f2fs_write_data_pages+0x4bb2/0x5480
[  857.219422][T13380]  ? f2fs_balance_fs_bg+0x11e7/0x1240
[  857.219635][T13380]  ? stack_depot_save_flags+0x35/0x7b0
[  857.219792][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.219949][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.220116][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.220307][T13380]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  857.220539][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.220704][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.220877][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.221041][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.221216][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.221381][T13380]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.221551][T13380]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  857.221716][T13380]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  857.221875][T13380]  do_writepages+0x3f2/0x860
[  857.222066][T13380]  ? stack_depot_save_flags+0x35/0x7b0
[  857.222237][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.222400][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.222587][T13380]  __writeback_single_inode+0x101/0x1190
[  857.222800][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.222981][T13380]  writeback_sb_inodes+0xac1/0x1cb0
[  857.223341][T13380]  wb_writeback+0x4ce/0xc00
[  857.223546][T13380]  ? queue_io+0x471/0x790
[  857.223742][T13380]  wb_workfn+0x397/0x1910
[  857.223909][T13380]  ? kmsan_get_metadata+0xfb/0x160
[  857.224099][T13380]  ? __pfx_wb_workfn+0x10/0x10
[  857.224268][T13380]  process_scheduled_works+0xb91/0x1d80
[  857.224553][T13380]  worker_thread+0xedf/0x1590
[  857.224789][T13380]  kthread+0xd5c/0xf00
[  857.224918][T13380]  ? __pfx_worker_thread+0x10/0x10
[  857.225130][T13380]  ? __pfx_kthread+0x10/0x10
[  857.225275][T13380]  ret_from_fork+0x1f5/0x4c0
[  857.225466][T13380]  ? __pfx_kthread+0x10/0x10
[  857.225609][T13380]  ret_from_fork_asm+0x1a/0x30
[  857.225836][T13380]  </TASK>
[  857.531310][T13380] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  857.996066][T13665] tipc: Started in network mode
[  858.003100][T13665] tipc: Node identity 1a7a8a63681e, cluster identity 4711
[  858.013004][T13665] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  858.154069][T13668] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  859.140438][ T6129] tipc: Node number set to 1919191651
[  859.669214][T13689] netlink: 'syz.4.2570': attribute type 1 has an invalid length.
[  859.930639][T13691] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  859.945469][T13691] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  860.183128][T13689] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2570'.
[  860.408758][T13700] bond5: (slave bridge6): Enslaving as an active interface with a down link
[  860.556676][T13698] loop8: detected capacity change from 0 to 32768
[  860.567719][T13698] jfs: Unknown parameter '01777777777777777777777017777777777777777777770xffffffffffffffff0xffffffffffffffff0177777777777777777777718446744073709551615����18446744073709551615'
[  860.608261][T13689] 8021q: adding VLAN 0 to HW filter on device bond5
[  860.651630][T13702] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2574'.
[  863.163508][T13713] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  863.238334][T13713] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  863.345091][T13713] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  863.462186][T13713] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  863.745144][ T4209] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  863.786273][T13721] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2581'.
[  863.830649][T11345] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  863.857448][T13721] tipc: Enabled bearer <udp:syz0>, priority 10
[  863.938659][T11345] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  863.983339][T11345] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  864.143834][T13725] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2580'.
[  864.753390][T13737] netlink: 'syz.4.2586': attribute type 1 has an invalid length.
[  864.762647][ T6153] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  864.880807][T13741] bond6: (slave gretap2): making interface the new active one
[  864.892326][T13741] bond6: (slave gretap2): Enslaving as an active interface with an up link
[  864.927041][ T6153] usb 9-1: Using ep0 maxpacket: 8
[  864.989386][T13737] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2586'.
[  865.011446][ T6153] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  865.031759][T13745] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2588'.
[  865.063433][ T6153] usb 9-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice= d.68
[  865.073579][ T6153] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  865.082480][ T6153] usb 9-1: Product: syz
[  865.087101][ T6153] usb 9-1: Manufacturer: syz
[  865.091928][ T6153] usb 9-1: SerialNumber: syz
[  865.131711][T13737] bond6 (unregistering): (slave gretap2): Releasing active interface
[  865.155932][ T6153] usb 9-1: config 0 descriptor??
[  865.176621][ T6153] kalmia 9-1:0.0: probe with driver kalmia failed with error -22
[  865.201160][T13737] bond6 (unregistering): Released all slaves
[  865.316777][T13747] tipc: Started in network mode
[  865.321984][T13747] tipc: Node identity 7ab434dd3729, cluster identity 4711
[  865.330523][T13747] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  865.367630][T13749] syzkaller0: entered promiscuous mode
[  865.374127][T13749] syzkaller0: entered allmulticast mode
[  865.424229][T13743] tipc: Resetting bearer <eth:syzkaller0>
[  865.449951][T13742] tipc: Resetting bearer <eth:syzkaller0>
[  865.526283][T13742] tipc: Disabling bearer <eth:syzkaller0>
[  865.899993][ T6153] usb 9-1: USB disconnect, device number 9
[  866.162573][T13756] overlayfs: failed to clone upperpath
[  866.177470][T13756] overlayfs: failed to clone upperpath
[  866.497771][T13762] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2593'.
[  866.507307][T13762] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  866.514901][T13762] batman_adv: batadv0: Removing interface: batadv_slave_1
[  866.552508][T13762] batman_adv: batadv0: Interface deactivated: dummy0
[  866.563216][T13762] batman_adv: batadv0: Removing interface: dummy0
[  866.863894][T13770] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2594'.
[  866.890754][T12092] Bluetooth: hci3: unexpected event for opcode 0x080b
[  867.057096][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  867.057182][   T30] audit: type=1326 audit(1764327069.063:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.087683][   T30] audit: type=1326 audit(1764327069.073:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.111584][   T30] audit: type=1326 audit(1764327069.083:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.136015][   T30] audit: type=1326 audit(1764327069.083:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.893940][T13768] loop8: detected capacity change from 0 to 40427
[  867.904413][   T30] audit: type=1326 audit(1764327069.203:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.928427][   T30] audit: type=1326 audit(1764327069.213:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.951895][   T30] audit: type=1326 audit(1764327069.213:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.975722][   T30] audit: type=1326 audit(1764327069.213:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  867.999187][   T30] audit: type=1326 audit(1764327069.233:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  868.022277][   T30] audit: type=1326 audit(1764327069.233:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13769 comm="syz.1.2597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbae218f749 code=0x7ffc0000
[  868.046068][T13768] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  868.054307][T13768] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  868.068129][T13768] F2FS-fs (loop8): invalid crc value
[  868.485544][T13783] netlink: 'syz.1.2601': attribute type 10 has an invalid length.
[  868.494201][T13783] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2601'.
[  868.611393][T13783] team0: Failed to send options change via netlink (err -105)
[  868.619560][T13783] team0: Port device netdevsim1 added
[  869.047109][T13768] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  869.073906][T13789] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2603'.
[  869.218601][T13768] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  869.225967][T13768] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  869.239068][T13789] sch_tbf: burst 511 is lower than device veth3 mtu (1514) !
