last executing test programs:

15m22.759920416s ago: executing program 0 (id=218):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file1\x00', 0x80000, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0/file3\x00', 0x0)

15m21.432359333s ago: executing program 0 (id=223):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000280)="fb", 0x1}], 0x1)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000140)={0x1, 0x9}, 0x8)
close(r1)
exit(0xffff)

15m20.456490789s ago: executing program 0 (id=235):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1000)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x40000073, 0x0, 0x81}]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x75, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15m19.960213848s ago: executing program 0 (id=239):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000400)={[{@fat=@quiet}, {@shortname_winnt}, {@rodir}, {@fat=@discard}, {@fat=@flush}, {@shortname_winnt}, {@numtail}, {@fat=@dmask={'dmask', 0x3d, 0x100}}, {@fat=@tz_utc}, {@uni_xlate}, {@utf8no}, {@shortname_winnt}]}, 0x0, 0x274, &(0x7f0000000a00)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000240)=0x3)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, 0x0, 0x0)

15m19.618304888s ago: executing program 0 (id=241):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x4, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x28}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)
r5 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})

15m19.081995089s ago: executing program 0 (id=246):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='^](*\r\\!\x00', &(0x7f0000000500)='{:\'@-\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000001c0)='\xe6\xd2=(L\x9f\x1c&\xda\xfa\xf3}\x18\xdckL<\xa5-#\xc8\xb7\x98\f\x87\xcf', &(0x7f0000000540)="82", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b80)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG<v\xb8\x18\x80\xe1Kf\xf8R\xdd\x06\xe8\xfbl\v\xb0\xdd\x05\x05\xd8\xdb\xfd`\xf9\xf8\x915\b\x8c\xad\xc8\x9d=\xfeN\x8b\x1eR\x1e\xf8\x9dn\x19H\xd2aE\xa0\x06\xb0Yv\xf9^\x8c\x8f\xc3\xa5\x985\x85U\x8cZ/\'\xbd\xe2\xdc\xe3\xb9\x8e$Z\xef\xa8\xe5(Mt\xd3\xd9\xf6X\x1a\x9b\t$N\xd0U\xe2z\xeb\x01\x80!0\xe8\xc3\xce\xf8\x03\xde\x92s\xf9', &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='^,/\x00', &(0x7f0000000a80)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='fuseblk\x00', 0x0, r0)

15m18.768578547s ago: executing program 32 (id=246):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='^](*\r\\!\x00', &(0x7f0000000500)='{:\'@-\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000001c0)='\xe6\xd2=(L\x9f\x1c&\xda\xfa\xf3}\x18\xdckL<\xa5-#\xc8\xb7\x98\f\x87\xcf', &(0x7f0000000540)="82", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b80)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG<v\xb8\x18\x80\xe1Kf\xf8R\xdd\x06\xe8\xfbl\v\xb0\xdd\x05\x05\xd8\xdb\xfd`\xf9\xf8\x915\b\x8c\xad\xc8\x9d=\xfeN\x8b\x1eR\x1e\xf8\x9dn\x19H\xd2aE\xa0\x06\xb0Yv\xf9^\x8c\x8f\xc3\xa5\x985\x85U\x8cZ/\'\xbd\xe2\xdc\xe3\xb9\x8e$Z\xef\xa8\xe5(Mt\xd3\xd9\xf6X\x1a\x9b\t$N\xd0U\xe2z\xeb\x01\x80!0\xe8\xc3\xce\xf8\x03\xde\x92s\xf9', &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='^,/\x00', &(0x7f0000000a80)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='fuseblk\x00', 0x0, r0)

14m1.622984973s ago: executing program 5 (id=633):
mkdir(&(0x7f0000000040)='./file1\x00', 0xb4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x9)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x100, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

14m1.284373523s ago: executing program 5 (id=636):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}]}, &(0x7f00000002c0)=0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r4}}], 0x20, 0x2400e044}, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000040)={0x8, 0xce, 0x0, 0x4, 0x3, 0x7, 0x81, 0x0, r4}, &(0x7f0000000080)=0x20)

14m0.279947801s ago: executing program 5 (id=645):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)

14m0.102518071s ago: executing program 5 (id=646):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x10}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0xfffffff7)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x111240, 0xa)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {}, [], {}, [], {0x10, 0x5}}, 0x24, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
chdir(&(0x7f0000000240)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)

13m59.319843447s ago: executing program 5 (id=648):
pipe(&(0x7f0000019480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000180)="eb", 0x1}], 0x1, 0x1)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002f00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000c00)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
clock_gettime(0x0, 0x0)
splice(r0, 0x0, r1, 0x0, 0x10500, 0x0)

13m55.632077721s ago: executing program 5 (id=657):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r4}]}, 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newnexthop={0x24, 0x68, 0x1, 0x3, 0x80000004, {}, [@NHA_GROUP={0xc, 0x2, [{0x2, 0xfa}]}]}, 0x24}}, 0x4000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@getnexthop={0x18, 0x76, 0xb0d, 0x4000, 0x0, {0x3}}, 0x18}}, 0x0)

13m55.255704673s ago: executing program 33 (id=657):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r4}]}, 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newnexthop={0x24, 0x68, 0x1, 0x3, 0x80000004, {}, [@NHA_GROUP={0xc, 0x2, [{0x2, 0xfa}]}]}, 0x24}}, 0x4000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@getnexthop={0x18, 0x76, 0xb0d, 0x4000, 0x0, {0x3}}, 0x18}}, 0x0)

13m29.95700132s ago: executing program 1 (id=735):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000ec0)=@base={0x5, 0x7fff, 0x5, 0x7}, 0x48)

13m28.709104562s ago: executing program 1 (id=741):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000100)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0xa00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xe42, 0x9, 0xfffffffffffffffb, 0x5, 0x10000, 0x3, 0x4002004c2, 0x100000007ff, 0x1, 0x0, 0x10000000000400, 0x80, 0x8b, 0x0, 0x8, 0x8b], 0x58000, 0x240046})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13m27.89316558s ago: executing program 1 (id=743):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x3}, &(0x7f0000000340), 0xf2, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={'sha1\x00'}})

13m26.844045741s ago: executing program 1 (id=746):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x4000, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000000)='./bus\x00', 0x0, 0x63d017, 0x0)
write$FUSE_ENTRY(r0, &(0x7f00000010c0)={0x90, 0x0, 0x0, {0x4, 0x2, 0xfffffffffffffeff, 0x3ff, 0xfffffc00, 0xffffff7e, {0x4, 0x174d, 0x0, 0xfffffffffffffff7, 0x0, 0xffffffffffffffff, 0xbc, 0x4, 0x10001, 0x1000, 0xe3, 0x0, 0x0, 0xfe1, 0x7fff}}}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0xe, &(0x7f0000001740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000040), 0x10, 0xffffffffffffffff}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x61)
quotactl$Q_QUOTAON(0xffffffff80000201, 0x0, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000300)={@desc={0x1, 0x0, @desc3}})

13m26.055918226s ago: executing program 1 (id=753):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010003b15fd070000f3dbdf", @ANYBLOB="0000000002b401002400128009000100626f"], 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x3, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x10000, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x1, 0x4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x8, 0xa8d2, 0x1f, 0x0, 0xffffffffffffffff, 0x9, 0x8e04], 0x0, 0xc5101})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13m23.313149165s ago: executing program 1 (id=763):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r0, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000b40)={r0, &(0x7f0000000080), 0x0}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @random="000000000100"})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

13m22.483807684s ago: executing program 34 (id=763):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r0, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000b40)={r0, &(0x7f0000000080), 0x0}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @random="000000000100"})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

2m35.655570701s ago: executing program 7 (id=3172):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000080), &(0x7f00000000c0), 0x0)
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000100), &(0x7f0000000140), 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
write(r2, &(0x7f0000000180)="01010101", 0x4)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000001c0), &(0x7f0000000200), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000280), &(0x7f00000002c0), 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000340), &(0x7f0000000380), 0x0)

2m34.684839197s ago: executing program 7 (id=3177):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x200000, 0x13b)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0x52, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0xffffffffffffffff, &(0x7f0000000080)=0xfffffffffffffec4)

2m32.929328369s ago: executing program 7 (id=3183):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x9, 0x4, 0x4, 0x7ff}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0xce4, r3}, 0x38)

2m30.692865769s ago: executing program 7 (id=3188):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r1, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64=r0], 0x38}}, 0x10)
getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000240), 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r2)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r3, 0x701, 0x4}, 0x14}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002200000085000000050000009500000000000000c3492895246348bf79855db116f785cc6b65"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f4305", 0x0, 0x6f12, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = epoll_create(0x100)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
unshare(0x600)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000380)={0x90000004})

2m29.726663276s ago: executing program 7 (id=3192):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@delchain={0x24, 0x64, 0x425, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff2}, {}, {0xa, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x40)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff3}, {}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

2m29.575677734s ago: executing program 7 (id=3194):
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'syzkaller0\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x2}]}}]}, 0x40}}, 0x0)
r1 = getpgid(0x0)
r2 = syz_pidfd_open(r1, 0x0)
r3 = pidfd_getfd(r2, r2, 0x0)
setns(r3, 0x66020000)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
umount2(&(0x7f0000000040)='.\x00', 0x2)

2m14.135355802s ago: executing program 35 (id=3194):
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'syzkaller0\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x2}]}}]}, 0x40}}, 0x0)
r1 = getpgid(0x0)
r2 = syz_pidfd_open(r1, 0x0)
r3 = pidfd_getfd(r2, r2, 0x0)
setns(r3, 0x66020000)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
umount2(&(0x7f0000000040)='.\x00', 0x2)

14.300854919s ago: executing program 3 (id=3511):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(0x0, 0xffff0000, 0x2842)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0)
pipe(&(0x7f0000000d00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
syz_open_dev$radio(&(0x7f0000000100), 0x0, 0x2)
sendmmsg$inet(r4, &(0x7f0000000500)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='p'], 0x70}}], 0x1, 0x2000c044)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r7], 0x20}}, 0x0)
write$binfmt_misc(r2, &(0x7f0000000240), 0xfffffecc)
splice(r1, 0x0, r3, 0x0, 0x714f, 0x0)

11.606354715s ago: executing program 8 (id=3515):
syz_open_dev$usbmon(&(0x7f0000000300), 0x7, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x40, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}})

11.539430939s ago: executing program 6 (id=3516):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000002c0)=0x4)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmsg$unix(r2, &(0x7f00000030c0)={&(0x7f0000002e80), 0x6e, 0x0}, 0x101)
socket$pppl2tp(0x18, 0x1, 0x1)
recvmmsg(r3, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f00000003c0)=""/152, 0x98}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x3}}], 0x7, 0x0, 0x0)
getrlimit(0x4, 0x0)

10.439074973s ago: executing program 6 (id=3519):
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x30c407a, 0x0, 0x1, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000340)={0x0, 0x0})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000025c0)=ANY=[], 0x3, 0x1a1, &(0x7f00000000c0)="$eJzs271rU18YB/AnzW3T8PuBncXhgItTUCdHRSqIAd/IoJNCFaGVgl2iU/QvcfXfEhwF6dRBOKKn9M3otSa9V9rPZ8lDvueePCdvl3PhPrnwcn1tc+v55r3tWO50oroeKXY6sRIL0Y1iEgDAabKTc3zJOefeJPrvI+d8ZEC/pcYAgBNTe/4HAE6d2vP/tYh4W8pPS210CADMm/0/AJw9Dx89vnNjOFx9kNJyxOfJeDQelceS37o9XL2cfljZP2p7PB519/IrJU+H88WodvOrU/OluHSx5KmX0s27C3E4/y/WTnz1AAAAcDYM0p6p+/vB4Fd5qQ5cHziyv6/ifNXYMgCAY9h6/Wb96cbGs1c1xf9RN6b6o3mOUZzbbXFuEzZWdBt5rfsvovZDma3oxT/wZtYXX3POf3H4uw/l+zV9TL/hVXzslG7mNOH32Wabp7W/JKAh+z/6A0/2WmwIAAAAAAAAAAAAAAD4ye9vA1qc8S6ibtvLAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKm+BQAA///+c0Oa")
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r2, 0x1, 0x19, &(0x7f0000006080)=""/241, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

10.406217105s ago: executing program 8 (id=3520):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, 0x0, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

10.405618285s ago: executing program 3 (id=3521):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_extract_tcp_res$synack(&(0x7f00000002c0), 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000000340))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = mq_open(&(0x7f0000000200)='!se\xf7ih,\x17i\xeb-\xed\xacP\xe6lNn\x00xseqinux\x10', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)

8.755239161s ago: executing program 4 (id=3522):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000000002}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000000000000000004000000033"], 0x13c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040880)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

8.572980242s ago: executing program 8 (id=3523):
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x111, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e28, 0x711, @loopback, 0x206}, {0xa, 0x4e21, 0x0, @empty, 0x8}, r4, 0x8}}, 0x48)

7.687589573s ago: executing program 4 (id=3524):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'bond0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}})
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000340), 0x8101, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r2, 0x942e, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000400)={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'lo\x00'}}, 0x1e)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000100)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r4, 0x80047437, &(0x7f0000000080))
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r5, 0x40047438, 0x0)
ioctl$PPPIOCBRIDGECHAN(r5, 0x40047435, 0x0)
sendmmsg(r4, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

7.456653797s ago: executing program 2 (id=3525):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000c40)=@mangle={'mangle\x00', 0x2, 0x6, 0x520, 0x370, 0x370, 0x0, 0xd0, 0x370, 0x450, 0x450, 0x450, 0x450, 0x450, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0xff, 0xff000000], [0x0, 0xff000000], 'syzkaller0\x00', 'pimreg0\x00', {0xff}, {}, 0x0, 0x2}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff, 0x8, 0x7}, {}, 0x2}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3ff}}}, {{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0x0, 0xff], [], 'bond_slave_1\x00', 'pim6reg1\x00', {0xff}}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4, 0x0, 0x2b}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [0xffffff00, 0xffffffff, 0xff000000], [0xffffffff, 0xffffffff, 0x0, 0xffffffff], 'geneve1\x00', 'team_slave_1\x00', {0xff}, {}, 0x32, 0x9, 0x1, 0x40}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x24, 0x1}, {0x4, 0x4}, {0x2, 0x5, 0x5}, 0x4, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x580)