[  870.896823][T12092] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  870.906660][T12092] Bluetooth: hci3: Injecting HCI hardware error event
[  870.914996][T12092] Bluetooth: hci3: hardware error 0x00
[  872.207735][T13812] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2613'.
[  872.966146][T13826] ------------[ cut here ]------------
[  872.972177][T13826] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000)
[  872.998170][T13826] WARNING: CPU: 1 PID: 13826 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0xb26/0x14b0
[  873.008943][T13826] Modules linked in:
[  873.013010][T13826] CPU: 1 UID: 0 PID: 13826 Comm: syz.5.2614 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  873.024231][T13826] Tainted: [W]=WARN
[  873.028300][T13826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  873.038670][T13826] RIP: 0010:reg_bounds_sanity_check+0xb26/0x14b0
[  873.046242][T13826] Code: ff ff ff b5 20 ff ff ff ff b5 18 ff ff ff ff b5 48 ff ff ff ff b5 10 ff ff ff ff b5 08 ff ff ff e8 8f 77 ff fe 48 83 c4 38 90 <0f> 0b 90 90 4c 8b bd 70 ff ff ff e9 83 f8 ff ff 8b 3a e8 33 f3 7b
[  873.067239][T13826] RSP: 0018:ffff888061d96f18 EFLAGS: 00010286
[  873.073728][T13826] RAX: ffffffff81208325 RBX: ffff88804cf6ba30 RCX: 0000000000080000
[  873.081960][T13826] RDX: ffffc9000fc1f000 RSI: 00000000000047c8 RDI: 00000000000047c9
[  873.091091][T13826] RBP: ffff888061d97098 R08: ffffea000000000f R09: 0000000000000000
[  873.099399][T13826] R10: ffff888237abc028 R11: ffff88823f272d80 R12: 0000000000000000
[  873.107715][T13826] R13: ffff88804cc1aca0 R14: 0000000000000000 R15: 0000000000000000
[  873.115843][T13826] FS:  00007fd90a3596c0(0000) GS:ffff8881aae4f000(0000) knlGS:0000000000000000
[  873.125248][T13826] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  873.132092][T13826] CR2: 00002000000054c0 CR3: 0000000061e96000 CR4: 00000000003526f0
[  873.141343][T13826] Call Trace:
[  873.144753][T13826]  <TASK>
[  873.147957][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.153957][T13826]  reg_set_min_max+0x267/0x440
[  873.159036][T13826]  check_cond_jmp_op+0x3c34/0x5410
[  873.164408][T13826]  do_check+0x233c/0x16a70
[  873.169224][T13826]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  873.175265][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.181166][T13826]  do_check_common+0x2021/0x31f0
[  873.186992][T13826]  bpf_check+0x5d49/0x2a200
[  873.191784][T13826]  ? pcpu_block_update_hint_alloc+0x12df/0x1390
[  873.198438][T13826]  ? kmsan_get_metadata+0x150/0x160
[  873.203904][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.209414][T13826]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  873.216152][T13826]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  873.222588][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.228116][T13826]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  873.234213][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.239851][T13826]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  873.245891][T13826]  ? strncpy_from_user+0x101/0x470
[  873.251311][T13826]  ? filter_irq_stacks+0x49/0x190
[  873.257257][T13826]  ? stack_depot_save_flags+0x35/0x7b0
[  873.262920][T13826]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  873.269572][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.274987][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.280374][T13826]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  873.287031][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.292434][T13826]  ? kmsan_get_metadata+0xfb/0x160
[  873.297928][T13826]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  873.303934][T13826]  bpf_prog_load+0x2af2/0x3040
[  873.308966][T13826]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  873.315512][T13826]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  873.321868][T13826]  ? security_bpf+0x88/0x620
[  873.326738][T13826]  ? _copy_from_user+0xcb/0x100
[  873.331780][T13826]  __sys_bpf+0x7df/0xeb0
[  873.336225][T13826]  __x64_sys_bpf+0xa4/0xf0
[  873.340987][T13826]  x64_sys_call+0x3550/0x3e30
[  873.345883][T13826]  do_syscall_64+0xd9/0xfa0
[  873.350766][T13826]  ? irqentry_exit+0x16/0x60
[  873.355632][T13826]  ? clear_bhb_loop+0x40/0x90
[  873.361369][T13826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.367532][T13826] RIP: 0033:0x7fd90958f749
[  873.372239][T13826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  873.394326][T13826] RSP: 002b:00007fd90a359038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  873.403092][T13826] RAX: ffffffffffffffda RBX: 00007fd9097e5fa0 RCX: 00007fd90958f749
[  873.411369][T13826] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  873.419776][T13826] RBP: 00007fd909613f91 R08: 0000000000000000 R09: 0000000000000000
[  873.427977][T13826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  873.436105][T13826] R13: 00007fd9097e6038 R14: 00007fd9097e5fa0 R15: 00007ffebc24f0f8
[  873.444389][T13826]  </TASK>
[  873.447644][T13826] ---[ end trace 0000000000000000 ]---
[  873.509812][T12092] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  874.217577][T13837] IPVS: set_ctl: invalid protocol: 44 172.20.20.187:20000
[  874.390856][T13840] netlink: 'syz.8.2607': attribute type 16 has an invalid length.
[  874.399755][T13840] netlink: 'syz.8.2607': attribute type 3 has an invalid length.
[  874.408262][T13840] netlink: 132 bytes leftover after parsing attributes in process `syz.8.2607'.
[  875.265305][T13850] netlink: 'syz.5.2619': attribute type 1 has an invalid length.
[  875.569420][T13854] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  875.583260][T13854] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  875.801678][T13850] bond5: (slave bridge9): Enslaving as an active interface with a down link
[  875.843763][T13854] bond5: (slave gretap2): making interface the new active one
[  875.854122][T13854] bond5: (slave gretap2): Enslaving as an active interface with an up link
[  876.271025][T13859] netlink: 'syz.1.2620': attribute type 1 has an invalid length.
[  876.278971][T13861] syzkaller0: entered promiscuous mode
[  876.279083][T13861] syzkaller0: entered allmulticast mode
[  876.805692][T13862] ip6gre1: entered promiscuous mode
[  876.813469][T13862] bond6: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  876.824229][T13862] bond6: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  876.846249][T13862] bond6: (slave ip6gre1): making interface the new active one
[  876.861636][T13862] bond6: (slave ip6gre1): Enslaving as an active interface with an up link
[  877.368909][T13878] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2626'.
[  877.379127][T13878] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2626'.
[  878.803431][T13906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2634'.
[  878.882818][T13906] macvtap1: entered promiscuous mode
[  878.889501][T13906] bond0: entered promiscuous mode
[  878.894744][T13906] bond_slave_0: entered promiscuous mode
[  878.907984][T13906] bond_slave_1: entered promiscuous mode
[  878.915708][T13906] macvtap1: entered allmulticast mode
[  878.921523][T13906] bond0: entered allmulticast mode
[  878.926957][T13906] bond_slave_0: entered allmulticast mode
[  878.932894][T13906] bond_slave_1: entered allmulticast mode
[  878.943081][T13906] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  879.118021][T13913] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2635'.
[  879.807279][T13921] loop7: detected capacity change from 0 to 7
[  880.874373][T13926] binder: 13925:13926 ioctl c0306201 200000000180 returned -14
[  881.204169][T13929] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  883.103033][T13921] Dev loop7: unable to read RDB block 7
[  883.109135][T13921]  loop7: unable to read partition table
[  883.208060][T13921] loop7: partition table beyond EOD, truncated
[  883.214523][T13921] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  884.015546][ T6153] IPVS: starting estimator thread 0...
[  884.079862][T13950] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2652'.
[  884.093455][T13950] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2652'.
[  884.121816][T13950] bond0: entered promiscuous mode
[  884.132084][T13950] bond_slave_0: entered promiscuous mode
[  884.139380][T13950] bond_slave_1: entered promiscuous mode
[  884.155624][T13950] bridge0: entered promiscuous mode
[  884.360622][T13948] IPVS: Scheduler module ip_vs_ not found
[  884.392930][T13953] IPVS: length: 24 != 12792
[  884.437282][T13958] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  884.478578][T13951] IPVS: using max 192 ests per chain, 9600 per kthread
[  886.056726][T13972] loop1: detected capacity change from 0 to 32768
[  886.127729][T13981] loop8: detected capacity change from 0 to 2048
[  886.159173][T13972] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  886.194435][T13972] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  886.299049][T13981] EXT4-fs error (device loop8): ext4_ext_check_inode:523: inode #2: comm syz.8.2660: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  886.382816][T13981] EXT4-fs (loop8): get root inode failed
[  886.389044][T13981] EXT4-fs (loop8): mount failed
[  888.409354][T14008] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  888.708612][T14010] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2672'.
[  888.818199][T14012] netlink: 'syz.7.2673': attribute type 4 has an invalid length.
[  888.930925][T14012] netlink: 'syz.7.2673': attribute type 4 has an invalid length.
[  889.030113][T12510] ocfs2: Unmounting device (7,1) on (node local)
[  889.377264][T14017] bridge0: port 3(vxlan0) entered blocking state
[  889.384244][T14017] bridge0: port 3(vxlan0) entered disabled state
[  889.391783][T14017] vxlan0: entered allmulticast mode
[  889.401895][T14017] vxlan0: entered promiscuous mode
[  889.510564][T14020] loop8: detected capacity change from 0 to 512
[  889.594011][T14020] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  889.610681][T14023] netlink: 'syz.7.2678': attribute type 3 has an invalid length.
[  889.619470][T14023] netlink: 'syz.7.2678': attribute type 3 has an invalid length.
[  889.628520][T14020] EXT4-fs (loop8): orphan cleanup on readonly fs
[  889.723498][T14020] __quota_error: 1 callbacks suppressed
[  889.723582][T14020] Quota error (device loop8): dq_insert_tree: Quota tree root isn't allocated!
[  889.739950][T14020] Quota error (device loop8): qtree_write_dquot: Error -5 occurred while creating quota
[  889.750993][T14020] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.2674: Failed to acquire dquot type 1
[  889.859564][T14020] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.2674: bg 0: block 40: padding at end of block bitmap is not set
[  889.897304][T14020] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  889.911053][T14020] EXT4-fs (loop8): 1 truncate cleaned up
[  889.919845][T14020] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  889.968316][T14026] bridge_slave_0: left allmulticast mode
[  889.974458][T14026] bridge_slave_0: left promiscuous mode
[  889.981829][T14026] bridge0: port 1(bridge_slave_0) entered disabled state
[  890.033851][T14020] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000.
[  890.044942][T14026] bridge_slave_1: left allmulticast mode
[  890.051335][T14026] bridge_slave_1: left promiscuous mode
[  890.058550][T14026] bridge0: port 2(bridge_slave_1) entered disabled state
[  890.148715][T14026] bond0: (slave bond_slave_0): Releasing backup interface
[  890.270123][T14026] team0: Port device team_slave_1 removed
[  890.278397][T14026] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  890.718947][ T9822] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  891.339999][T14036] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2676'.
[  891.349664][T14036] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2676'.
[  891.412870][T14036] syzkaller0: entered promiscuous mode
[  891.418933][T14036] syzkaller0: entered allmulticast mode
[  891.475517][T14039] netlink: 71 bytes leftover after parsing attributes in process `syz.5.2684'.
[  893.415944][T14063] team0: Failed to send options change via netlink (err -105)
[  893.428721][T14063] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  893.439374][T14063] team0: Port device netdevsim1 removed
[  896.039858][T14095] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2701'.
[  896.053704][T14095] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2701'.
[  896.315542][T14093] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  896.420285][T14095] dummy0: entered promiscuous mode
[  896.430988][T14095] team0: entered promiscuous mode
[  896.442388][T14095] debugfs: 'hsr1' already exists in 'hsr'
[  896.448643][T14095] Cannot create hsr debugfs directory
[  896.454685][T14095] hsr1: Slave A (dummy0) is not up; please bring it up to get a fully working HSR network
[  896.465067][T14095] hsr1: Slave B (team0) is not up; please bring it up to get a fully working HSR network
[  896.857355][T14101] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2703'.
[  897.111083][T14105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2703'.
[  897.497604][T14114] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2705'.
[  900.978684][T14148] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2712'.
[  901.233646][T14132] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  901.448286][T14144] bridge11: entered promiscuous mode
[  901.453819][T14144] bridge11: entered allmulticast mode
[  901.471059][T14144] team0: Port device bridge11 added
[  902.657476][T14152] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2715'.
[  903.849637][T14175] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2719'.
[  903.862526][T14175] bridge_slave_1: left allmulticast mode
[  903.868725][T14175] bridge_slave_1: left promiscuous mode
[  903.876300][T14175] bridge0: port 2(bridge_slave_1) entered disabled state
[  903.998318][T14175] bridge_slave_0: left allmulticast mode
[  904.004850][T14175] bridge_slave_0: left promiscuous mode
[  904.016217][T14175] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.819536][T14175] bridge0 (unregistering): left promiscuous mode
[  905.288275][ T6153] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  905.469870][ T6153] usb 2-1: Using ep0 maxpacket: 32
[  905.529319][ T6153] usb 2-1: config 0 has an invalid interface number: 79 but max is 0
[  905.538242][ T6153] usb 2-1: config 0 has no interface number 0
[  905.544578][ T6153] usb 2-1: config 0 interface 79 has no altsetting 0
[  905.624055][ T6153] usb 2-1: New USB device found, idVendor=07fa, idProduct=0847, bcdDevice=fa.38
[  905.634204][ T6153] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  905.642734][ T6153] usb 2-1: Product: syz
[  905.647520][ T6153] usb 2-1: Manufacturer: syz
[  905.652344][ T6153] usb 2-1: SerialNumber: syz
[  905.749615][ T6153] usb 2-1: config 0 descriptor??