7.317273795s ago: executing program 6 (id=3526):
syz_emit_vhci(&(0x7f00000000c0)=ANY=[], 0x12)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xbc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'ip6gre0\x00', 0x0, 0x29, 0x1, 0xc, 0x1ff, 0x64, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00', 0x8700, 0x8000, 0x0, 0x7}})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000340)={'wg0\x00', <r5=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000001180)={0x0, 0x21, &(0x7f0000001140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="78030000", @ANYRES16=r3, @ANYBLOB="37040000000000000000010000005c03088030000080060005000000000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39223400008004000980060005000080000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922f4020080cc02098034000080060001000200000008000200ac1414aa0500030003000000060001000200000008000200640101010500030000000000a0000080060001000a00000014000200000000000000000000000000000000000500030003000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000200000008000200ac1414bb0500030002000000060001000200000008000200e00000010500030000000000060001000a00000014000200fe80000000000000000000000000003305000300020000001c000080060001000200000008000200ac1414bb050003000200000028000080060001000a00000014000200fc000000000000000000000000000001050003000000000034000080060001000200000008000200ac1414bb0500030003000000060001000200000008000204e0000002050003000000000088000080060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe80000000000000000000000000002e0500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200e00000020500030001000000f4000080060001000a00000014000200fe80000000000000000000000000002f0500030003000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200e00000010500030001000000060001000a00000014000200200100000000000000000000000000010500030001000000060001000200000008000200ac1414300500030000000000060001000200000008000200ac1e00010500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fc010000000000000000000000000000050003000200000024000100000000000000000000000000000000000000000000000000000000000000000008000100", @ANYRES32=r5], 0x378}}, 0x0)

7.173424353s ago: executing program 8 (id=3527):
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYRESHEX=0x0, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2ed, &(0x7f00000004c0)="$eJzs3L9PE2EYwPGHtpS2BMpgNJoY3uiiywWqs9IYSIxNJEiNPxKTA67a9GzJXYOpMaKTq/GPcCCMbCTKP8DipouLG4uJgwzGM73eUSgHaFtahO8nIfdwz/vcvW9ayPM2bTfuvX1ayNlaTi9LKKakR0RkU2RIQuLr8Y4hN47Kdq/kcv+Pz+fv3H9wK53JjE8pNZGevpJSSg0Of3j2Iu4NW+2T9aFHG99T39ZPr5/d+D39JG+rvK2KpbLS1Uzpa1mfMQ01l7cLmlKTpqHbhsoXbcOq5Uu1fM4szc9XlF6cG0jMW4ZtK71YUQWjosolVbYqKvxYzxeVpmlqICE4SHZpakpPN1k82+bJ4JBYVloPi0h8Vya71JUJAQCArmrs/0Oi2tn/L19YK/ffXRn0+v/VaFD/f/VL7Vo7+v+YiAT2//79A/t//d/6/90d0cnSUv+Po2E4uutUTz2sJq20nvD+fl2vHy6PuAH9PwAAAAAAAAAAAAAAAAAAAAAA/4NNx0k6jpP0j/5Pn4jERMT/PaA0LCLXuzBltFELjz+OgfoH9yKDIuabhexCtnb0BqyJiCmGjEhSfrnPB0819j95pKqG5KO56NUvLmTDbiadk7xbPyrJXmmsd5yJm5nxUVWzs75XEtvrU5KUU8H1qcD6qFy6uK1ek6R8mpWSmDLnzqNe/3JUqRu3Mw31cXccAAAAAADHgaa2BO7fNW2vfK1+a3/d+PpAuL6/Hgncn0fkXKS7awcAAAAA4KSwK88Lumka1j5BXA4e03wQCU5FRaSlK/sr/Nsq/70Mh7fSfQL/5jtSMe9kW+8l3tfDtnidkDRTNVxdjWp1Ff7LRnuNkcmxzj+CbnDm3fuf7bvgtZXYASttPgjv/wTo7dg/IAAAAAAdU2/6/TNj3Z0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnUCe+Ha3bawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOij8BAAD//+MBA4I=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
chdir(0x0)
syz_open_procfs(0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x2, 0x1, 0x4, 0x0, 0x1}, 0x20)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40000)

6.326195872s ago: executing program 2 (id=3528):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@bridge_newneigh={0x28, 0x1c, 0x401, 0x70bd2c, 0x25dfdbff, {0x7, 0x0, 0x0, r3, 0x40, 0x0, 0xb}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}, 0x1, 0x0, 0x0, 0xc880}, 0x840)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000b40)={0x44, r5, 0x1, 0x70bd2c, 0x25dfd9ff, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x818}, 0x20000004)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x60, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x37c13, 0x51a23}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @loopback={0x0, 0xfffffffffffffffe}}, @IFLA_GRE_LOCAL={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @empty}}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x20040000)

6.325970872s ago: executing program 4 (id=3529):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6)
getcwd(0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_delroute={0x44, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x2, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_ID={0xc, 0x1, 0x4}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x1}]}, 0x44}}, 0x0)

6.266240986s ago: executing program 6 (id=3530):
mkdir(0x0, 0xfffffffffffffffe)
mkdir(0x0, 0x81)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendmsg$rds(r3, &(0x7f0000003740)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000bc0)=[@rdma_args={0x48, 0x114, 0x1, {{0x2, 0x2}, {0x0}, &(0x7f0000000b80)=[{&(0x7f0000000a00)=""/43, 0x2b}], 0x1, 0x40, 0xd}}], 0x48, 0x90}, 0x0)

5.00045152s ago: executing program 3 (id=3531):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r3, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e22, 0x80000, @mcast1}, 0x1c, 0x0}, 0x0)

4.881786176s ago: executing program 2 (id=3532):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, 0x80001}, 0x1c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f000000e0c0), 0x10010)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newsa={0x160, 0x10, 0x1, 0x8000000, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x5680000000}, {0x10, 0x9, 0x2}, 0x0, 0x0, 0x2, 0x1}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xfffffffe}, @replay_esn_val={0x20, 0x17, {0x1, 0x70bd2b, 0x70bd25, 0x70bd2d, 0x70bd2d, 0x6, [0x57054dd1]}}]}, 0x160}}, 0x0)

4.077728573s ago: executing program 4 (id=3533):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000dc0), 0xffffffffffffffff)
sendmsg$SMC_PNETID_GET(r0, 0x0, 0x8010)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0)

4.025250436s ago: executing program 6 (id=3534):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r4, &(0x7f0000000040)={0x23, 0x1, 0x9, 0xfe}, 0x10)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40012122, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
open_tree(0xffffffffffffffff, 0x0, 0x1000)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x190, 0x300, 0x140, 0x800, 0x3ff, 0x0, 0x0, 0x0, {0x4, 0x2}, {0xfffffffd, 0xfffffff7}, {0x0, 0x4}, {0x0, 0xfffffffa, 0x8}, 0x1, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, 0x7, 0x0, 0x0, 0x69, 0x34, 0x100, 0x3, 0xc})

3.875753615s ago: executing program 3 (id=3535):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
r3 = ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e24, @rand_addr=0x64010103}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r4, 0x84, 0x78, &(0x7f00000000c0)=r5, 0x4)

3.875362245s ago: executing program 4 (id=3536):
dup(0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22}, 0x50)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0xe5, 0x4)
listen(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000840)={r0, &(0x7f0000000240), &(0x7f0000000080)=@tcp=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000900)={r0, 0x0}, 0x20)

3.753973532s ago: executing program 8 (id=3537):
sendmmsg$unix(0xffffffffffffffff, &(0x7f000006aac0)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000480)="d646aff0929db910656dfda88d75bcab7ddfe921edcf42949cb0c5a60442b801deedd823380ffc773531", 0x2a}], 0x1, 0x0, 0x0, 0xc0c4}}], 0x1, 0x4000000)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x10, 0xa9, 0xd, 0x4, 0xff, 0x4, 0x8, 0x9, 0xa, 0x2, 0x29, 0x5, 0x3, 0xff}, 0xe)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f00000000c0)={0x0, 0xc06a}, 0x8)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10)
bind$tipc(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x30, r4, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x0, 0x8}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x9004)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="54f800002d751ca447e8efdac9c79d962c04619cf36eccd055892604d8e3e54c8afe52231be6e1ba4c2fac3a9828e2dfd6228b83e1ddc76b90b05124c4a928fb49e3c64e0ad18d27b7df675f501a7754614fbc5ec655967013982a609f30c2cfd4803a131afc1270323fab0986ef55038849acb353a6365e6de9513196d31d5260085505f3d47410b6112caa41fd3a5c9bf4df931e77f207ce754d0a5395bac20efeaefa8dd2ba37f6d344ceff9be6e89dc6ab527c4d2294b2a4d25b4471684ccd0186042e3054d84d6e9b50235130959b321fea", @ANYRES16, @ANYBLOB="0100feffffff0000010017000000400006802300040067636d286165732900000000000000000000000000000000000000000000000014000000e3de3d7b4cd07ec3ee777de774fc7987cca41989"], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2.524626023s ago: executing program 2 (id=3538):
syz_io_uring_setup(0xa0, 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x4)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41000}, 0x94)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0xf5)

2.516702794s ago: executing program 6 (id=3539):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x41, 0x3, 0x200, 0x0, 0x0, 0x0, 0x120, 0x0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@private, @remote, 0x0, 0x0, 'wlan1\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x0, 0xffffffffa0028000}}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@broadcast, @private, 0x0, 0x0, 'veth1_to_team\x00', 'sit0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x260)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x2042, 0x19d)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r4 = fanotify_init(0xf00, 0x1000)
fanotify_mark(r4, 0x105, 0x10000839, r3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
readv(r4, &(0x7f0000000c40)=[{&(0x7f0000000500)=""/169, 0xffffffa0}], 0x1)

2.510480104s ago: executing program 3 (id=3540):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000c40)=@mangle={'mangle\x00', 0x2, 0x6, 0x520, 0x370, 0x370, 0x0, 0xd0, 0x370, 0x450, 0x450, 0x450, 0x450, 0x450, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0xff, 0xff000000], [0x0, 0xff000000], 'syzkaller0\x00', 'pimreg0\x00', {0xff}, {}, 0x0, 0x2}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff, 0x8, 0x7}, {}, 0x2}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3ff}}}, {{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0x0, 0xff], [], 'bond_slave_1\x00', 'pim6reg1\x00', {0xff}}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4, 0x0, 0x2b}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [0xffffff00, 0xffffffff, 0xff000000], [0xffffffff, 0xffffffff, 0x0, 0xffffffff], 'geneve1\x00', 'team_slave_1\x00', {0xff}, {}, 0x32, 0x9, 0x1, 0x40}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x24, 0x1}, {0x4, 0x4}, {0x2, 0x5, 0x5}, 0x4, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x580)

2.510090054s ago: executing program 4 (id=3541):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = creat(&(0x7f0000000340)='./bus\x00', 0x182)
fallocate(r3, 0x0, 0x100000000, 0x2000402)
r4 = fsopen(&(0x7f0000000bc0)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0)

2.358307763s ago: executing program 2 (id=3542):
dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_io_uring_setup(0x7d1d, &(0x7f0000000700)={0x0, 0x100577, 0x2, 0x3, 0x42}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x2, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0}, 0x20)

1.096377406s ago: executing program 8 (id=3543):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x2a, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000005000000003a00000008000300", @ANYRES32=r4, @ANYBLOB="05005b"], 0x24}}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, 'R'}]}, 0x24}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

798.598684ms ago: executing program 2 (id=3544):
r0 = socket$kcm(0x10, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, 0x0, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x45833af92e4b38ff, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x20)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)

0s ago: executing program 3 (id=3545):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000100), 0x1, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
getpid()
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$FITRIM(r0, 0xc4009420, &(0x7f0000000200)={0x2, 0x6, 0x4000000000000000})

kernel console output (not intermixed with test programs):