[  906.053975][T14188] loop1: detected capacity change from 0 to 1024
[  906.100190][T14188] hfsplus: Bad value for 'uid'
[  910.331337][T14221] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  910.958619][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  910.965318][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  911.591627][ T6153] HFC-S_USB 2-1:0.79: probe with driver HFC-S_USB failed with error -5
[  911.604137][ T6153] usb 2-1: USB disconnect, device number 7
[  911.675222][T14229] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  912.867052][ T6153] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  913.055961][ T6153] usb 2-1: Using ep0 maxpacket: 16
[  913.095717][ T6153] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  913.104273][ T6153] usb 2-1: config 0 has no interface number 0
[  914.075410][ T6153] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  914.085069][ T6153] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  914.093667][ T6153] usb 2-1: Product: syz
[  914.099951][ T6153] usb 2-1: Manufacturer: syz
[  914.104780][ T6153] usb 2-1: SerialNumber: syz
[  914.115961][ T6153] usb 2-1: config 0 descriptor??
[  914.133745][ T6153] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  914.333196][T14252] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  914.933508][T14240] erspan0: left promiscuous mode
[  915.044297][T14240] bridge0: port 2(bridge_slave_1) entered disabled state
[  915.724805][ T3630] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  915.795423][ T3630] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  915.902651][ T3630] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  915.912714][ T3630] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  916.089863][T14264] bridge0: port 4(gretap0) entered blocking state
[  916.100281][T14264] bridge0: port 4(gretap0) entered disabled state
[  916.107880][T14264] gretap0: entered allmulticast mode
[  916.118091][T14264] gretap0: entered promiscuous mode
[  916.386873][ T6153] gspca_spca1528: reg_r err -71
[  916.392267][ T6153] spca1528 2-1:0.1: probe with driver spca1528 failed with error -71
[  916.450045][ T6153] usb 2-1: USB disconnect, device number 8
[  917.350419][T14269] could not allocate digest TFM handle sha256-arm64
[  918.878648][T14290] �������M�6��: renamed from lo (while UP)
[  920.278090][T14302] loop1: detected capacity change from 0 to 32768
[  920.289766][T14302] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2754 (14302)
[  920.322244][T14302] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  920.332918][T14302] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  920.501326][T14302] BTRFS info (device loop1): enabling ssd optimizations
[  920.508950][T14302] BTRFS info (device loop1): turning on async discard
[  920.515948][T14302] BTRFS info (device loop1): enabling free space tree
[  920.664143][   T30] audit: type=1800 audit(1764327122.693:307): pid=14327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2754" name="file2" dev="loop1" ino=261 res=0 errno=0
[  920.738424][T14329] netlink: 'syz.4.2757': attribute type 12 has an invalid length.
[  921.761776][T14302] BTRFS warning (device loop1): failed to trim 1 block group(s), last error -512
[  922.503111][T12510] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  923.079845][T14357] 9pnet_fd: Insufficient options for proto=fd
[  923.640802][T14368] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  923.682042][T14368] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[  923.909147][T14372] netlink: 72 bytes leftover after parsing attributes in process `syz.5.2768'.
[  924.011248][T14373] pimreg: entered allmulticast mode
[  925.118423][T14373] pimreg: left allmulticast mode
[  925.781225][T14383] netlink: 'syz.4.2772': attribute type 25 has an invalid length.
[  926.643310][T14385] loop1: detected capacity change from 0 to 32768
[  927.034625][T14385] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  928.548609][ T9372] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  929.798883][T12510] ocfs2: Unmounting device (7,1) on (node local)
[  931.579458][T14428] team0: No ports can be present during mode change
[  931.674729][T14428] tipc: Enabled bearer <eth:team0>, priority 0
[  932.108221][T14430] overlayfs: failed to clone upperpath
[  932.298047][T14427] loop1: detected capacity change from 0 to 4096
[  934.099621][T14447] netlink: 'syz.4.2792': attribute type 10 has an invalid length.
[  934.141126][T14447] bond2: option mode: unable to set because the bond device has slaves
[  934.202187][ T9372] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  934.357035][ T9372] usb 2-1: device descriptor read/64, error -71
[  934.616688][ T9372] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  934.777044][ T9372] usb 2-1: device descriptor read/64, error -71
[  934.888704][ T9372] usb usb2-port1: attempt power cycle
[  936.866893][T14459] team0: No ports can be present during mode change
[  936.919027][T14459] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  936.968904][T14464] netlink: 'syz.7.2800': attribute type 6 has an invalid length.
[  937.009742][T14464] batadv_slave_1: entered promiscuous mode
[  937.122766][T14462] batadv_slave_1: left promiscuous mode
[  937.483500][T14473] kAFS: unable to lookup cell '(,'
[  939.045609][T14478] loop1: detected capacity change from 0 to 40427
[  939.060205][T14478] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  939.068613][T14478] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  939.089532][T14478] F2FS-fs (loop1): invalid crc value
[  939.401349][T14478] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  939.424463][T14478] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  939.431956][T14478] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  939.583087][T14478] overlay: filesystem on ./file0 not supported as upperdir
[  939.614214][ T6129] libceph: connect (1)[c::]:6789 error -22
[  939.623470][ T6129] libceph: mon0 (1)[c::]:6789 connect error
[  939.647210][T14495] ceph: No mds server is up or the cluster is laggy
[  940.097968][T14503] team0: No ports can be present during mode change
[  940.133476][T14503] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  940.857759][T14507] mmap: syz.4.2813 (14507): VmData 176009216 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  940.979803][T14507] netlink: 88 bytes leftover after parsing attributes in process `syz.4.2813'.
[  941.163591][T12092] Bluetooth: Wrong link type (-71)
[  941.847548][T14525] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2818'.
[  942.067195][T14522] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2817'.
[  942.585022][   T30] audit: type=1326 audit(1764327144.613:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14533 comm="syz.1.2812" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbae218f749 code=0x0
[  942.701799][T14538] netlink: 'syz.7.2820': attribute type 1 has an invalid length.
[  942.852099][T14538] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  942.865995][T14538] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  943.020576][T14542] bond1: (slave bridge5): Enslaving as an active interface with a down link
[  943.149186][T14538] bond1: (slave gretap1): making interface the new active one
[  943.159763][T14538] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  943.223844][T14538] macvlan2: entered promiscuous mode
[  943.229712][T14538] macvlan2: entered allmulticast mode
[  943.238940][T14538] bond1: entered promiscuous mode
[  943.244207][T14538] gretap1: entered promiscuous mode
[  943.259475][T14538] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  943.301448][T14538] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  943.350210][T14538] bond1: left promiscuous mode
[  943.355376][T14538] gretap1: left promiscuous mode
[  943.728886][T14546] netlink: 'syz.4.2823': attribute type 3 has an invalid length.
[  943.737564][T14546] netlink: 'syz.4.2823': attribute type 3 has an invalid length.
[  943.853584][T14554] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  943.912496][T14556] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2823'.