ecutor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fb2ce5eb9 code=0x7ffc0000
[  216.905472][   T26] audit: type=1326 audit(1769918764.696:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6966 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fb2ce5eb9 code=0x7ffc0000
[  217.446525][ T4540] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.490328][ T4540] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.615781][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  217.640426][ T4540] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.689942][ T4540] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.770239][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  219.346155][ T7004] program syz.4.726 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  220.137628][ T7020] device bridge0 left promiscuous mode
[  220.567557][ T7033] loop4: detected capacity change from 0 to 256
[  221.098527][ T7033] exFAT-fs (loop4): hint_cluster is invalid (17)
[  223.755606][ T7086] loop1: detected capacity change from 0 to 512
[  223.834836][ T7101] device batadv1 left promiscuous mode
[  223.861516][ T7101] bridge0: port 1(batadv1) entered disabled state
[  223.931034][ T7086] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  224.055199][ T7114] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  224.103805][ T7086] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 6: comm syz.1.746: lblock 0 mapped to illegal pblock 6 (length 1)
[  224.121207][ T7114] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  224.338124][ T7121] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  224.365105][ T7121] bond2: (slave lo): Enslaving as a backup interface with an up link
[  224.374656][ T7121] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  224.422177][ T7125] netlink: 12 bytes leftover after parsing attributes in process `syz.3.751'.
[  224.439956][ T7125] netlink: 'syz.3.751': attribute type 5 has an invalid length.
[  224.448025][ T7125] netlink: 4 bytes leftover after parsing attributes in process `syz.3.751'.
[  224.494868][ T7128] futex_wake_op: syz.4.752 tries to shift op by -1; fix this program
[  224.502092][ T5191] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 6: comm syz-executor: lblock 0 mapped to illegal pblock 6 (length 1)
[  224.615324][ T5191] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[  224.675196][ T5191] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz-executor: Invalid inode table block 4 in block_group 0
[  224.756078][ T5191] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5854: Corrupt filesystem
[  224.795666][ T5191] EXT4-fs error (device loop1): ext4_dirty_inode:6058: inode #2: comm syz-executor: mark_inode_dirty error
[  226.081158][    C1] sched: RT throttling activated
[  226.643707][  T154] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm kworker/u4:2: Invalid inode table block 4 in block_group 0
[  226.716042][  T154] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm kworker/u4:2: Invalid inode table block 4 in block_group 0
[  227.132928][ T7172] device syzkaller0 entered promiscuous mode
[  227.181217][ T4249] syzkaller0: tun_net_xmit 70
[  227.214318][ T7172] syzkaller0: tun_net_xmit 14
[  228.033952][ T7180] orangefs_mount: mount request failed with -4
[  228.361759][  T154] tipc: Left network mode
[  229.671832][ T7226] loop2: detected capacity change from 0 to 7
[  229.702754][ T7226]  loop2:
[  229.705953][ T7226] loop2: partition table partially beyond EOD, truncated
[  229.787495][ T3560]  loop2:
[  229.790782][ T3560] loop2: partition table partially beyond EOD, truncated
[  230.027600][ T7204] chnl_net:caif_netlink_parms(): no params data found
[  230.317323][  T154] device hsr_slave_0 left promiscuous mode
[  230.367841][  T154] device hsr_slave_1 left promiscuous mode
[  230.879309][ T5815] Bluetooth: hci1: command 0x0409 tx timeout
[  231.895983][  T154] bond0 (unregistering): Released all slaves
[  232.116955][ T7204] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.125582][ T7204] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.142295][ T7204] device bridge_slave_0 entered promiscuous mode
[  232.155974][ T7204] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.166524][ T7204] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.175307][ T7204] device bridge_slave_1 entered promiscuous mode
[  232.293342][ T7204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.306916][ T7204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.322148][ T7314] unsupported nlmsg_type 40
[  232.533791][ T7204] team0: Port device team_slave_0 added
[  232.551734][ T7204] team0: Port device team_slave_1 added
[  232.640953][ T7204] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.664555][ T7204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.731503][ T7204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.764370][ T7204] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.798034][ T7204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.827444][ T7204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.981460][ T7204] device hsr_slave_0 entered promiscuous mode
[  232.998786][ T7204] device hsr_slave_1 entered promiscuous mode
[  233.023289][ T7204] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  233.038686][ T5821] Bluetooth: hci1: command 0x041b tx timeout
[  233.056872][ T7204] Cannot create hsr debugfs directory
[  233.771775][ T7204] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  233.831252][ T7204] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  233.888937][ T7204] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  233.963680][ T7204] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  234.283628][ T7204] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.336051][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  234.364740][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  234.397817][ T7204] 8021q: adding VLAN 0 to HW filter on device team0
[  234.427409][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  234.449389][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  234.478035][  T413] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.485298][  T413] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.544535][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  234.563172][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  234.584987][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  234.605177][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.612377][  T413] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.639005][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  234.726382][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  234.784156][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  234.812823][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  234.844347][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  234.862584][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  234.883668][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  234.903406][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  234.923922][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  234.950462][ T7204] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  234.962311][ T7204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  234.979811][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  234.996412][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  235.118607][ T5821] Bluetooth: hci1: command 0x040f tx timeout
[  235.315025][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  235.346598][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  235.377960][ T7204] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.667764][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  235.708970][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  235.760076][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  235.781121][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  235.802474][ T7204] device veth0_vlan entered promiscuous mode
[  235.811310][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  235.826516][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  235.853690][ T7204] device veth1_vlan entered promiscuous mode
[  235.939989][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  235.952336][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  235.961232][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  235.971096][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  235.982405][ T7204] device veth0_macvtap entered promiscuous mode
[  236.007425][ T7204] device veth1_macvtap entered promiscuous mode
[  236.051159][ T7204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.068917][ T7204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.099672][ T7204] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.108728][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  236.129267][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  236.137852][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  236.155471][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  236.172583][ T7204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.191144][ T7204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.208169][ T7204] batman_adv: batadv0: Interface activated: batadv_slave_1
[  236.221899][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  236.243310][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  236.259916][ T7204] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.279628][ T7204] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.296561][ T7204] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.305916][ T7204] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.468864][  T413] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.477451][  T413] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.531076][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  236.550874][ T4540] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.559564][ T4540] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.576629][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  237.841559][ T5821] Bluetooth: hci1: command 0x0419 tx timeout
[  240.765473][ T7437] ubi31: attaching mtd0
[  240.793942][ T7492] netlink: 'syz.7.804': attribute type 1 has an invalid length.
[  240.843083][ T7437] ubi31 error: ubi_attach_mtd_dev: bad VID header (167772160) or data offsets (167772224)
[  242.479762][ T7519] loop3: detected capacity change from 0 to 32768
[  242.496402][ T7526] loop6: detected capacity change from 0 to 512
[  242.579668][ T7519] gfs2: fsid=Ô±rÐÛ»ð_î
[  242.579668][ T7519] ˜b‚瀫ñ§Ö]êk;
.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§: Trying to join cluster "lock_nolock", "Ô±rÐÛ»ð_î
[  242.579668][ T7519] ˜b‚瀫ñ§Ö]êk;
.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§"
[  242.600558][ T7519] gfs2: fsid=Ô±rÐÛ»ð_î
[  242.600558][ T7519] ˜b‚瀫ñ§Ö]êk;
.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§: Now mounting FS (format 1801)...
[  242.683768][ T7519] gfs2: fsid=Ô±rÐÛ»ð_î
[  242.683768][ T7519] ˜b‚瀫ñ§Ö]êk;
.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§.s: journal 0 mapped with 5 extents in 0ms
[  242.732344][ T7519] gfs2: fsid=Ô±rÐÛ»ð_î
[  242.732344][ T7519] ˜b‚瀫ñ§Ö]êk;
.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§.s: first mount done, others may mount
[  242.766625][ T7526] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,,errors=continue. Quota mode: writeback.
[  242.788397][ T7526] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.857954][ T7535] loop2: detected capacity change from 0 to 128
[  242.891288][ T7526] EXT4-fs (loop6): re-mounted. Opts: (null). Quota mode: writeback.
[  243.009142][ T7535] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  243.075377][ T7535] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  250.121932][ T7620] loop3: detected capacity change from 0 to 128
[  250.392409][ T7628] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  250.400024][ T7628] IPv6: NLM_F_CREATE should be set when creating new route
[  250.449856][ T7620] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  250.513754][ T7620] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.032737][ T7631] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.040274][ T7631] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.349314][ T7631] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.409637][ T7631] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.916376][ T7631] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.925953][ T7631] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.935173][ T7631] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.944149][ T7631] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  256.085902][ T7635] netlink: 12 bytes leftover after parsing attributes in process `syz.6.842'.
[  256.321429][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  256.327850][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  257.422307][ T7699] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  258.205995][ T7714] loop6: detected capacity change from 0 to 1024
[  258.345958][ T7714] EXT4-fs (loop6): Ignoring removed orlov option
[  258.586076][ T7714] EXT4-fs (loop6): mounted filesystem without journal. Opts: orlov,usrjquota=,,errors=continue. Quota mode: none.
[  258.848801][   T26] kauditd_printk_skb: 199 callbacks suppressed
[  258.848815][   T26] audit: type=1800 audit(1769918806.996:249): pid=7714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.862" name="bus" dev="loop6" ino=18 res=0 errno=0
[  258.922194][ T7714] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.862: Allocating blocks 385-513 which overlap fs metadata
[  258.939177][ T7728] tipc: Started in network mode
[  258.944238][ T7728] tipc: Node identity 12104255c76c, cluster identity 4711
[  258.982110][ T7728] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  258.995568][ T7714] EXT4-fs (loop6): pa ffff8880610b4700: logic 16, phys. 129, len 24
[  259.010128][ T7714] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4904: group 0, free 0, pa_free 8
[  259.096552][ T7726] tipc: Resetting bearer <eth:syzkaller0>
[  259.232289][ T7726] tipc: Disabling bearer <eth:syzkaller0>
[  260.568667][ T6657] Trying to write to read-only block-device loop6
[  260.569015][ T4540] Trying to write to read-only block-device loop6
[  260.575298][ T6657] Trying to write to read-only block-device loop6
[  260.589681][ T6657] Trying to write to read-only block-device loop6
[  260.596226][ T6657] Trying to write to read-only block-device loop6
[  260.603380][ T6657] Trying to write to read-only block-device loop6
[  260.633587][ T6657] Trying to write to read-only block-device loop6
[  260.668638][ T4540] Trying to write to read-only block-device loop6
[  260.675319][ T4540] Trying to write to read-only block-device loop6
[  260.698686][ T6657] Trying to write to read-only block-device loop6
[  261.238995][ T7766] loop2: detected capacity change from 0 to 512
[  261.361216][ T7766] EXT4-fs (loop2): Project quota feature not enabled. Cannot enable project quota enforcement.
[  263.125840][ T7794] loop2: detected capacity change from 0 to 16
[  263.265749][ T7794] erofs: (device loop2): mounted with root inode @ nid 36.
[  263.364950][ T7794] attempt to access beyond end of device
[  263.364950][ T7794] loop2: rw=524288, want=32, limit=16
[  263.495884][ T7794] erofs: (device loop2): z_erofs_readahead: readahead error at page 7 @ nid 89
[  263.628690][ T7794] erofs: (device loop2): z_erofs_readahead: readahead error at page 5 @ nid 89
[  263.663586][ T7794] erofs: (device loop2): z_erofs_readahead: readahead error at page 4 @ nid 89
[  263.698939][ T7794] attempt to access beyond end of device
[  263.698939][ T7794] loop2: rw=524288, want=56, limit=16
[  263.789941][ T7794] erofs: (device loop2): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  264.078116][ T7813] loop7: detected capacity change from 0 to 256
[  264.136433][   T26] audit: type=1800 audit(1769918812.276:250): pid=7794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.877" name="file2" dev="loop2" ino=89 res=0 errno=0
[  264.253195][ T7813] FAT-fs (loop7): Directory bread(block 64) failed
[  264.285144][ T7813] FAT-fs (loop7): Directory bread(block 65) failed
[  264.328795][ T7813] FAT-fs (loop7): Directory bread(block 66) failed
[  264.360582][ T7813] FAT-fs (loop7): Directory bread(block 67) failed
[  264.395538][ T7813] FAT-fs (loop7): Directory bread(block 68) failed
[  264.424757][ T7813] FAT-fs (loop7): Directory bread(block 69) failed
[  264.446811][ T7813] FAT-fs (loop7): Directory bread(block 70) failed
[  264.500560][ T7813] FAT-fs (loop7): Directory bread(block 71) failed
[  264.521287][ T7813] FAT-fs (loop7): Directory bread(block 72) failed
[  264.540842][ T7813] FAT-fs (loop7): Directory bread(block 73) failed
[  264.557795][ T7825] binder: 7824:7825 unknown command 0
[  264.568713][ T7825] binder: 7824:7825 ioctl c0306201 200000000080 returned -22
[  264.648964][ T7825] binder: BINDER_SET_CONTEXT_MGR already set
[  264.655814][ T7825] binder: 7824:7825 ioctl 4018620d 200000000040 returned -16
[  265.211443][ T5820] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  265.240472][ T7842] loop7: detected capacity change from 0 to 256
[  265.307548][ T7842] exfat: Unknown parameter '0xffffffffffffffff00000000000000000000'
[  265.498543][ T5820] usb 4-1: Using ep0 maxpacket: 8
[  265.637192][ T5820] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  265.654876][ T5820] usb 4-1: config 0 has no interfaces?
[  265.689796][ T5820] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  265.717708][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.752418][ T5820] usb 4-1: config 0 descriptor??
[  265.782577][ T7852] VFS: Mount too revealing
[  265.884608][ T7856] loop7: detected capacity change from 0 to 1024
[  265.995620][ T7856] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000]
[  266.097175][ T7862] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  266.131121][ T7856] EXT4-fs error (device loop7): ext4_free_blocks:6234: comm syz.7.890: Freeing blocks not in datazone - block = 0, count = 4096
[  266.277293][ T7856] EXT4-fs (loop7): Remounting filesystem read-only
[  266.295972][ T7856] EXT4-fs (loop7): 1 orphan inode deleted
[  266.350717][ T7856] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,noblock_validity,grpjquota=,init_itable=0x0000000000000006,debug,errors=remount-ro,. Quota mode: writeback.
[  266.395720][ T4173] usb 4-1: USB disconnect, device number 5
[  266.637863][ T7878] kvm: pic: level sensitive irq not supported
[  266.638122][ T7878] kvm: pic: non byte read
[  266.753996][ T7878] kvm: pic: non byte write
[  266.781622][ T7878] kvm: pic: non byte read
[  266.947727][ T7886] netlink: 'syz.3.894': attribute type 6 has an invalid length.
[  267.807763][ T7889] loop3: detected capacity change from 0 to 1024
[  268.007132][ T7889] hfsplus: invalid btree flag
[  268.036657][ T7889] hfsplus: failed to load extents file
[  268.209676][ T7894] loop4: detected capacity change from 0 to 16
[  268.277216][ T7894] erofs: (device loop4): mounted with root inode @ nid 36.
[  269.029025][ T7894] attempt to access beyond end of device
[  269.029025][ T7894] loop4: rw=524288, want=32, limit=16
[  269.223516][ T7894] erofs: (device loop4): z_erofs_readahead: readahead error at page 7 @ nid 89
[  269.297056][ T7894] erofs: (device loop4): z_erofs_readahead: readahead error at page 5 @ nid 89
[  269.403263][ T7894] erofs: (device loop4): z_erofs_readahead: readahead error at page 4 @ nid 89
[  269.428607][ T7917] netlink: 'syz.7.911': attribute type 39 has an invalid length.
[  269.478014][ T7919] loop3: detected capacity change from 0 to 256
[  269.485058][ T7894] attempt to access beyond end of device
[  269.485058][ T7894] loop4: rw=524288, want=56, limit=16
[  269.547783][ T7919] exfat: Unknown parameter '0xffffffffffffffff00000000000000000000'
[  269.640665][ T7894] erofs: (device loop4): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  270.051041][   T26] audit: type=1800 audit(1769918818.186:251): pid=7894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.895" name="file2" dev="loop4" ino=89 res=0 errno=0
[  272.158909][ T7951] overlayfs: failed to clone upperpath
[  272.253870][ T7962] loop7: detected capacity change from 0 to 512
[  272.562880][ T7975] netlink: 'syz.3.912': attribute type 4 has an invalid length.
[  272.595740][ T7962] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  273.654173][ T8006] loop7: detected capacity change from 0 to 16
[  273.713769][ T8006] erofs: (device loop7): mounted with root inode @ nid 36.
[  273.765469][ T8006] attempt to access beyond end of device
[  273.765469][ T8006] loop7: rw=524288, want=32, limit=16
[  273.821563][ T8006] erofs: (device loop7): z_erofs_readahead: readahead error at page 7 @ nid 89
[  273.888191][ T8006] erofs: (device loop7): z_erofs_readahead: readahead error at page 5 @ nid 89
[  273.912926][ T8006] erofs: (device loop7): z_erofs_readahead: readahead error at page 4 @ nid 89
[  273.927768][ T8006] attempt to access beyond end of device
[  273.927768][ T8006] loop7: rw=524288, want=56, limit=16
[  274.088192][ T8006] erofs: (device loop7): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  274.112245][   T26] audit: type=1800 audit(1769918822.256:252): pid=8006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.917" name="file2" dev="loop7" ino=89 res=0 errno=0
[  281.250650][ T8098] loop3: detected capacity change from 0 to 16
[  281.258133][ T8096] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  281.373961][ T8098] erofs: (device loop3): mounted with root inode @ nid 36.
[  281.465793][ T8098] attempt to access beyond end of device
[  281.465793][ T8098] loop3: rw=524288, want=32, limit=16
[  281.577617][ T8098] erofs: (device loop3): z_erofs_readahead: readahead error at page 7 @ nid 89
[  281.656348][ T8098] erofs: (device loop3): z_erofs_readahead: readahead error at page 5 @ nid 89
[  282.476628][ T8098] erofs: (device loop3): z_erofs_readahead: readahead error at page 4 @ nid 89
[  282.514594][ T8098] attempt to access beyond end of device
[  282.514594][ T8098] loop3: rw=524288, want=56, limit=16
[  282.545617][ T8123] bond2: option mode: unable to set because the bond device has slaves
[  282.590669][ T8098] erofs: (device loop3): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  282.724083][   T26] audit: type=1800 audit(1769918830.866:253): pid=8098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.939" name="file2" dev="loop3" ino=89 res=0 errno=0
[  282.765272][ T8132] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  286.357016][ T8203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.972'.
[  286.690968][ T8206] lo speed is unknown, defaulting to 1000
[  286.697997][ T8206] lo speed is unknown, defaulting to 1000
[  286.721415][ T8206] lo speed is unknown, defaulting to 1000
[  286.754812][ T8206] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  286.796439][ T8206] infiniband syz�: RDMA CMA: cma_listen_on_dev, error -98
[  286.907353][ T8206] lo speed is unknown, defaulting to 1000
[  286.920163][ T8206] lo speed is unknown, defaulting to 1000
[  286.933693][ T8206] lo speed is unknown, defaulting to 1000
[  286.944526][ T8206] lo speed is unknown, defaulting to 1000
[  286.955328][ T8206] lo speed is unknown, defaulting to 1000
[  287.290537][ T8214] netlink: 'syz.4.975': attribute type 39 has an invalid length.
[  287.620495][ T8226] netlink: 4 bytes leftover after parsing attributes in process `syz.2.979'.
[  290.925835][ T8261] netlink: 4 bytes leftover after parsing attributes in process `syz.4.989'.
[  291.259907][ T8268] overlayfs: failed to clone upperpath
[  292.404731][ T8279] fuse: Bad value for 'fd'
[  294.577871][ T8315] device veth0 entered promiscuous mode
[  294.646183][ T8315] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1002'.
[  296.395384][ T8354] overlayfs: failed to clone upperpath
[  296.466405][ T8349] overlayfs: failed to clone upperpath
[  299.021745][ T8415] fuse: Bad value for 'fd'
[  299.660395][ T8433] device macvtap1 entered promiscuous mode
[  299.715396][ T8433] device bridge0 entered promiscuous mode
[  299.747839][ T8433] bridge0: port 1(macvtap1) entered blocking state
[  299.831043][ T8433] bridge0: port 1(macvtap1) entered disabled state
[  300.967484][ T8433] device bridge0 left promiscuous mode
[  305.963176][ T8529] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  306.139169][ T8537] device erspan0 entered promiscuous mode
[  306.450197][ T8547] fuse: Bad value for 'fd'
[  306.482665][   T26] audit: type=1326 audit(1769918854.626:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  306.555605][   T26] audit: type=1326 audit(1769918854.646:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  306.620781][   T26] audit: type=1326 audit(1769918854.646:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  306.768754][   T26] audit: type=1326 audit(1769918854.646:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  307.040172][   T26] audit: type=1326 audit(1769918854.646:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f88da89d78e code=0x7ffc0000
[  307.441717][   T26] audit: type=1326 audit(1769918854.646:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  307.869375][   T26] audit: type=1326 audit(1769918854.646:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  307.892064][   T26] audit: type=1326 audit(1769918854.646:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  307.915944][   T26] audit: type=1326 audit(1769918854.646:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  307.938720][   T26] audit: type=1326 audit(1769918854.656:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8546 comm="syz.6.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  308.031735][ T8564] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.090042][ T8568] lo speed is unknown, defaulting to 1000
[  308.095943][ T8568] lo speed is unknown, defaulting to 1000
[  308.102264][ T8568] lo speed is unknown, defaulting to 1000
[  308.114941][ T8568] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  308.135189][ T8568] lo speed is unknown, defaulting to 1000
[  308.142195][ T8568] lo speed is unknown, defaulting to 1000
[  308.149532][ T8568] lo speed is unknown, defaulting to 1000
[  308.156341][ T8568] lo speed is unknown, defaulting to 1000
[  308.163525][ T8568] lo speed is unknown, defaulting to 1000
[  308.353620][ T8564] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.525630][ T8564] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.565439][ T8584] netlink: 182 bytes leftover after parsing attributes in process `syz.4.1067'.
[  308.580842][ T8589] bridge0: port 3(syz_tun) entered blocking state
[  308.590631][ T8589] bridge0: port 3(syz_tun) entered disabled state
[  308.606839][ T8589] device syz_tun entered promiscuous mode
[  308.695701][ T8564] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.803037][ T8598] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1071'.
[  309.317169][ T8564] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.045521][ T8564] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.063675][ T8564] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.097448][ T8564] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.142645][ T8619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1076'.
[  310.221281][ T8624] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1078'.
[  310.309836][ T8626] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1079'.
[  310.369798][ T8635] fuse: Bad value for 'fd'
[  310.417579][ T8629] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  310.431873][ T8629] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  310.451751][ T8629] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[  310.460967][ T8629] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[  310.472122][ T8629] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  310.496780][ T8624] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1078'.
[  310.521673][ T8624] bond1 (unregistering): (slave geneve2): Releasing backup interface
[  310.561656][ T8624] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 20000 - 0
[  310.580957][ T8624] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 20000 - 0
[  310.637667][ T8650] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1083'.
[  310.740220][ T8624] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 20000 - 0
[  310.800701][ T8624] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 20000 - 0
[  311.984274][ T8624] bond1 (unregistering): Released all slaves
[  313.820815][ T8683] siw: device registration error -23
[  313.995516][ T8675] 8021q: adding VLAN 0 to HW filter on device bond1
[  314.865936][ T4200] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  314.877021][ T4200] CPU: 0 PID: 4200 Comm: kworker/u5:6 Not tainted syzkaller #0
[  314.884649][ T4200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  314.894750][ T4200] Workqueue: hci2 hci_rx_work
[  314.899493][ T4200] Call Trace:
[  314.902804][ T4200]  <TASK>
[  314.905772][ T4200]  dump_stack_lvl+0x188/0x250
[  314.910511][ T4200]  ? show_regs_print_info+0x20/0x20
[  314.915799][ T4200]  ? load_image+0x400/0x400
[  314.920373][ T4200]  sysfs_create_dir_ns+0x26a/0x290
[  314.925793][ T4200]  ? sysfs_warn_dup+0xa0/0xa0
[  314.930546][ T4200]  ? process_one_work+0x85f/0x1010
[  314.935883][ T4200]  ? do_raw_spin_unlock+0x11d/0x230
[  314.941133][ T4200]  kobject_add_internal+0x6e0/0xd90
[  314.946509][ T4200]  kobject_add+0x160/0x230
[  314.951103][ T4200]  ? kobject_init+0x1d0/0x1d0
[  314.955838][ T4200]  ? klist_children_get+0x50/0x50
[  314.960909][ T4200]  ? get_device_parent+0x121/0x3f0
[  314.966067][ T4200]  device_add+0x483/0xfb0
[  314.970458][ T4200]  hci_conn_add_sysfs+0xd1/0x1e0
[  314.975474][ T4200]  le_conn_complete_evt+0xc48/0x15c0
[  314.980812][ T4200]  ? cs_le_create_conn+0x5e0/0x5e0
[  314.985992][ T4200]  ? __mutex_trylock_common+0x155/0x260
[  314.991596][ T4200]  hci_le_meta_evt+0x285/0x3c90
[  314.996498][ T4200]  ? hci_event_packet+0x37b/0x1370
[  315.001671][ T4200]  ? __lock_acquire+0x7d10/0x7d10
[  315.006748][ T4200]  ? hci_remote_host_features_evt+0x280/0x280
[  315.012866][ T4200]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  315.018573][ T4200]  ? mark_lock+0x94/0x320
[  315.022943][ T4200]  ? mutex_unlock+0x10/0x10
[  315.027495][ T4200]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  315.033597][ T4200]  ? lock_chain_count+0x20/0x20
[  315.038578][ T4200]  ? __rwlock_init+0x140/0x140
[  315.043469][ T4200]  hci_event_packet+0xe48/0x1370
[  315.048460][ T4200]  ? lockdep_hardirqs_on+0x94/0x140
[  315.053700][ T4200]  ? rcu_lock_release+0x20/0x20
[  315.058683][ T4200]  ? hci_send_to_monitor+0x9c/0x4a0
[  315.063928][ T4200]  hci_rx_work+0x255/0xa10
[  315.068397][ T4200]  process_one_work+0x85f/0x1010
[  315.073400][ T4200]  ? worker_detach_from_pool+0x240/0x240
[  315.079076][ T4200]  ? lockdep_hardirqs_off+0x70/0x100
[  315.084414][ T4200]  ? _raw_spin_lock_irq+0xb7/0xf0
[  315.089486][ T4200]  ? _raw_spin_lock_irqsave+0x100/0x100
[  315.095075][ T4200]  ? wq_worker_running+0x97/0x170
[  315.100151][ T4200]  worker_thread+0xaa6/0x1290
[  315.104895][ T4200]  kthread+0x436/0x520
[  315.108998][ T4200]  ? rcu_lock_release+0x20/0x20
[  315.113879][ T4200]  ? kthread_blkcg+0xd0/0xd0
[  315.118501][ T4200]  ret_from_fork+0x1f/0x30
[  315.122957][ T4200]  </TASK>
[  315.132309][ T4200] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  315.145634][ T4200] Bluetooth: hci2: failed to register connection device
[  315.179501][ T8705] 8021q: adding VLAN 0 to HW filter on device bond5
[  315.641374][ T8709] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  316.115738][ T8709] bond5: (slave macvlan2): Enslaving as an active interface with a down link
[  316.948189][ T8773] siw: device registration error -23
[  317.787264][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  317.793636][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  317.848193][ T8775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'.
[  321.724382][ T8809] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1123'.
[  321.996539][ T8820] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1128'.
[  322.005412][ T5821] Bluetooth: hci2: command 0x0406 tx timeout
[  323.255818][   T26] kauditd_printk_skb: 19 callbacks suppressed
[  323.255836][   T26] audit: type=1326 audit(1769918871.403:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fb2ce5eb9 code=0x7ffc0000
[  323.304376][   T26] audit: type=1326 audit(1769918871.403:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fb2ce5eb9 code=0x7ffc0000
[  323.362524][   T26] audit: type=1326 audit(1769918871.413:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  323.410239][   T26] audit: type=1326 audit(1769918871.413:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  323.671006][   T26] audit: type=1326 audit(1769918871.413:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  325.148525][   T26] audit: type=1326 audit(1769918871.413:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  325.289938][   T26] audit: type=1326 audit(1769918871.423:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  325.354352][   T26] audit: type=1326 audit(1769918871.423:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  325.376902][   T26] audit: type=1326 audit(1769918871.423:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  325.401421][   T26] audit: type=1326 audit(1769918871.423:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8834 comm="syz.4.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fb2ce5b4b code=0x7ffc0000
[  325.860892][ T8868] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  329.393496][ T8927] tipc: Can't bind to reserved service type 0
[  329.490418][ T8933] sock: sock_set_timeout: `syz.7.1167' (pid 8933) tries to set negative timeout
[  331.691015][ T8952] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1174'.
[  332.002275][ T8975] netlink: 'syz.6.1180': attribute type 3 has an invalid length.
[  332.037320][ T8975] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1180'.
[  333.604745][ T8995] team0: Port device team_slave_0 removed
[  334.741266][ T9037] device veth0_macvtap left promiscuous mode
[  336.054369][ T9033] lo speed is unknown, defaulting to 1000
[  336.081993][ T9033] lo speed is unknown, defaulting to 1000
[  338.093335][ T9055] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.100851][ T9055] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.706469][ T9055] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.774554][ T9055] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.297330][ T9055] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.305722][ T9055] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.314566][ T9055] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.323973][ T9055] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.399707][ T9062] bond1: (slave batadv_slave_1): Enslaving as a backup interface with a down link
[  340.422146][ T9088] netlink: 'syz.7.1217': attribute type 4 has an invalid length.
[  340.480387][ T9092] netlink: 'syz.7.1217': attribute type 4 has an invalid length.
[  342.177048][ T9130] overlayfs: failed to clone upperpath
[  342.546342][ T9138] mmap: syz.7.1232 (9138) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  343.654674][ T9148] raw_sendmsg: syz.6.1246 forgot to set AF_INET. Fix it!
[  349.372337][ T9203] "syz.2.1253" (9203) uses obsolete ecb(arc4) skcipher
[  353.354118][ T9269] overlayfs: failed to clone upperpath
[  355.561064][ T9303] sch_fq: defrate 53322 ignored.
[  355.658221][ T4257] Bluetooth: hci1: command 0x0406 tx timeout
[  355.687325][ T9311] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1284'.
[  356.993154][ T9336] fuse: Bad value for 'fd'
[  357.100115][ T9338] device bridge_slave_0 left promiscuous mode
[  357.107710][ T9338] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.119873][ T9338] device bridge_slave_1 left promiscuous mode
[  357.129774][ T9338] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.146056][ T9338] bond0: (slave bond_slave_0): Releasing backup interface
[  357.186501][ T9338] bond0: (slave bond_slave_1): Releasing backup interface
[  357.211998][ T9338] team0: Port device team_slave_1 removed
[  357.219854][ T9338] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.228652][ T9338] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.236910][ T9340] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  357.284347][ T9338] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1295'.
[  357.382241][ T9346] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  357.391694][ T9346] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  358.953043][ T9365] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1306'.
[  358.978191][ T9365] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1306'.
[  359.026718][ T9371] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  360.392753][ T9391] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1316'.