[  943.922706][T14556] gretap0: left allmulticast mode
[  943.928273][T14556] gretap0: left promiscuous mode
[  943.934889][T14556] bridge0: port 4(gretap0) entered disabled state
[  943.997952][T14556] vxlan0: left allmulticast mode
[  944.003349][T14556] vxlan0: left promiscuous mode
[  944.009842][T14556] bridge0: port 3(vxlan0) entered disabled state
[  944.108389][T14556] bridge_slave_1: left allmulticast mode
[  944.114420][T14556] bridge_slave_1: left promiscuous mode
[  944.121495][T14556] bridge0: port 2(bridge_slave_1) entered disabled state
[  944.182379][T14556] bridge_slave_0: left allmulticast mode
[  944.188593][T14556] bridge_slave_0: left promiscuous mode
[  944.195468][T14556] bridge0: port 1(bridge_slave_0) entered disabled state
[  944.415320][T14554] team0: No ports can be present during mode change
[  944.562896][T14570] could not allocate digest TFM handle _!5����(��i����HP,�om�x��*�71U"~����2.�>�~e���>/y��
[  944.597137][ T6133] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  944.776774][ T6133] usb 2-1: Using ep0 maxpacket: 8
[  944.822412][ T6133] usb 2-1: config 11 has an invalid interface number: 95 but max is 0
[  944.831197][ T6133] usb 2-1: config 11 has no interface number 0
[  944.837955][ T6133] usb 2-1: config 11 interface 95 altsetting 64 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  944.849767][ T6133] usb 2-1: config 11 interface 95 has no altsetting 0
[  944.914853][ T6133] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d
[  944.927691][ T6133] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  944.935931][ T6133] usb 2-1: Product: syz
[  944.940505][ T6133] usb 2-1: Manufacturer: syz
[  944.945310][ T6133] usb 2-1: SerialNumber: syz
[  945.251485][ T6133] usbtouchscreen 2-1:11.95: probe with driver usbtouchscreen failed with error -22
[  945.310182][ T6133] usb 2-1: USB disconnect, device number 13
[  946.521465][T14586] syzkaller0: entered promiscuous mode
[  946.527733][T14586] syzkaller0: entered allmulticast mode
[  946.693850][T14586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  946.702531][T14586] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  946.824743][ T3630] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  946.834656][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  946.858177][T14592] tipc: Resetting bearer <eth:syzkaller0>
[  946.865383][T14592] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  947.008065][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  947.147436][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  947.160453][T14584] tipc: Resetting bearer <eth:syzkaller0>
[  947.248574][T14584] tipc: Disabling bearer <eth:syzkaller0>
[  947.932002][T14605] could not allocate digest TFM handle _!5����(��i����HP,�om�x��*�71U"~����2.�>�~e���>/y��
[  947.948910][T12092] Bluetooth: hci1: unexpected cc 0x204b length: 9 > 3
[  947.955991][T12092] Bluetooth: hci1: unexpected event for opcode 0x204b
[  948.629064][T12092] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  948.637966][T12092] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  949.749014][T14626] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2851'.
[  949.822317][T14642] netlink: 64 bytes leftover after parsing attributes in process `syz.8.2854'.
[  949.831969][T14642] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2854'.
[  950.574222][T14642] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  950.599353][T14642] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  950.625949][T14642] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  950.980433][T14656] could not allocate digest TFM handle _!5����(��i����HP,�om�x��*�71U"~����2.�>�~e���>/y��
[  951.338630][T13376] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  951.349286][T13376] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  951.435079][T13376] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  951.444636][T13376] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  951.494465][T13376] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  951.504182][T13376] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  951.551167][T13376] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  951.560673][T13376] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  952.155080][T14675] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  952.313968][T14680] loop1: detected capacity change from 0 to 64
[  952.977947][   T30] audit: type=1326 audit(1764327155.003:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  953.044489][   T30] audit: type=1326 audit(1764327155.033:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  953.068259][   T30] audit: type=1326 audit(1764327155.043:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd909591667 code=0x7ffc0000
[  953.091225][   T30] audit: type=1326 audit(1764327155.043:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fd9095915dc code=0x7ffc0000
[  953.114132][   T30] audit: type=1326 audit(1764327155.053:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd909591514 code=0x7ffc0000
[  953.137546][   T30] audit: type=1326 audit(1764327155.053:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd909591514 code=0x7ffc0000
[  953.160495][   T30] audit: type=1326 audit(1764327155.053:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd90958e3aa code=0x7ffc0000
[  953.183220][   T30] audit: type=1326 audit(1764327155.063:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14693 comm="syz.5.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  953.287821][T14698] IPv6: sit2: Disabled Multicast RS
[  953.672048][T14711] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  954.127483][T14721] bridge_slave_0: left allmulticast mode
[  954.133670][T14721] bridge_slave_0: left promiscuous mode
[  954.140903][T14721] bridge0: port 1(bridge_slave_0) entered disabled state
[  954.195303][T14721] bridge_slave_1: left allmulticast mode
[  954.201599][T14721] bridge_slave_1: left promiscuous mode
[  954.208764][T14721] bridge0: port 2(bridge_slave_1) entered disabled state
[  954.281427][T14721] bond0: (slave bond_slave_0): Releasing backup interface
[  954.341699][T14721] bond_slave_0: left promiscuous mode
[  954.348652][T14721] bond_slave_0: left allmulticast mode
[  954.382396][T14721] bond0: (slave bond_slave_1): Releasing backup interface
[  954.399826][T14721] bond_slave_1: left promiscuous mode
[  954.409372][T14721] bond_slave_1: left allmulticast mode
[  954.447764][T14721] team0: Port device team_slave_0 removed
[  954.497046][T14721] team0: Port device team_slave_1 removed
[  954.505378][T14721] batman_adv: batadv0: Removing interface: batadv_slave_0
[  954.560216][T14721] batman_adv: batadv0: Removing interface: batadv_slave_1
[  954.593052][T14721] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  954.654490][T14722] team0: Mode changed to "loadbalance"
[  954.714101][T14732] geneve2: entered promiscuous mode
[  954.725032][T11345] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  954.777058][T11345] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  954.807173][T11345] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  954.837622][T11345] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  955.758384][T14754] syzkaller0: entered promiscuous mode
[  955.764117][T14754] syzkaller0: entered allmulticast mode
[  955.844001][T14754] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  955.854647][T14754] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  955.882487][T14752] tipc: Resetting bearer <eth:syzkaller0>
[  955.915796][T14752] tipc: Disabling bearer <eth:syzkaller0>
[  956.132922][T14763] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  956.224897][T14763] team0: No ports can be present during mode change
[  957.663510][T14795] bridge_slave_1: left allmulticast mode
[  957.669815][T14795] bridge_slave_1: left promiscuous mode
[  957.678143][T14795] bridge0: port 2(bridge_slave_1) entered disabled state
[  957.753675][T14795] bond0: (slave bond_slave_0): Releasing backup interface
[  957.829465][T14795] bond0: (slave bond_slave_1): Releasing backup interface
[  957.923320][T14795] team0: Port device team_slave_0 removed
[  957.940200][T14795] team0: Port device team_slave_1 removed
[  957.948344][T14795] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  958.041737][T14799] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  958.054418][T14799] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  958.059867][T14796] team0: Mode changed to "loadbalance"
[  958.411552][T14804] netlink: 332 bytes leftover after parsing attributes in process `syz.4.2925'.
[  958.533909][T12092] Bluetooth: hci1: unexpected event for opcode 0x2002
[  960.986758][T14843] netlink: 'syz.7.2940': attribute type 49 has an invalid length.