[  360.446378][ T9391] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  360.456328][ T9391] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  360.465086][ T9391] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  360.473951][ T9391] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  360.533674][ T9395] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1317'.
[  360.544932][ T9395] netlink: 75 bytes leftover after parsing attributes in process `syz.3.1317'.
[  363.589133][ T9433] overlayfs: failed to clone upperpath
[  369.951517][ T9455] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.960457][ T9455] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.970634][ T9455] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.979727][ T9455] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  370.166144][ T9455] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  370.175512][ T9455] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  370.184531][ T9455] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  370.193757][ T9455] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  370.387600][ T9504] netlink: 84 bytes leftover after parsing attributes in process `syz.6.1346'.
[  370.478936][ T9518] netlink: 'syz.4.1351': attribute type 10 has an invalid length.
[  370.487079][ T9518] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1351'.
[  370.498415][ T9518] batman_adv: batadv0: Adding interface: wlan0
[  370.514269][ T9518] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  370.683882][ T9518] batman_adv: batadv0: Interface activated: wlan0
[  371.516659][ T9533] netlink: 'syz.4.1358': attribute type 10 has an invalid length.
[  374.427428][ T9580] netlink: 'syz.3.1369': attribute type 10 has an invalid length.
[  374.685339][ T9580] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1369'.
[  374.915767][ T9580] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  376.245823][ T9622] sctp: [Deprecated]: syz.3.1383 (pid 9622) Use of int in max_burst socket option.
[  376.245823][ T9622] Use struct sctp_assoc_value instead
[  379.676759][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  379.684349][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  380.173979][ T9662] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1394'.
[  380.865706][ T9662] 8021q: adding VLAN 0 to HW filter on device bond6
[  380.934254][ T9671] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1394'.
[  380.957150][ T9671] device macvlan3 entered promiscuous mode
[  381.008476][ T9662] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1394'.
[  381.160428][ T9686] netlink: 'syz.7.1402': attribute type 10 has an invalid length.
[  381.178777][ T9686] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  381.348494][ T9696] batman_adv: batadv0: Removing interface: batadv_slave_0
[  382.368282][ T9716] overlayfs: failed to clone upperpath
[  385.858801][ T9763] netlink: 5 bytes leftover after parsing attributes in process `syz.6.1426'.
[  386.145207][ T9763] .30ªX¹¦D: renamed from gretap0
[  386.996091][ T9763] A link change request failed with some changes committed already. Interface .30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  387.634495][ T9779] syz.3.1431 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  389.072679][ T9810] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1443'.
[  389.084028][ T9813] overlayfs: failed to resolve './file0': -2
[  389.153019][ T9815] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1445'.
[  393.819523][ T9866] netlink: 'syz.3.1462': attribute type 10 has an invalid length.
[  393.839177][ T9866] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1462'.
[  393.880528][ T9866] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  393.931877][ T9866] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  393.959657][ T9866] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  393.992849][ T9866] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.424648][ T9866] team0: Port device geneve0 added
[  394.844584][   T26] kauditd_printk_skb: 48 callbacks suppressed
[  394.844600][   T26] audit: type=1800 audit(1769918943.019:341): pid=9851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1457" name="bus" dev="ramfs" ino=53047 res=0 errno=0
[  396.613931][ T9900] No such timeout policy "syz1"
[  401.332093][ T9936] bond5: option mode: unable to set because the bond device has slaves
[  401.371882][ T9940] netlink: 'syz.2.1486': attribute type 10 has an invalid length.
[  401.382822][ T9940] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  401.420391][ T9936] bond5: (slave ip6gretap2): making interface the new active one
[  401.429904][ T9936] device ip6gretap2 entered promiscuous mode
[  401.436517][ T9936] bond5: (slave ip6gretap2): Enslaving as an active interface with an up link
[  405.383970][T10004] device vlan2 entered promiscuous mode
[  405.389591][T10004] device bond0 entered promiscuous mode
[  405.410964][T10004] device bridge_slave_1 entered promiscuous mode
[  408.777512][T10058] device vlan2 entered promiscuous mode
[  408.788607][T10058] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1529'.
[  412.928312][   T26] audit: type=1326 audit(1769918961.078:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  412.951212][   T26] audit: type=1326 audit(1769918961.078:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  412.973884][   T26] audit: type=1326 audit(1769918961.108:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  413.059018][T10118] device ipip0 entered promiscuous mode
[  413.066955][   T26] audit: type=1326 audit(1769918961.108:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  413.159958][   T26] audit: type=1326 audit(1769918961.108:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  413.205843][   T26] audit: type=1326 audit(1769918961.108:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd2bcd0678e code=0x7ffc0000
[  413.240887][   T26] audit: type=1326 audit(1769918961.108:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd2bcd0678e code=0x7ffc0000
[  413.263909][   T26] audit: type=1326 audit(1769918961.108:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  413.297301][   T26] audit: type=1326 audit(1769918961.148:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  413.345535][   T26] audit: type=1326 audit(1769918961.148:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10109 comm="syz.3.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  422.629177][T10303] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1609'.
[  422.762095][T10305] overlayfs: failed to clone upperpath
[  424.327181][   T26] kauditd_printk_skb: 18 callbacks suppressed
[  424.327196][   T26] audit: type=1804 audit(1769918972.524:370): pid=10332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1619" name="bus" dev="ramfs" ino=54633 res=1 errno=0
[  425.827811][   T26] audit: type=1804 audit(1769918973.304:371): pid=10338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.1619" name="bus" dev="ramfs" ino=54633 res=1 errno=0
[  427.004994][T10358] lo speed is unknown, defaulting to 1000
[  427.019836][T10358] lo speed is unknown, defaulting to 1000
[  430.581330][T10423] 9pnet: p9_fd_create_unix (10423): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  430.883680][T10430] netlink: 'syz.2.1652': attribute type 21 has an invalid length.
[  432.749738][T10430] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1652'.
[  432.809717][T10430] netlink: 'syz.2.1652': attribute type 1 has an invalid length.
[  432.848205][T10430] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1652'.
[  432.974243][T10430] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  433.081853][T10446] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1657'.
[  433.129410][T10446] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1657'.
[  433.138415][T10446] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1657'.
[  433.179433][T10446] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[  435.030865][T10480] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  436.837468][T10493] device batadv_slave_0 entered promiscuous mode
[  440.379803][T10545] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1690'.
[  440.586875][T10548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  440.601405][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  440.607741][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  441.213339][T10556] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1693'.
[  441.346521][T10575] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.364654][T10575] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.383904][T10575] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.405563][T10575] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  445.040994][T10621] netlink: 'syz.7.1710': attribute type 10 has an invalid length.
[  445.049089][T10621] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1710'.
[  445.097100][T10621] batman_adv: batadv0: Adding interface: virt_wifi0
[  445.104159][T10621] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  445.127119][T10621] batman_adv: batadv0: Interface activated: virt_wifi0
[  448.342397][T10636] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1717'.
[  448.351459][T10636] device syz_tun left promiscuous mode
[  448.357153][T10636] bridge0: port 3(syz_tun) entered disabled state
[  448.552446][T10636] device bridge_slave_1 left promiscuous mode
[  448.575439][T10636] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.585462][T10636] device bridge_slave_0 left promiscuous mode
[  449.528996][T10636] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.566260][   T26] audit: type=1804 audit(1769918997.763:372): pid=10671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1726" name="bus" dev="ramfs" ino=54984 res=1 errno=0
[  449.626829][   T26] audit: type=1804 audit(1769918997.823:373): pid=10671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1726" name="bus" dev="ramfs" ino=54984 res=1 errno=0
[  450.975204][T10686] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1732'.
[  453.636829][T10713] IPVS: Error connecting to the multicast addr
[  454.571475][T10734] sctp: [Deprecated]: syz.7.1744 (pid 10734) Use of struct sctp_assoc_value in delayed_ack socket option.
[  454.571475][T10734] Use struct sctp_sack_info instead
[  454.713185][T10736] netlink: 'syz.6.1746': attribute type 10 has an invalid length.
[  454.746362][T10736] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  454.994865][T10741] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  459.827623][T10777] xt_hashlimit: size too large, truncated to 1048576
[  459.849582][T10777] xt_hashlimit: invalid rate
[  460.097857][T10787] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1765'.
[  460.243808][T10790] netlink: 'syz.4.1764': attribute type 27 has an invalid length.
[  460.391380][T10798] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  461.582869][T10806] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1768'.
[  462.629292][T10806] 8021q: adding VLAN 0 to HW filter on device bond2
[  462.729650][T10807] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1768'.
[  462.751421][T10807] device macvlan2 entered promiscuous mode
[  462.838872][T10811] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1768'.
[  463.801334][T10825] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1772'.
[  463.928294][T10821] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  465.336354][   T26] audit: type=1800 audit(1769919013.533:374): pid=10830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1774" name="bus" dev="ramfs" ino=56003 res=0 errno=0
[  468.540588][   T26] audit: type=1804 audit(1769919016.733:375): pid=10865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1784" name="bus" dev="ramfs" ino=56037 res=1 errno=0
[  468.814584][   T26] audit: type=1804 audit(1769919016.923:376): pid=10865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1784" name="bus" dev="ramfs" ino=56037 res=1 errno=0
[  470.772357][T10891] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1791'.
[  471.165231][T10901] xt_TCPMSS: Only works on TCP SYN packets
[  473.831302][T10917] Cannot find del_set index 4 as target
[  474.973133][T10926] netlink: 'syz.6.1803': attribute type 1 has an invalid length.
[  475.480067][T10926] 8021q: adding VLAN 0 to HW filter on device bond1
[  475.784351][T10929] bond1: (slave gretap0): making interface the new active one
[  475.795485][T10929] bond1: (slave gretap0): Enslaving as an active interface with an up link
[  475.804749][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  477.189987][T10949] Malformed UNC in devname
[  477.189987][T10949] 
[  477.196989][T10949] CIFS: VFS: Malformed UNC in devname
[  480.792558][T10989] autofs4:pid:10989:autofs_fill_super: called with bogus options
[  483.881716][T11019] netlink: 'syz.2.1832': attribute type 10 has an invalid length.
[  483.991713][T11019] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1832'.
[  484.183490][T11019] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  487.555775][   T26] audit: type=1804 audit(4147483664.444:377): pid=11065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1841" name="bus" dev="ramfs" ino=56361 res=1 errno=0
[  487.630029][T11068] netlink: 'syz.3.1846': attribute type 10 has an invalid length.
[  487.640338][   T26] audit: type=1804 audit(4147483664.474:378): pid=11065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1841" name="bus" dev="ramfs" ino=56361 res=1 errno=0
[  487.783106][T11068] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  487.831748][T11063] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1842'.
[  488.546777][T11079] netlink: 'syz.7.1842': attribute type 5 has an invalid length.
[  488.584092][T11079] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1842'.
[  492.460347][   T26] audit: type=1326 audit(4147483669.354:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  493.350666][   T26] audit: type=1326 audit(4147483669.354:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  493.492574][   T26] audit: type=1326 audit(4147483669.354:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  493.499882][T11137] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1867'.
[  493.567446][   T26] audit: type=1326 audit(4147483669.354:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  493.602566][   T26] audit: type=1326 audit(4147483669.354:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  493.619854][T11137] batman_adv: batadv0: Interface deactivated: wlan0
[  493.730203][T11137] batman_adv: batadv0: Removing interface: wlan0
[  494.239248][   T26] audit: type=1326 audit(4147483669.354:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f88da89d78e code=0x7ffc0000
[  494.537820][   T26] audit: type=1326 audit(4147483669.354:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f88da89d78e code=0x7ffc0000
[  496.758612][   T26] audit: type=1326 audit(4147483669.354:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  496.828987][   T26] audit: type=1326 audit(4147483669.354:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  496.899192][   T26] audit: type=1326 audit(4147483669.374:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  496.967764][T11158] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1870'.
[  496.973643][   T26] audit: type=1326 audit(4147483669.374:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11119 comm="syz.6.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88da8dceb9 code=0x7ffc0000
[  497.219406][T11170] device vlan2 entered promiscuous mode
[  498.009851][T11166] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1876'.
[  498.181172][T11183] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1883'.
[  500.306817][T11221] overlayfs: failed to clone upperpath
[  502.610069][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  502.624860][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  502.725771][T11252] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1902'.
[  502.745647][T11252] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  502.754894][T11252] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  502.763953][T11252] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  502.772773][T11252] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  502.795286][T11252] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1902'.
[  505.507081][T11286] xt_hashlimit: max too large, truncated to 1048576
[  505.536318][T11286] xt_hashlimit: overflow, try lower: 0/0
[  510.923358][T11355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1935'.
[  512.171525][T11368] netlink: 'syz.3.1940': attribute type 1 has an invalid length.
[  512.216046][T11368] 8021q: adding VLAN 0 to HW filter on device bond7
[  512.237609][T11373] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  512.246815][T11373] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  512.256189][T11373] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  512.266030][T11373] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  512.282302][T11373] bond7: (slave geneve2): making interface the new active one
[  512.294292][T11373] bond7: (slave geneve2): Enslaving as an active interface with an up link
[  512.305569][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): bond7: link becomes ready
[  514.138170][T11391] netdevsim netdevsim7: loading /lib/firmware/. failed with error -22
[  514.152996][T11391] netdevsim netdevsim7: Direct firmware load for . failed with error -22
[  514.180696][T11391] netdevsim netdevsim7: Falling back to sysfs fallback for: .
[  514.197857][T11395] sock: sock_set_timeout: `syz.7.1948' (pid 11395) tries to set negative timeout
[  515.908933][T11415] ODEBUG: Out of memory. ODEBUG disabled
[  516.260871][T11429] netlink: zone id is out of range
[  516.266597][T11429] netlink: zone id is out of range
[  516.389570][T11429] netlink: zone id is out of range
[  516.522908][T11429] netlink: zone id is out of range
[  516.632797][T11429] netlink: zone id is out of range
[  516.749175][T11429] netlink: zone id is out of range
[  516.888723][T11429] netlink: zone id is out of range
[  516.927731][T11429] netlink: zone id is out of range
[  516.956232][T11429] netlink: zone id is out of range
[  519.104832][T11450] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1966'.
[  519.158954][T11450] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1966'.
[  520.223834][T11461] netlink: 'syz.3.1971': attribute type 13 has an invalid length.
[  520.278860][   T26] kauditd_printk_skb: 19 callbacks suppressed
[  520.278879][   T26] audit: type=1800 audit(4147483697.164:409): pid=11463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1972" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  521.432996][T11461] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  521.442232][T11461] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  521.451243][T11461] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  521.460248][T11461] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  521.607696][T11461] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  521.627007][T11461] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  521.649643][T11461] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  521.689010][T11461] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  521.708746][T11460] device batadv_slave_1 entered promiscuous mode
[  521.747665][T11466] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1970'.
[  521.769707][T11466] device batadv_slave_1 left promiscuous mode
[  521.855341][T11489] netlink: 'syz.3.1977': attribute type 1 has an invalid length.
[  521.902106][T11492] bond8: (slave bridge2): making interface the new active one
[  521.920479][T11492] bond8: (slave bridge2): Enslaving as an active interface with an up link
[  522.020411][T11489] device macvlan4 entered promiscuous mode
[  522.027134][T11489] device bond8 entered promiscuous mode
[  522.032814][T11489] device bridge2 entered promiscuous mode
[  522.039541][T11489] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  522.047426][T11489] bond8: (slave macvlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  522.071045][T11489] device bond8 left promiscuous mode
[  522.083540][T11489] device bridge2 left promiscuous mode
[  523.480426][T11537] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1995'.
[  524.117385][T11544] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1997'.
[  525.721283][T11562] capability: warning: `syz.7.1999' uses 32-bit capabilities (legacy support in use)
[  528.179233][T11586] netlink: 'syz.2.2006': attribute type 11 has an invalid length.
[  528.377359][T11602] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2016'.
[  528.448384][T11602] bridge1: port 1(veth3) entered blocking state
[  528.487073][T11602] bridge1: port 1(veth3) entered disabled state
[  528.541496][T11602] device veth3 entered promiscuous mode
[  528.582437][T11605] bridge1: port 2(veth5) entered blocking state
[  528.619347][T11605] bridge1: port 2(veth5) entered disabled state
[  528.724544][T11605] device veth5 entered promiscuous mode
[  529.674764][T11629] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2019'.
[  529.904582][T11627] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  532.622372][T11664] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  532.683888][T11668] overlayfs: failed to clone upperpath
[  533.859494][T11690] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2042'.
[  533.881515][T11690] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  533.889896][T11690] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  533.898109][T11690] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  533.906372][T11690] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  535.813051][T11739] netlink: 'syz.6.2058': attribute type 4 has an invalid length.
[  539.606318][T11792] netlink: 'syz.6.2074': attribute type 10 has an invalid length.
[  539.659873][T11792] netlink: 14 bytes leftover after parsing attributes in process `syz.6.2074'.
[  539.700529][T11792] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  539.737030][T11792] bond0 (unregistering): Released all slaves
[  541.219291][T11824] sctp: [Deprecated]: syz.6.2085 (pid 11824) Use of int in max_burst socket option.
[  541.219291][T11824] Use struct sctp_assoc_value instead
[  545.133507][T11856] bond2: (slave lo): Releasing backup interface
[  545.184525][T11856] bond2: (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  545.260290][T11856] bond0: (slave bridge_slave_1): Releasing backup interface
[  545.269681][T11856] device bridge_slave_1 left promiscuous mode
[  545.289874][ T4173] lo speed is unknown, defaulting to 1000
[  545.403250][T11861] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2094'.
[  545.498663][T11868] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2097'.
[  545.536645][T11868] HTB: quantum of class 4000A is big. Consider r2q change.
[  545.549230][T11868] HTB: quantum of class 4000A is big. Consider r2q change.
[  545.943875][T11878] xt_policy: neither incoming nor outgoing policy selected
[  548.544603][   T26] audit: type=1326 audit(4147483725.434:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11898 comm="syz.6.2108" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f88da8dceb9 code=0x0
[  548.886514][T11906] xt_TPROXY: Can be used only with -p tcp or -p udp
[  553.575538][T11955] trusted_key: encrypted_key: master key parameter 'šÙ|™{E' is invalid
[  554.287593][T11968] blk_update_request: I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  554.299539][T11968] F2FS-fs (loop13): Unable to read 1th superblock
[  554.308372][T11968] blk_update_request: I/O error, dev loop13, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  554.319779][T11968] F2FS-fs (loop13): Unable to read 2th superblock
[  555.910194][T11985] gfs2: gfs2 mount does not exist
[  559.249377][T12022] 9p filesystem being mounted at /262/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  559.663777][T12037] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2142'.
[  563.479606][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  563.486145][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  564.112925][T12083] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2158'.
[  564.366441][T12083] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2158'.
[  565.344481][T12105] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  565.366516][T12105] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2164'.
[  572.215272][T12158] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  572.234725][T12158] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2183'.
[  572.277216][T12161] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  572.425373][T12170] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  575.562703][T12208] autofs4:pid:12208:autofs_fill_super: called with bogus options
[  576.297145][   T26] audit: type=1326 audit(6294967401.184:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.4.2199" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2fb2ce5eb9 code=0x0
[  576.422149][T12221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  576.493178][T12221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  577.410590][T12241] Invalid option length (1047662) for dns_resolver key
[  578.183502][T12259] autofs4:pid:12259:autofs_fill_super: called with bogus options
[  580.311051][T12273] netlink: 'syz.7.2219': attribute type 1 has an invalid length.
[  580.372008][T12273] 8021q: adding VLAN 0 to HW filter on device bond3
[  580.569247][T12277] bond3: (slave gretap2): making interface the new active one
[  580.710584][T12277] bond3: (slave gretap2): Enslaving as an active interface with an up link
[  581.426212][T12280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2222'.
[  581.461425][T12280] device hsr_slave_0 left promiscuous mode
[  581.851842][T12292] Invalid option length (1047662) for dns_resolver key
[  581.865231][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  582.570905][T12294] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2236'.
[  582.704028][T12298] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  582.988339][T12306] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  583.082677][T12311] autofs4:pid:12311:autofs_fill_super: called with bogus options
[  584.268644][T12314] xt_policy: output policy not valid in PREROUTING and INPUT
[  585.811362][T12318] sctp: [Deprecated]: syz.4.2234 (pid 12318) Use of struct sctp_assoc_value in delayed_ack socket option.
[  585.811362][T12318] Use struct sctp_sack_info instead
[  585.946243][   T26] audit: type=1326 audit(6294967410.764:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12319 comm="syz.7.2233" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0c35f1beb9 code=0x0
[  586.904683][T12336] netlink: 'syz.2.2239': attribute type 1 has an invalid length.
[  587.857574][T12336] 8021q: adding VLAN 0 to HW filter on device bond3
[  587.925692][T12343] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2241'.
[  587.998930][T12338] bond3: (slave gretap1): making interface the new active one
[  588.037687][T12338] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  588.047024][ T4285] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  588.135822][T12353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2246'.
[  591.176169][T12372] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  591.249357][T12372] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  595.573492][T12404] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2260'.
[  596.510748][   T26] audit: type=1326 audit(6294967421.404:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12412 comm="syz.3.2261" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2bcd45eb9 code=0x0
[  596.549561][T12417] netlink: 'syz.4.2262': attribute type 1 has an invalid length.
[  596.915298][T12417] 8021q: adding VLAN 0 to HW filter on device bond3
[  596.980129][T12420] bond3: (slave gretap1): making interface the new active one
[  597.032000][T12420] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  597.043318][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  597.616565][T12430] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2266'.
[  598.603247][T12436] net_ratelimit: 24 callbacks suppressed
[  598.603266][T12436] Set syz0 is full, maxelem 0 reached
[  598.704619][T12437] autofs4:pid:12437:autofs_fill_super: called with bogus options
[  599.605901][T12445] netlink: 104 bytes leftover after parsing attributes in process `syz.7.2273'.
[  600.770812][   T26] audit: type=1326 audit(6294967425.664:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.2.2276" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcd08596eb9 code=0x0
[  601.928699][T12477] No such timeout policy "syz1"
[  603.372913][T12492] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2289'.
[  603.401253][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  604.538314][T12504] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2291'.
[  606.466842][T12536] No such timeout policy "syz1"
[  609.449631][   T26] audit: type=1326 audit(6294967434.344:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12560 comm="syz.3.2307" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2bcd45eb9 code=0x0
[  611.151363][T12578] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2308'.
[  614.175058][T12612] overlayfs: failed to clone upperpath
[  615.476264][T12632] netlink: zone id is out of range
[  617.647833][T12632] netlink: zone id is out of range
[  617.653480][T12632] netlink: zone id is out of range
[  617.661572][T12632] netlink: zone id is out of range
[  617.666839][T12632] netlink: zone id is out of range
[  617.689242][T12632] netlink: zone id is out of range
[  617.694403][T12632] netlink: zone id is out of range
[  617.707407][T12632] netlink: zone id is out of range
[  617.728536][T12632] netlink: zone id is out of range
[  617.746482][T12632] netlink: zone id is out of range
[  618.529269][T12650] 9p filesystem being mounted at /505/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  625.148013][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  625.154400][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  626.754302][T12717] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  626.834225][T12723] device batadv_slave_1 entered promiscuous mode
[  626.842413][T12723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2350'.
[  626.855919][T12723] bond1: (slave batadv_slave_1): Releasing backup interface
[  626.868007][T12723] device batadv_slave_1 left promiscuous mode
[  630.124967][T12755] overlayfs: failed to clone upperpath
[  630.316245][T12768] device batadv_slave_1 entered promiscuous mode
[  630.324359][T12768] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2364'.
[  630.342261][T12768] device batadv_slave_1 left promiscuous mode
[  635.805949][T12823] netlink: 'syz.4.2380': attribute type 13 has an invalid length.
[  636.095696][T12830] device batadv_slave_1 entered promiscuous mode
[  636.120939][T12834] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2378'.
[  636.132051][T12834] device batadv_slave_1 left promiscuous mode
[  636.138374][T12834] batman_adv: batadv0: Removing interface: batadv_slave_1
[  636.220515][T12842] netlink: 'syz.6.2397': attribute type 13 has an invalid length.
[  636.442627][T12842] netdevsim netdevsim6 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  636.451112][T12842] netdevsim netdevsim6 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  636.459613][T12842] netdevsim netdevsim6 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  636.468130][T12842] netdevsim netdevsim6 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  636.612548][   T26] audit: type=1800 audit(6294967461.504:416): pid=12860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2392" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  637.914761][T12879] device batadv_slave_1 entered promiscuous mode
[  637.932999][T12881] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2399'.
[  637.953966][T12879] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2400'.
[  637.986700][T12879] device batadv_slave_1 left promiscuous mode
[  639.586645][T12919] 9p filesystem being mounted at /319/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  644.711197][T12964] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2420'.
[  644.754783][T12964] bridge4: port 1(veth1) entered blocking state
[  644.762814][T12964] bridge4: port 1(veth1) entered disabled state
[  644.771694][T12964] device veth1 entered promiscuous mode
[  644.920398][T12970] bridge4: port 2(veth3) entered blocking state
[  644.939745][T12970] bridge4: port 2(veth3) entered disabled state
[  644.982068][T12970] device veth3 entered promiscuous mode
[  646.165976][T12984] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2430'.
[  646.192053][T12988] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2441'.
[  646.299536][T12988] bridge1: port 1(veth3) entered blocking state
[  646.318579][T12988] bridge1: port 1(veth3) entered disabled state
[  646.340356][T12988] device veth3 entered promiscuous mode
[  647.332954][T12994] bridge1: port 2(veth5) entered blocking state
[  647.858644][T12994] bridge1: port 2(veth5) entered disabled state
[  647.883116][T12994] device veth5 entered promiscuous mode
[  649.749047][T13034] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2445'.
[  651.865122][T13062] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2454'.
[  655.763928][ T1276] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  656.255221][ T1276] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  656.583667][T12476] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  656.891317][T13115] netlink: 'syz.3.2465': attribute type 4 has an invalid length.
[  668.540304][T13219] netlink: 'syz.2.2495': attribute type 10 has an invalid length.
[  668.910751][T13219] device wlan1 entered promiscuous mode
[  668.955597][T13219] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  669.011866][T13225] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2495'.
[  669.141933][T13225] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  669.424101][T13225] device wlan1 left promiscuous mode
[  671.359334][T13225] bond0 (unregistering): Released all slaves
[  671.430764][T13249] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2504'.
[  671.460113][T13249] device sit2 entered promiscuous mode
[  672.557687][T13266] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2510'.
[  672.672606][T13266] bridge2: port 1(veth11) entered blocking state
[  673.322575][T13266] bridge2: port 1(veth11) entered disabled state
[  673.348599][T13266] device veth11 entered promiscuous mode
[  673.431490][T13267] bridge2: port 2(veth13) entered blocking state
[  673.453272][T13267] bridge2: port 2(veth13) entered disabled state
[  673.483846][T13267] device veth13 entered promiscuous mode
[  677.189621][T13306] netlink: 'syz.7.2517': attribute type 10 has an invalid length.
[  677.199720][T13306] netlink: 14 bytes leftover after parsing attributes in process `syz.7.2517'.
[  677.221264][T13306] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  677.234434][T13306] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  677.247413][T13306] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  677.262051][T13306] bond0 (unregistering): Released all slaves
[  677.328506][   T26] audit: type=1326 audit(6294967502.214:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13307 comm="syz.3.2531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7fc00000
[  681.261128][T13327] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2538'.
[  681.276191][T13327] device sit4 entered promiscuous mode
[  683.607592][T13371] netlink: 'syz.4.2536': attribute type 10 has an invalid length.
[  685.110848][T13371] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  685.780190][T13380] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2536'.
[  685.843174][T13380] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  686.080350][T13380] bond0 (unregistering): Released all slaves
[  686.352183][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  686.358821][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  688.051191][T13411] xt_l2tp: missing protocol rule (udp|l2tpip)
[  690.941191][T13430] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2553'.
[  690.970642][T13430] bridge5: port 1(veth11) entered blocking state
[  690.977511][T13430] bridge5: port 1(veth11) entered disabled state
[  690.986017][T13430] device veth11 entered promiscuous mode
[  691.012528][T13430] bridge5: port 2(veth13) entered blocking state
[  691.022546][T13430] bridge5: port 2(veth13) entered disabled state
[  691.035903][T13430] device veth13 entered promiscuous mode
[  692.068475][T13442] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2558'.
[  692.112054][T13445] netlink: 'syz.3.2559': attribute type 10 has an invalid length.
[  692.453425][T13445] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2559'.
[  693.000965][T13445] bond5: (slave macvlan2): Releasing active interface
[  693.019426][T13445] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  693.032268][T13445] bond0 (unregistering): Released all slaves