[  961.333610][T12092] block nbd1: Receive control failed (result -32)
[  961.352964][T14833] block nbd1: shutting down sockets
[  961.648436][T14854] netlink: 1010 bytes leftover after parsing attributes in process `syz.1.2946'.
[  961.658190][T14854] bridge: RTM_NEWNEIGH with invalid state 0x1
[  962.099511][T14860] netlink: 324 bytes leftover after parsing attributes in process `syz.1.2949'.
[  962.124860][   T30] audit: type=1326 audit(1764327164.153:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14861 comm="syz.5.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  962.148406][   T30] audit: type=1326 audit(1764327164.153:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14861 comm="syz.5.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  962.287464][   T30] audit: type=1326 audit(1764327164.203:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14861 comm="syz.5.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  962.311090][   T30] audit: type=1326 audit(1764327164.203:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14861 comm="syz.5.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  962.334548][   T30] audit: type=1326 audit(1764327164.203:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14861 comm="syz.5.2951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90958f749 code=0x7ffc0000
[  962.462232][T14868] x_tables: duplicate underflow at hook 4
[  963.454683][T14890] Cannot find add_set index 2 as target
[  964.447329][T14908] comedi comedi0: dt2814: a I/O base address must be specified
[  964.749183][T14912] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2975'.
[  964.758619][T14912] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2975'.
[  965.645411][T14925] could not allocate digest TFM handle 
[  966.329910][T14946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2990'.
[  968.109072][T14964] could not allocate digest TFM handle 
[  968.850565][T12092] Bluetooth: hci1: unexpected event for opcode 0x0c5b
[  971.058745][T14999] could not allocate digest TFM handle 
[  971.930002][ T6153] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  972.097294][ T6153] usb 2-1: Using ep0 maxpacket: 16
[  972.117879][ T6153] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  972.128811][ T6153] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  972.138322][ T6153] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  972.147970][ T6153] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  972.271182][ T6153] usb 2-1: config 0 descriptor??
[  972.401419][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  972.410983][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  973.321702][T15011] loop1: detected capacity change from 0 to 32768
[  974.064599][T15050] netlink: 'syz.8.3037': attribute type 10 has an invalid length.
[  974.073241][T15050] netlink: 2 bytes leftover after parsing attributes in process `syz.8.3037'.
[  974.083134][T15050] team0: entered promiscuous mode
[  974.088805][T15050] team_slave_1: entered promiscuous mode
[  974.099753][T15050] 8021q: adding VLAN 0 to HW filter on device team0
[  975.105732][ T6153] usb 2-1: USB disconnect, device number 14
[  977.428236][T15090] loop1: detected capacity change from 0 to 32768
[  977.462459][T15090] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3056 (15090)
[  977.482502][T15090] BTRFS info (device loop1 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  977.494128][T15090] BTRFS info (device loop1 state S): using crc32c (crc32c-lib) checksum algorithm
[  977.564089][ T3630] BTRFS warning (device loop1 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0x5afefc99 level 0, ignored
[  977.616853][ T3630] BTRFS warning (device loop1 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x23b2bbff level 0, ignored
[  977.635115][ T3630] BTRFS warning (device loop1 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored
[  977.670366][T15090] BTRFS error (device loop1 state S): dev extent physical offset 5242880 on devid 1 length doesn't match chunk 5242880, have 1638400 expect 3298536521728
[  977.687616][T15090] BTRFS error (device loop1 state S): failed to verify dev extents against chunks: -117
[  977.842091][T15090] BTRFS error (device loop1 state S): open_ctree failed: -117
[  979.958962][T15150] fuse: Bad value for 'fd'
[  980.383652][T15164] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3085'.
[  981.171226][T15184] fuse: Bad value for 'fd'
[  982.173026][T15213] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  984.183578][T15257] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  989.467908][   T30] audit: type=1326 audit(1764327191.493:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15332 comm="syz.8.3160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7ffc0000
[  990.510063][   T30] audit: type=1326 audit(1764327191.553:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15332 comm="syz.8.3160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f21c478f749 code=0x7ffc0000
[  990.532987][   T30] audit: type=1326 audit(1764327191.553:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15332 comm="syz.8.3160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7ffc0000
[  990.555938][   T30] audit: type=1326 audit(1764327191.583:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15332 comm="syz.8.3160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f21c478f749 code=0x7ffc0000
[  990.580364][   T30] audit: type=1326 audit(1764327191.583:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15332 comm="syz.8.3160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c478f749 code=0x7ffc0000
[  993.358560][T15364] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  996.821847][T15399] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized
[  997.905598][T15424] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3200'.
[ 1000.030430][ T5806] Bluetooth: hci1: command 0x0406 tx timeout
[ 1001.390621][T15484] batman_adv: batadv0: Adding interface: dummy0
[ 1001.397392][T15484] batman_adv: batadv0: The MTU of interface dummy0 is too small (1536) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1568 would solve the problem.
[ 1001.423601][T15484] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[ 1002.049354][T15492] netlink: 72 bytes leftover after parsing attributes in process `syz.8.3234'.
[ 1002.284185][T12092] Bluetooth: hci2: unexpected event for opcode 0x1004
[ 1004.072532][T15512] tipc: Enabling of bearer <ib:wg1> rejected, failed to enable media
[ 1006.367299][T12092] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1006.376158][T12092] Bluetooth: hci2: Injecting HCI hardware error event
[ 1006.384950][T12092] Bluetooth: hci2: hardware error 0x00
[ 1008.436863][T12092] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1010.179686][T15590] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3280'.
[ 1010.210992][T15590] vlan2: entered promiscuous mode
[ 1010.216536][T15590] team0: entered promiscuous mode
[ 1011.355349][T15606] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1011.805436][T15614] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1015.785257][T15675] 9pnet_fd: Insufficient options for proto=fd
[ 1016.523470][T15689] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3320'.
[ 1016.552782][T15689] vlan0: entered promiscuous mode
[ 1017.322081][T15700] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3326'.
[ 1018.150605][T15717] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1018.249555][T12092] Bluetooth: hci0: Unknown advertising packet type: 0x35
[ 1018.249715][T12092] Bluetooth: hci0: Malformed LE Event: 0x0d
[ 1019.061399][T15729] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3338'.
[ 1019.089801][T15729] vlan3: entered promiscuous mode
[ 1019.095093][T15729] dummy0: entered promiscuous mode
[ 1019.882923][T15741] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3342'.
[ 1020.061926][T15746] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[ 1021.845691][T15785] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.3365'.
[ 1022.621909][T15802] 9pnet_fd: Insufficient options for proto=fd
[ 1028.520923][T15880] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3409'.
[ 1029.986659][T15900] batman_adv: batadv0: Removing interface: dummy0
[ 1030.019237][T15900] bond0: (slave bond_slave_0): Releasing backup interface
[ 1030.043272][T15900] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1030.106838][T15900] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1032.241755][T15936] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1032.783426][T15943] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3433'.
[ 1033.808364][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1033.815075][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1033.898153][T15969] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1034.256829][T15980] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3446'.