[  694.206291][T13469] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  695.088353][T13503] netlink: 'syz.6.2579': attribute type 10 has an invalid length.
[  695.101821][T13503] netlink: 14 bytes leftover after parsing attributes in process `syz.6.2579'.
[  695.128685][T13504] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  695.415928][T13508] xt_TPROXY: Can be used only with -p tcp or -p udp
[  698.143078][T13541] fuse: Bad value for 'fd'
[  705.727524][T13621] xt_TPROXY: Can be used only with -p tcp or -p udp
[  706.572245][T13619] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2614'.
[  706.642453][T13626] overlayfs: failed to clone upperpath
[  710.628133][T13647] netlink: 'syz.2.2621': attribute type 10 has an invalid length.
[  710.853599][T13654] overlayfs: failed to clone upperpath
[  711.017587][T13662] overlayfs: missing 'lowerdir'
[  711.064684][T13662] overlayfs: failed to clone upperpath
[  713.096331][T13686] MPTCP: kernel_bind error, err=-98
[  714.319306][T13694] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000
[  716.410722][T13711] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2643'.
[  718.852644][T13727] batman_adv: batadv0: Adding interface: dummy0
[  718.867080][T13727] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  718.968134][T13727] batman_adv: batadv0: Interface activated: dummy0
[  718.991570][T13727] net_ratelimit: 23 callbacks suppressed
[  718.991593][T13727] batadv0: mtu less than device minimum
[  719.008043][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.021311][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.033626][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.045914][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.058196][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.070486][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.082758][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.095129][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  719.107403][T13727] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  720.925010][   T26] audit: type=1326 audit(6294967545.814:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  720.958159][   T26] audit: type=1326 audit(6294967545.844:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd2bcd3fcd7 code=0x7ffc0000
[  721.003989][   T26] audit: type=1326 audit(6294967545.844:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd2bcce72d9 code=0x7ffc0000
[  721.032281][   T26] audit: type=1326 audit(6294967545.844:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  721.076996][   T26] audit: type=1326 audit(6294967545.844:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  721.108160][   T26] audit: type=1326 audit(6294967545.844:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  721.167043][   T26] audit: type=1326 audit(6294967545.844:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  721.193092][   T26] audit: type=1326 audit(6294967545.844:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  721.321010][   T26] audit: type=1326 audit(6294967545.844:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  721.344848][   T26] audit: type=1326 audit(6294967545.844:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13767 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  724.269355][T13831] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2685'.
[  725.735829][T13856] MPTCP: kernel_bind error, err=-98
[  729.123246][T13895] netlink: 'syz.3.2701': attribute type 1 has an invalid length.
[  729.210730][T13895] 8021q: adding VLAN 0 to HW filter on device bond0
[  729.376203][T13895] bond0: (slave vlan2): Opening slave failed
[  736.044154][T13946] netlink: 'syz.7.2715': attribute type 4 has an invalid length.
[  739.194897][T13977] UBIFS error (pid: 13977): cannot open "ubifs", error -22
[  739.288643][T13978] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2728'.
[  740.026623][T13981] net_ratelimit: 10 callbacks suppressed
[  740.026644][T13981] Set syz1 is full, maxelem 1021 reached
[  742.302418][T14003] 9pnet: Insufficient options for proto=fd
[  747.984281][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  747.994020][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  749.095049][T14070] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  749.121329][T14070] CIFS mount error: No usable UNC path provided in device string!
[  749.121329][T14070] 
[  749.131912][T14070] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  750.331587][T14067] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2766'.
[  752.195538][T14108] xt_time: unknown flags 0xc
[  753.343540][T14120] ipt_CLUSTERIP: Please specify destination IP
[  753.589557][T14118] netlink: 'syz.6.2768': attribute type 1 has an invalid length.
[  753.761358][   T26] kauditd_printk_skb: 25 callbacks suppressed
[  753.761383][   T26] audit: type=1326 audit(6294967578.504:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  753.911038][T14118] 8021q: adding VLAN 0 to HW filter on device bond0
[  753.930848][   T26] audit: type=1326 audit(6294967578.724:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  753.967367][T14131] bond0: (slave vlan2): Opening slave failed
[  753.994199][   T26] audit: type=1326 audit(6294967578.724:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  754.035103][T14133] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2772'.
[  754.082064][T14127] lo speed is unknown, defaulting to 1000
[  754.104393][T14127] lo speed is unknown, defaulting to 1000
[  754.112152][   T26] audit: type=1326 audit(6294967578.724:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  754.166570][   T26] audit: type=1326 audit(6294967578.724:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  754.252046][   T26] audit: type=1326 audit(6294967578.744:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  754.396527][   T26] audit: type=1326 audit(6294967578.744:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  754.516059][   T26] audit: type=1326 audit(6294967578.744:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  754.617350][   T26] audit: type=1326 audit(6294967578.744:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  754.641559][T14151] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  754.641559][T14151] The task syz.4.2777 (14151) triggered the difference, watch for misbehavior.
[  754.733180][   T26] audit: type=1326 audit(6294967578.744:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14122 comm="syz.2.2771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fcd08596eb9 code=0x7ffc0000
[  756.261423][T14170] UBIFS error (pid: 14170): cannot open "ubifs", error -22
[  756.936440][T14179] netlink: 'syz.3.2788': attribute type 1 has an invalid length.
[  756.954685][T14179] netlink: 'syz.3.2788': attribute type 1 has an invalid length.
[  757.209925][T14190] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2793'.
[  757.223686][T14189] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2792'.
[  759.273897][T14190] 9pnet: Insufficient options for proto=fd
[  761.149304][T14227] UBIFS error (pid: 14227): cannot open "ubifs", error -22
[  761.787031][T14236] netlink: 'syz.3.2806': attribute type 1 has an invalid length.
[  761.845007][T14236] 8021q: adding VLAN 0 to HW filter on device bond9
[  761.937251][T14245] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2808'.
[  761.990453][T14245] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2808'.
[  762.017257][T14236] bond9: (slave dummy0): making interface the new active one
[  762.029432][T14236] bond9: (slave dummy0): Enslaving as an active interface with an up link
[  762.239158][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): bond9: link becomes ready
[  764.828015][T14284] UBIFS error (pid: 14284): cannot open "ubifs", error -22
[  765.808752][T14292] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2819'.
[  768.366587][T14318] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2826'.
[  768.410556][T14318] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2826'.
[  768.476045][T14323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2827'.
[  768.759117][T14330] 9pnet: Insufficient options for proto=fd
[  772.067124][T14369] netlink: 'syz.7.2839': attribute type 10 has an invalid length.
[  772.077223][T14369] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2839'.
[  772.109475][T14365] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2849'.
[  772.155437][T14365] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2849'.
[  772.322560][T14365] device bridge0 entered promiscuous mode
[  772.339752][T14365] device ip6gretap0 entered promiscuous mode
[  772.363529][T14365] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  772.400750][T14365] hsr1: Slave B (ip6gretap0) is not up; please bring it up to get a fully working HSR network
[  773.235672][T14384] blk_update_request: I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  773.248001][T14384] FAT-fs (loop15): unable to read boot sector
[  774.090427][T14389] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2846'.
[  774.324668][T14392] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2846'.
[  779.720265][T14453] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2864'.
[  779.730285][T14453] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2864'.
[  781.162820][T14462] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2866'.
[  781.411284][T14460] netlink: 'syz.6.2876': attribute type 4 has an invalid length.
[  781.422265][T14460] netlink: 128124 bytes leftover after parsing attributes in process `syz.6.2876'.
[  782.171032][T14462] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2866'.
[  784.486627][T14501] bond1: (slave veth7): Enslaving as an active interface with a down link
[  785.023638][T14501] bond1: (slave ip6gretap1): making interface the new active one
[  785.041968][T14501] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  787.758875][T14550] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2889'.
[  796.368704][T14615] lo speed is unknown, defaulting to 1000
[  796.383218][T14615] lo speed is unknown, defaulting to 1000
[  799.912194][T14627] overlayfs: failed to clone upperpath
[  799.948567][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  799.948587][   T26] audit: type=1326 audit(6294967624.794:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14623 comm="syz.2.2913" exe="/root/syz-executor" sig=9 arch=c000003e syscall=39 compat=0 ip=0x7fcd08590cd7 code=0x0
[  800.301996][T14636] bridge0: the hash_elasticity option has been deprecated and is always 16
[  802.565970][T14677] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2931'.
[  802.583585][T14677] netlink: 'syz.3.2931': attribute type 12 has an invalid length.
[  803.736445][T14691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2936'.
[  803.837168][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  803.860505][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  803.879569][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  803.902066][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  803.925801][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  803.942815][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  805.114541][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  805.207020][T14705] netlink: 'syz.7.2938': attribute type 29 has an invalid length.
[  807.451145][T14751] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2954'.
[  809.917662][T14792] sctp: [Deprecated]: syz.7.2962 (pid 14792) Use of struct sctp_assoc_value in delayed_ack socket option.
[  809.917662][T14792] Use struct sctp_sack_info instead
[  810.122028][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  810.128482][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  810.337263][T14806] IPVS: length: 218 != 24
[  811.590351][T14832] netlink: 'syz.7.2969': attribute type 21 has an invalid length.
[  811.598304][T14832] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2969'.
[  815.989720][T14865] ptrace attach of "./syz-executor exec"[7204] was attempted by ""[14865]
[  817.933488][T14891] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2992'.
[  819.471910][T14899] MPTCP: kernel_bind error, err=-98
[  819.486141][T14899] wlan0 speed is unknown, defaulting to 1000
[  819.518530][T14899] wlan0 speed is unknown, defaulting to 1000
[  819.525054][T14899] wlan0 speed is unknown, defaulting to 1000
[  819.561254][T14899] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  821.428099][T14913] sctp: [Deprecated]: syz.3.2995 (pid 14913) Use of struct sctp_assoc_value in delayed_ack socket option.
[  821.428099][T14913] Use struct sctp_sack_info instead
[  821.835929][T14899] wlan0 speed is unknown, defaulting to 1000
[  821.878016][T14899] wlan0 speed is unknown, defaulting to 1000
[  822.410675][T14899] wlan0 speed is unknown, defaulting to 1000
[  822.549484][T14899] wlan0 speed is unknown, defaulting to 1000
[  822.582151][T14899] wlan0 speed is unknown, defaulting to 1000
[  824.021200][T14945] tipc: Failed to remove unknown binding: 66,0,0/134418688:2833750902/2833750903
[  824.087681][T14945] tipc: Failed to remove unknown binding: 66,0,0/134418688:2833750902/2833750903
[  827.892150][T14989] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3019'.
[  827.901501][T14989] chnl_net:caif_netlink_parms(): no params data found
[  829.204904][T15005] device ip6gre1 entered promiscuous mode
[  829.239852][T15005] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  830.180124][T14157] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  830.247008][T14157] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  830.590518][ T4257] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  832.208632][ T4257] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  832.271527][ T4257] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  834.498490][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  834.689958][T15082] netlink: 'syz.2.3042': attribute type 21 has an invalid length.
[  834.697839][T15082] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3042'.
[  836.667461][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  836.734050][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  836.893434][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  837.081602][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  837.212018][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  837.316625][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  837.357239][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  837.397698][T15097] netlink: 'syz.3.3046': attribute type 29 has an invalid length.
[  839.443353][T15149] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3061'.
[  839.792825][T15160] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  840.001672][T15160] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  840.045581][T15162] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  840.199534][T15164] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  840.468013][T15164] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  840.609807][T15164] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  840.618078][T15164] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  840.647712][T15164] netlink: 'syz.6.3063': attribute type 29 has an invalid length.
[  842.498503][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  844.639420][T15212] x_tables: ip_tables: osf match: only valid for protocol 6
[  846.503054][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  846.519144][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  846.530875][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  846.542750][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  846.555265][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  846.752965][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  846.773124][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  846.787775][T15221] netlink: 'syz.2.3080': attribute type 29 has an invalid length.
[  849.797597][T15246] overlayfs: failed to clone upperpath
[  849.816821][   T26] audit: type=1326 audit(849.294:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15240 comm="syz.2.3088" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd08596eb9 code=0x0
[  853.000091][T15281] device vlan1 entered promiscuous mode
[  854.868552][T15303] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3100'.
[  857.858656][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  862.795048][T15355] bad cache= option: nonw
[  862.795048][T15355] 
[  862.802188][T15355] CIFS: VFS: bad cache= option: nonw
[  864.042310][T15364] netlink: 'syz.4.3126': attribute type 9 has an invalid length.
[  864.050170][T15364] netlink: 126588 bytes leftover after parsing attributes in process `syz.4.3126'.
[  864.566732][T15374] netlink: 'syz.4.3131': attribute type 1 has an invalid length.
[  865.965940][T15374] 8021q: adding VLAN 0 to HW filter on device bond0
[  867.039345][T15383] device veth9 entered promiscuous mode
[  867.050089][T15383] bond0: (slave veth9): Enslaving as an active interface with a down link
[  867.316284][T15374] bond0: (slave vlan1): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  867.374780][T15407] ip6t_srh: unknown srh invflags 7F00
[  868.186218][T15403] lo speed is unknown, defaulting to 1000
[  868.222789][T15403] lo speed is unknown, defaulting to 1000
[  868.236611][T15403] wlan0 speed is unknown, defaulting to 1000
[  870.746411][T15451] UBIFS error (pid: 15451): cannot open "./file0", error -22
[  870.747427][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  870.761513][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  870.820025][T15455] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3152'.
[  882.539425][T15613] lo speed is unknown, defaulting to 1000
[  882.546198][T15613] lo speed is unknown, defaulting to 1000
[  882.669867][T15613] wlan0 speed is unknown, defaulting to 1000
[  885.984655][T15639] netlink: 'syz.2.3200': attribute type 1 has an invalid length.
[  886.212226][T15639] device bond0 entered promiscuous mode
[  886.218787][T15639] 8021q: adding VLAN 0 to HW filter on device bond0
[  887.309320][T15647] bond0: (slave veth7): Enslaving as an active interface with a down link
[  887.832930][T15663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3206'.
[  889.858498][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  893.102848][T15725] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3224'.
[  897.826610][T15773] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  898.117676][T15774] lo speed is unknown, defaulting to 1000
[  898.140837][T15774] lo speed is unknown, defaulting to 1000