[ 1039.930348][T16074] 9pnet_fd: Insufficient options for proto=fd
[ 1041.521499][T16096] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3495'.
[ 1042.576912][   T30] audit: type=1800 audit(1764327244.603:327): pid=16109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3501" name="nullb0" dev="tmpfs" ino=1127 res=0 errno=0
[ 1043.033932][T16119] 9pnet_fd: Insufficient options for proto=fd
[ 1043.662265][T16130] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3509'.
[ 1043.671896][T16130] netlink: 'syz.1.3509': attribute type 7 has an invalid length.
[ 1043.680164][T16130] netlink: 'syz.1.3509': attribute type 8 has an invalid length.
[ 1043.688417][T16130] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3509'.
[ 1043.714456][T16130] erspan0: entered promiscuous mode
[ 1043.724520][T16130] gretap0: entered promiscuous mode
[ 1043.747321][T16130] erspan0: left promiscuous mode
[ 1043.759433][T16130] gretap0: left promiscuous mode
[ 1044.980245][T16149] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1045.060997][T16149] 8021q: adding VLAN 0 to HW filter on device macvlan3
[ 1046.221454][T16169] 9pnet_fd: Insufficient options for proto=fd
[ 1050.801795][T16226] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1051.460499][T16233] fuse: Bad value for 'fd'
[ 1051.468762][T16234] 9pnet_fd: Insufficient options for proto=fd
[ 1052.936962][T16247] macvtap1: entered allmulticast mode
[ 1052.942601][T16247] erspan0: entered allmulticast mode
[ 1053.145247][T16247] erspan0: left allmulticast mode
[ 1053.690431][T16259] team0: left promiscuous mode
[ 1053.695481][T16259] team_slave_1: left promiscuous mode
[ 1053.842919][T16261] fuse: Bad value for 'fd'
[ 1056.324563][T16299] fuse: Bad value for 'fd'
[ 1057.867399][T16312] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1060.588301][T16351] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1061.116750][   T30] audit: type=1326 audit(1764327263.143:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[ 1061.182446][   T30] audit: type=1326 audit(1764327263.183:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[ 1061.205918][   T30] audit: type=1326 audit(1764327263.183:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd4bb12b829 code=0x7ffc0000
[ 1061.229256][   T30] audit: type=1326 audit(1764327263.183:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[ 1061.252193][   T30] audit: type=1326 audit(1764327263.193:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd4bb12b829 code=0x7ffc0000
[ 1061.275934][   T30] audit: type=1326 audit(1764327263.203:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd4bb12b829 code=0x7ffc0000
[ 1061.299043][   T30] audit: type=1326 audit(1764327263.203:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd4bb12b829 code=0x7ffc0000
[ 1061.321773][   T30] audit: type=1326 audit(1764327263.203:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[ 1061.345692][   T30] audit: type=1326 audit(1764327263.213:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd4bb12b829 code=0x7ffc0000
[ 1061.368675][   T30] audit: type=1326 audit(1764327263.213:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16355 comm="syz.7.3601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4bb18f749 code=0x7ffc0000
[ 1063.271905][T16388] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1064.191990][T16399] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1064.420572][T16399] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1066.958805][T16425] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1067.312883][T16431] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3630'.
[ 1067.341811][T16431] macvlan2: entered promiscuous mode
[ 1067.347614][T16431] bond0: entered promiscuous mode
[ 1067.355437][T16431] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1068.746927][T16452] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1071.246900][T16476] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1072.328515][T16485] tipc: New replicast peer: 255.255.255.255
[ 1072.336849][T16485] =====================================================
[ 1072.344259][T16485] BUG: KMSAN: uninit-value in xfrm_state_find+0x2424/0xa940
[ 1072.351946][T16485]  xfrm_state_find+0x2424/0xa940
[ 1072.357387][T16485]  xfrm_resolve_and_create_bundle+0xabc/0x58a0
[ 1072.363808][T16485]  xfrm_lookup_with_ifid+0xaed/0x3ac0
[ 1072.369722][T16485]  xfrm_lookup_route+0x63/0x2b0
[ 1072.374820][T16485]  ip_route_output_flow+0x1ce/0x270
[ 1072.380411][T16485]  tipc_udp_xmit+0x269/0xbc0
[ 1072.385348][T16485]  tipc_udp_send_msg+0x357/0x5c0
[ 1072.390764][T16485]  tipc_bearer_xmit_skb+0x39e/0x4b0
[ 1072.396488][T16485]  __tipc_nl_bearer_enable+0x27ac/0x2a00
[ 1072.402358][T16485]  tipc_nl_bearer_enable+0x3d/0x70
[ 1072.407948][T16485]  genl_family_rcv_msg_doit+0x338/0x3f0
[ 1072.413818][T16485]  genl_rcv_msg+0xacf/0xc10
[ 1072.418770][T16485]  netlink_rcv_skb+0x54d/0x680
[ 1072.423788][T16485]  genl_rcv+0x41/0x60
[ 1072.428225][T16485]  netlink_unicast+0xf04/0x12b0
[ 1072.433312][T16485]  netlink_sendmsg+0x10b3/0x1250
[ 1072.438846][T16485]  __sock_sendmsg+0x333/0x3d0
[ 1072.443741][T16485]  ____sys_sendmsg+0x7e0/0xd80
[ 1072.449058][T16485]  ___sys_sendmsg+0x271/0x3b0
[ 1072.453988][T16485]  __x64_sys_sendmsg+0x211/0x3e0
[ 1072.459471][T16485]  x64_sys_call+0x1dfd/0x3e30
[ 1072.464397][T16485]  do_syscall_64+0xd9/0xfa0
[ 1072.469310][T16485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1072.475440][T16485] 
[ 1072.478102][T16485] Local variable tmp.i.i created at:
[ 1072.483592][T16485]  xfrm_resolve_and_create_bundle+0x3a7/0x58a0
[ 1072.490195][T16485]  xfrm_lookup_with_ifid+0xaed/0x3ac0
[ 1072.495813][T16485] 
[ 1072.498530][T16485] CPU: 0 UID: 0 PID: 16485 Comm: syz.5.3648 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[ 1072.509968][T16485] Tainted: [W]=WARN
[ 1072.513896][T16485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1072.524365][T16485] =====================================================
[ 1072.531606][T16485] Disabling lock debugging due to kernel taint
[ 1072.538072][T16485] Kernel panic - not syncing: kmsan.panic set ...