[  898.165848][T15774] wlan0 speed is unknown, defaulting to 1000
[  898.541891][T15774] chnl_net:caif_netlink_parms(): no params data found
[  898.800419][T15774] bridge0: port 1(bridge_slave_0) entered blocking state
[  898.848496][T15774] bridge0: port 1(bridge_slave_0) entered disabled state
[  898.896380][T15774] device bridge_slave_0 entered promiscuous mode
[  898.929805][T15774] bridge0: port 2(bridge_slave_1) entered blocking state
[  898.971969][T15774] bridge0: port 2(bridge_slave_1) entered disabled state
[  899.181848][T15774] device bridge_slave_1 entered promiscuous mode
[  899.954787][ T4173] Bluetooth: hci5: command 0x0409 tx timeout
[  900.290805][T15774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  901.146778][T15774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  901.284331][T15774] team0: Port device team_slave_0 added
[  902.033903][ T5816] Bluetooth: hci5: command 0x041b tx timeout
[  902.188190][T15774] team0: Port device team_slave_1 added
[  902.422262][T15774] batman_adv: batadv0: Adding interface: batadv_slave_0
[  903.217540][T15774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  903.253246][T15774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  903.285854][T15774] batman_adv: batadv0: Adding interface: batadv_slave_1
[  904.659839][ T5816] Bluetooth: hci5: command 0x040f tx timeout
[  905.216279][T15774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  905.281884][T15774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  906.697331][T15774] device hsr_slave_0 entered promiscuous mode
[  906.901657][ T5816] Bluetooth: hci5: command 0x0419 tx timeout
[  906.984919][T15774] device hsr_slave_1 entered promiscuous mode
[  906.993482][T15774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  908.058832][T15774] Cannot create hsr debugfs directory
[  910.221725][T15774] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  910.266265][T15877] device vlan2 entered promiscuous mode
[  910.278716][T15877] device bridge0 entered promiscuous mode
[  910.457020][T15774] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  910.477543][T15774] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  910.707912][T15774] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  915.172629][T15901] netlink: 'syz.2.3269': attribute type 10 has an invalid length.
[  915.699136][T15774] 8021q: adding VLAN 0 to HW filter on device bond0
[  915.715981][T15774] 8021q: adding VLAN 0 to HW filter on device team0
[  915.750114][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  915.772615][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  915.784830][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  915.797848][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  915.833131][  T413] bridge0: port 1(bridge_slave_0) entered blocking state
[  915.840514][  T413] bridge0: port 1(bridge_slave_0) entered forwarding state
[  915.947758][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  916.257967][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  916.272153][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[  916.279836][  T413] bridge0: port 2(bridge_slave_1) entered forwarding state
[  916.294918][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  916.304193][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  916.316766][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  916.326361][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  916.339953][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  916.447751][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  917.308895][T14256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  917.325164][T14256] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  917.336185][T15916] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3271'.
[  917.350978][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  917.399402][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  917.782198][T15774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  919.188792][T15774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  919.551051][T14256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  919.570258][T14256] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  919.779278][T15931] overlayfs: failed to clone upperpath
[  921.204079][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  921.228788][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  921.266908][T15774] 8021q: adding VLAN 0 to HW filter on device batadv0
[  923.248463][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  923.259381][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  923.380080][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  923.798756][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  924.031927][T15774] device veth0_vlan entered promiscuous mode
[  924.060942][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  924.079251][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  924.103046][T15774] device veth1_vlan entered promiscuous mode
[  925.176973][T14722] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  925.216281][T14722] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  925.710223][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  925.733423][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  925.811629][T15774] device veth0_macvtap entered promiscuous mode
[  925.842378][T15774] device veth1_macvtap entered promiscuous mode
[  925.904139][T15774] batman_adv: batadv0: Interface activated: batadv_slave_0
[  925.926094][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  925.941055][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  925.986930][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  926.033039][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  926.092297][T15774] batman_adv: batadv0: Interface activated: batadv_slave_1
[  926.108939][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  926.119543][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  926.166553][T15774] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  926.191960][T16002] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3291'.
[  926.201331][T16002] netlink: del zone limit has 8 unknown bytes
[  926.366419][T15774] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  926.456978][T15774] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  926.466206][T15774] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  926.772453][T16006] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  928.744077][T14722] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  928.777143][T14722] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  928.835096][T14722] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  928.882137][ T4285] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  928.893897][ T4285] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  928.908217][T14257] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  932.612319][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  932.618720][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  932.994654][T16049] netlink: 'syz.8.3307': attribute type 3 has an invalid length.
[  933.002622][T16049] netlink: 'syz.8.3307': attribute type 1 has an invalid length.
[  934.274709][T16057] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3309'.
[  942.766150][T16125] xt_CT: No such helper "pptp"
[  946.658020][T16178] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  948.606815][T16191] loop8: detected capacity change from 0 to 4096
[  948.863436][T16191] ntfs3: loop8: Different NTFS' sector size (1024) and media sector size (512)
[  949.428945][T16191] ntfs3: loop8: Mark volume as dirty due to NTFS errors
[  952.578469][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  956.305565][T16283] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  956.331990][T16283] lo speed is unknown, defaulting to 1000
[  956.338900][T16283] lo speed is unknown, defaulting to 1000
[  956.346612][T16283] wlan0 speed is unknown, defaulting to 1000
[  958.884982][T16296] netlink: 'syz.4.3370': attribute type 12 has an invalid length.
[  959.193850][T16305] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3373'.
[  962.219254][T16305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  962.340484][T16305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  963.749368][T16333] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  969.230691][T16401] tipc: Started in network mode
[  969.272602][T16401] tipc: Node identity 080211000001, cluster identity 4711
[  969.318561][T16401] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  970.464464][ T4173] tipc: Node number set to 134418688
[  970.512352][T16401] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3397'.
[  972.328418][ T4173] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  973.941292][ T4173] usb 9-1: Using ep0 maxpacket: 16
[  974.358482][ T4173] usb 9-1: device descriptor read/all, error -71
[  975.363833][T16459] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  976.089255][T16452] device syzkaller0 entered promiscuous mode
[  979.666841][   T26] audit: type=1326 audit(979.144:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  979.690389][T16501] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  979.760675][   T26] audit: type=1326 audit(979.144:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  980.086690][   T26] audit: type=1326 audit(979.174:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  980.124962][   T26] audit: type=1326 audit(979.174:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  980.506486][   T26] audit: type=1326 audit(979.174:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  982.628413][   T26] audit: type=1326 audit(979.174:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  982.883369][   T26] audit: type=1326 audit(979.174:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  982.920590][   T26] audit: type=1326 audit(979.174:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  982.972200][   T26] audit: type=1326 audit(979.174:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  983.845329][   T26] audit: type=1326 audit(979.174:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16498 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2bcd45eb9 code=0x7ffc0000
[  983.946280][T16545] netlink: 856 bytes leftover after parsing attributes in process `syz.4.3433'.
[  988.415939][T16589] "syz.6.3444" (16589) uses obsolete ecb(arc4) skcipher
[  991.124297][T16595] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  991.133771][T16595] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  991.143358][T16595] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  991.157763][T16595] syz.3.3430 (16595) used greatest stack depth: 17360 bytes left
[  991.259333][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  991.259352][   T26] audit: type=1800 audit(989.866:500): pid=16595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3430" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  993.862555][T16619] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  994.655918][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  994.674227][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  995.421715][T16637] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  995.706230][    T7] lo speed is unknown, defaulting to 1000
[  996.459366][T16647] overlayfs: failed to clone upperpath
[  996.557263][T16648] delete_channel: no stack
[ 1002.611057][T16724] overlayfs: failed to clone upperpath
[ 1002.866956][T16728] netlink: 'syz.3.3484': attribute type 21 has an invalid length.
[ 1003.909488][T16734] loop8: detected capacity change from 0 to 40427
[ 1005.235927][T16734] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[ 1005.243779][T16734] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[ 1005.255168][T16734] F2FS-fs (loop8): invalid crc value
[ 1005.269787][T16734] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1005.451536][T16734] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[ 1005.458845][T16734] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1014.849068][T16814] xt_recent: Unsupported userspace flags (000000de)
[ 1023.354810][T16884] loop8: detected capacity change from 0 to 128
[ 1023.422767][T16886] SET target dimension over the limit!
[ 1024.112112][ T4301] Bluetooth: hci5: command 0x0406 tx timeout
[ 1025.581875][T16903] attempt to access beyond end of device
[ 1025.581875][T16903] loop8: rw=2049, want=841, limit=128
[ 1028.327331][T16945] SET target dimension over the limit!
[ 1142.987280][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1142.994291][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P16949/1:b..l
[ 1143.002930][    C1] 	(detected by 1, t=10502 jiffies, g=65505, q=202)
[ 1143.010038][    C1] task:syz.6.3539      state:R  running task     stack:26224 pid:16949 ppid:  6657 flags:0x00004000
[ 1143.022172][    C1] Call Trace:
[ 1143.025457][    C1]  <TASK>
[ 1143.028388][    C1]  __schedule+0x11ef/0x43c0
[ 1143.032993][    C1]  ? release_firmware_map_entry+0x190/0x190
[ 1143.038885][    C1]  ? mark_lock+0x94/0x320
[ 1143.043348][    C1]  ? preempt_schedule_irq+0xb0/0x160
[ 1143.048645][    C1]  preempt_schedule_irq+0xbb/0x160
[ 1143.053851][    C1]  ? __cond_resched+0xd0/0xd0
[ 1143.058554][    C1]  ? rcu_is_watching+0x11/0xa0
[ 1143.063394][    C1]  ? rcu_irq_exit_check_preempt+0xdb/0x200
[ 1143.069218][    C1]  irqentry_exit+0x63/0x70
[ 1143.073787][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 1143.079814][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x13/0x60
[ 1143.086082][    C1] Code: 48 8b 3d 40 bb 10 0c 48 89 de 5b e9 77 3a 44 00 00 00 cc cc 00 00 cc 48 8b 04 24 65 48 8b 0d 14 50 89 7e 65 8b 15 15 50 89 7e <81> e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 34 16 00 00
[ 1143.105787][    C1] RSP: 0018:ffffc90004f3f758 EFLAGS: 00000202
[ 1143.111902][    C1] RAX: ffffffff819f45f5 RBX: 0000000000000001 RCX: ffff88807d875940
[ 1143.119962][    C1] RDX: 0000000080000000 RSI: ffffffff8a79f760 RDI: ffffffff8a79f720
[ 1143.127945][    C1] RBP: ffffc90004f3f8d0 R08: dffffc0000000000 R09: 1ffffffff203a218
[ 1143.136017][    C1] R10: dffffc0000000000 R11: fffffbfff203a219 R12: ffffc90004f3f9a0
[ 1143.143991][    C1] R13: dffffc0000000000 R14: ffffc90004f3f820 R15: 1ffff920009e7f34
[ 1143.151983][    C1]  ? filemap_map_pages+0x1b5/0x13b0
[ 1143.157303][    C1]  filemap_map_pages+0x1b5/0x13b0
[ 1143.162349][    C1]  ? __lock_acquire+0x7d10/0x7d10
[ 1143.167453][    C1]  ? cgroup_rstat_updated+0xd7/0x350
[ 1143.172786][    C1]  ? filemap_read_page+0x4c0/0x4c0
[ 1143.177900][    C1]  ? count_memcg_event_mm+0x324/0x370
[ 1143.183410][    C1]  ? follow_page_pte+0x320/0xc20
[ 1143.188420][    C1]  handle_mm_fault+0x25bc/0x4410
[ 1143.193377][    C1]  ? get_page+0xe0/0xe0
[ 1143.197668][    C1]  ? follow_page_mask+0xa6e/0x12d0
[ 1143.202800][    C1]  __get_user_pages+0x94b/0x11e0
[ 1143.207875][    C1]  ? populate_vma_page_range+0x290/0x290
[ 1143.213517][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 1143.218905][    C1]  populate_vma_page_range+0x213/0x290
[ 1143.224376][    C1]  __mm_populate+0x275/0x3b0
[ 1143.228975][    C1]  ? check_vma_flags+0x480/0x480
[ 1143.233934][    C1]  ? up_write+0x1bb/0x420
[ 1143.238400][    C1]  vm_mmap_pgoff+0x212/0x2d0
[ 1143.243176][    C1]  ? account_locked_vm+0xe0/0xe0
[ 1143.248143][    C1]  ? __lock_acquire+0x7d10/0x7d10
[ 1143.253181][    C1]  ksys_mmap_pgoff+0x140/0x790
[ 1143.257998][    C1]  ? mmap_region+0x1650/0x1650
[ 1143.262783][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1143.268019][    C1]  do_syscall_64+0x4c/0xa0
[ 1143.272455][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1143.277136][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1143.281823][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1143.287722][    C1] RIP: 0033:0x7f88da8dceb9
[ 1143.292137][    C1] RSP: 002b:00007f88d8b17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1143.300554][    C1] RAX: ffffffffffffffda RBX: 00007f88dab58090 RCX: 00007f88da8dceb9
[ 1143.308528][    C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[ 1143.316501][    C1] RBP: 00007f88da94ac1f R08: ffffffffffffffff R09: 0000000000000000
[ 1143.324478][    C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[ 1143.332561][    C1] R13: 00007f88dab58128 R14: 00007f88dab58090 R15: 00007fffd70c4558
[ 1143.340548][    C1]  </TASK>
[ 1143.343570][    C1] rcu: rcu_preempt kthread starved for 10432 jiffies! g65505 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1143.354762][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1143.364734][    C1] rcu: RCU grace-period kthread stack dump:
[ 1143.370625][    C1] task:rcu_preempt     state:R  running task     stack:27384 pid:   15 ppid:     2 flags:0x00004000
[ 1143.381395][    C1] Call Trace:
[ 1143.384677][    C1]  <TASK>
[ 1143.387706][    C1]  __schedule+0x11ef/0x43c0
[ 1143.392318][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1143.398220][    C1]  ? rcu_is_watching+0x11/0xa0
[ 1143.403013][    C1]  ? release_firmware_map_entry+0x190/0x190
[ 1143.408920][    C1]  schedule+0x11b/0x1e0
[ 1143.413145][    C1]  schedule_timeout+0x184/0x2d0
[ 1143.418001][    C1]  ? console_conditional_schedule+0x40/0x40
[ 1143.424029][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 1143.429950][    C1]  ? update_process_times+0x200/0x200
[ 1143.435425][    C1]  ? prepare_to_swait_event+0x331/0x350
[ 1143.441101][    C1]  rcu_gp_fqs_loop+0x2be/0x11d0
[ 1143.445977][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1143.451182][    C1]  ? dyntick_save_progress_counter+0x230/0x230
[ 1143.457352][    C1]  ? rcu_gp_init+0x10f0/0x10f0
[ 1143.462212][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1143.467423][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1143.472686][    C1]  rcu_gp_kthread+0x9b/0x370
[ 1143.477292][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1143.483198][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1143.488424][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1143.494402][    C1]  ? __kthread_parkme+0x157/0x1b0
[ 1143.499508][    C1]  kthread+0x436/0x520
[ 1143.503595][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1143.508722][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1143.513514][    C1]  ret_from_fork+0x1f/0x30
[ 1143.517974][    C1]  </TASK>
[ 1143.520998][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1143.527336][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1143.532597][    C0] NMI backtrace for cpu 0 skipped: idling at default_idle+0xb/0x10