[ 1072.544670][T16485] CPU: 0 UID: 0 PID: 16485 Comm: syz.5.3648 Tainted: G    B   W           syzkaller #0 PREEMPT(none) 
[ 1072.555870][T16485] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1072.561029][T16485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1072.571253][T16485] Call Trace:
[ 1072.574674][T16485]  <TASK>
[ 1072.577739][T16485]  __dump_stack+0x26/0x30
[ 1072.582318][T16485]  dump_stack_lvl+0x53/0x270
[ 1072.587182][T16485]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1072.593247][T16485]  dump_stack+0x1e/0x25
[ 1072.597641][T16485]  vpanic+0x435/0xd30
[ 1072.601881][T16485]  panic+0x15d/0x160
[ 1072.606074][T16485]  kmsan_report+0x31c/0x320
[ 1072.610806][T16485]  ? __msan_warning+0x1b/0x30
[ 1072.615681][T16485]  ? xfrm_state_find+0x2424/0xa940
[ 1072.620996][T16485]  ? xfrm_resolve_and_create_bundle+0xabc/0x58a0
[ 1072.627593][T16485]  ? xfrm_lookup_with_ifid+0xaed/0x3ac0
[ 1072.633479][T16485]  ? xfrm_lookup_route+0x63/0x2b0
[ 1072.638804][T16485]  ? ip_route_output_flow+0x1ce/0x270
[ 1072.644436][T16485]  ? tipc_udp_xmit+0x269/0xbc0
[ 1072.649425][T16485]  ? tipc_udp_send_msg+0x357/0x5c0
[ 1072.654762][T16485]  ? tipc_bearer_xmit_skb+0x39e/0x4b0
[ 1072.660369][T16485]  ? __tipc_nl_bearer_enable+0x27ac/0x2a00
[ 1072.666437][T16485]  ? tipc_nl_bearer_enable+0x3d/0x70
[ 1072.671961][T16485]  ? genl_family_rcv_msg_doit+0x338/0x3f0
[ 1072.677923][T16485]  ? genl_rcv_msg+0xacf/0xc10
[ 1072.682823][T16485]  ? netlink_rcv_skb+0x54d/0x680
[ 1072.688018][T16485]  ? genl_rcv+0x41/0x60
[ 1072.692388][T16485]  ? netlink_unicast+0xf04/0x12b0
[ 1072.697627][T16485]  ? netlink_sendmsg+0x10b3/0x1250
[ 1072.702975][T16485]  ? __sock_sendmsg+0x333/0x3d0
[ 1072.707996][T16485]  ? ____sys_sendmsg+0x7e0/0xd80
[ 1072.713143][T16485]  ? ___sys_sendmsg+0x271/0x3b0
[ 1072.718203][T16485]  ? __x64_sys_sendmsg+0x211/0x3e0
[ 1072.723533][T16485]  ? x64_sys_call+0x1dfd/0x3e30
[ 1072.728589][T16485]  ? do_syscall_64+0xd9/0xfa0
[ 1072.733548][T16485]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1072.739888][T16485]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1072.745901][T16485]  ? xfrm_state_find+0x181/0xa940
[ 1072.751179][T16485]  ? filter_irq_stacks+0x49/0x190
[ 1072.756444][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1072.761742][T16485]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1072.767746][T16485]  ? __xfrm_dst_hash+0x2e9/0x5b0
[ 1072.772880][T16485]  __msan_warning+0x1b/0x30
[ 1072.777552][T16485]  xfrm_state_find+0x2424/0xa940
[ 1072.782698][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1072.787996][T16485]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[ 1072.794600][T16485]  ? dst_release+0x1cb/0x340
[ 1072.799426][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1072.804736][T16485]  xfrm_resolve_and_create_bundle+0xabc/0x58a0
[ 1072.811120][T16485]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[ 1072.817791][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1072.823109][T16485]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1072.829262][T16485]  ? xfrm_expand_policies+0x38d/0x760
[ 1072.834843][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1072.840143][T16485]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1072.846158][T16485]  xfrm_lookup_with_ifid+0xaed/0x3ac0
[ 1072.851789][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1072.857095][T16485]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1072.863106][T16485]  xfrm_lookup_route+0x63/0x2b0
[ 1072.868169][T16485]  ip_route_output_flow+0x1ce/0x270
[ 1072.873577][T16485]  tipc_udp_xmit+0x269/0xbc0
[ 1072.878373][T16485]  ? __pskb_copy_fclone+0x114a/0x14d0
[ 1072.883967][T16485]  ? tipc_udp_xmit+0x41/0xbc0
[ 1072.888853][T16485]  tipc_udp_send_msg+0x357/0x5c0
[ 1072.893994][T16485]  ? __pfx_tipc_udp_send_msg+0x10/0x10
[ 1072.899658][T16485]  tipc_bearer_xmit_skb+0x39e/0x4b0
[ 1072.905062][T16485]  __tipc_nl_bearer_enable+0x27ac/0x2a00
[ 1072.910949][T16485]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[ 1072.917534][T16485]  tipc_nl_bearer_enable+0x3d/0x70
[ 1072.922842][T16485]  ? __pfx_tipc_nl_bearer_enable+0x10/0x10
[ 1072.928834][T16485]  genl_family_rcv_msg_doit+0x338/0x3f0
[ 1072.934620][T16485]  genl_rcv_msg+0xacf/0xc10
[ 1072.939326][T16485]  ? __pfx_tipc_nl_bearer_enable+0x10/0x10
[ 1072.945399][T16485]  netlink_rcv_skb+0x54d/0x680
[ 1072.950430][T16485]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1072.955658][T16485]  genl_rcv+0x41/0x60
[ 1072.959799][T16485]  ? __pfx_genl_rcv+0x10/0x10
[ 1072.964743][T16485]  netlink_unicast+0xf04/0x12b0
[ 1072.969856][T16485]  netlink_sendmsg+0x10b3/0x1250
[ 1072.975054][T16485]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1072.980590][T16485]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1072.986096][T16485]  __sock_sendmsg+0x333/0x3d0
[ 1072.990960][T16485]  ____sys_sendmsg+0x7e0/0xd80
[ 1072.996068][T16485]  ___sys_sendmsg+0x271/0x3b0
[ 1073.001097][T16485]  ? __rcu_read_unlock+0x6d/0xd0
[ 1073.006235][T16485]  ? __fget_files+0x3b4/0x4a0
[ 1073.011113][T16485]  ? __fget_files+0x3b9/0x4a0
[ 1073.015999][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1073.021352][T16485]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1073.027395][T16485]  __x64_sys_sendmsg+0x211/0x3e0
[ 1073.032584][T16485]  ? kmsan_get_metadata+0xfb/0x160
[ 1073.037888][T16485]  x64_sys_call+0x1dfd/0x3e30
[ 1073.042774][T16485]  do_syscall_64+0xd9/0xfa0
[ 1073.047499][T16485]  ? irqentry_exit+0x16/0x60
[ 1073.052292][T16485]  ? clear_bhb_loop+0x40/0x90
[ 1073.057164][T16485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1073.063250][T16485] RIP: 0033:0x7fd90958f749
[ 1073.067885][T16485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1073.087676][T16485] RSP: 002b:00007fd90a359038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1073.096290][T16485] RAX: ffffffffffffffda RBX: 00007fd9097e5fa0 RCX: 00007fd90958f749
[ 1073.104422][T16485] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[ 1073.112616][T16485] RBP: 00007fd909613f91 R08: 0000000000000000 R09: 0000000000000000
[ 1073.120719][T16485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1073.128837][T16485] R13: 00007fd9097e6038 R14: 00007fd9097e5fa0 R15: 00007ffebc24f0f8
[ 1073.137008][T16485]  </TASK>
[ 1073.140544][T16485] Kernel Offset: disabled
[ 1073.144949][T16485] Rebooting in 86400 seconds..