last executing test programs:

16m30.456015496s ago: executing program 4 (id=5):
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x2a}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f00000000c0)=<r2=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r5, &(0x7f0000000980), 0xfdef)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x2020)

16m28.537487971s ago: executing program 4 (id=13):
timer_create(0x3, 0x0, &(0x7f0000044000))
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r1, 0x891b, &(0x7f0000000000)={'lo\x00', {0x2, 0x0, @multicast2=0xac14140a}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@discard}, {@abort}, {@dioread_lock}, {@norecovery}, {@nombcache}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}, {@resuid}, {@init_itable_val}, {@jqfmt_vfsv1}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r3}, 0x10)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

16m25.790116376s ago: executing program 4 (id=18):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)

16m23.94895008s ago: executing program 4 (id=26):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x21408, 0x0, 0x1, 0x0, &(0x7f0000006380))
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x4000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@afid={'afid', 0x3d, 0x7}}], [], 0x6b}})
read$FUSE(r0, &(0x7f0000007100)={0x2020}, 0x941f)

16m22.261893332s ago: executing program 32 (id=26):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x21408, 0x0, 0x1, 0x0, &(0x7f0000006380))
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x4000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@afid={'afid', 0x3d, 0x7}}], [], 0x6b}})
read$FUSE(r0, &(0x7f0000007100)={0x2020}, 0x941f)

8m29.923631552s ago: executing program 5 (id=1188):
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x2, 0x634, &(0x7f0000000480)="$eJzs3c1rXNfdB/DvHcmyxgZHeWI7fkogIoa0VNTWC0qrbuqWUlQIJaSLroUtY+Gxk0pKUUJp1De67SJ/QLrQrqtCN4WCIV23u2y1DBS6yUpdTbl37oxGtjwdxZJGTj8fc+ecM+fec3/nN/dlZoyYAP+zlmcy/ihFlmfe3CrbuzsLrd2dhQfdepLzSRrJeKdI8TApPklupbPk/8sn6+GKp+3no7Wltz/9fPezTmu8Xqr1G4O2G852vWQ6yVhdHtd4t595vKI3wzJh17uJg1E7l6R9wE+v7vcMduGZz1vgLCg6982edn1mT1WneSbr9wGdu2Lnnv1c2x51AAAAAHAKXtjLXrZyadRxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPOk/v3/6lf/J3tPpZhO0f39/4luf5KLIwx1sInhVnvUOOlAAAAAAAAAAODkvbqXvWzlUrfdLtJI8lrVuFw9Xsx72chq1nMjW1nJZjaznrkkU30DTWytbG6uzw2x5fyhW84PGXDz2ecMAAAAAAAAAF9Cv8ry/v//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAWVAkY52iWi5361NpjCeZTDJRrred/KNbf549GnUAAAAAcApe2MtetnKp224X1Wf+q9Xn/sm8l4fZzFo208pq7lTfBXQ+9Td2dxZauzsLD8rlyXG/+68jhVGNmM53D4fv+Vq1RjN3s1Y9cyO3805auZNGtWXpWjeew+P6ZRlT8Z3akJHdqcty5r+vy5M3NsQ6U1VGzvUyMlvHVmbjxcGZOPjqbB91T3Np9L75uXwCOb9Ql0Vy8YenlvNh1Jl4NXUm5vuOvquDM5F89c9//Mm91sP79+5uzJydKR3B+Xa73a0/fkws9GXi5S99JvrNVpm40msv5wf5cWYynbeynrX8LCvZzGqm8/2qtlIfz+Xj1OBM3TrQeqt6bD49kon6delcPY4W02vVtpeylh/lndzJat6o/s1nLt/MYhaz1PcKXxnirG8c7ay//rW6Uk7wd4MnesrKvL5Y5/XD5MA1d6rq639mP0spctzXxvGv1JVyH7+uy7Ph8UzM9WXipcHHyx+qy8pG6+H99Xsr7w65v9frsjyPfnum7hLl8fJ/5YtVtQ4eHWXfS4f2zVV9l3t9jSf6rvT6/tuZOlG/h3typPmq7+VD+xaqvmt9fYe93wLgzLvw9QsTzX82/978uPmb5r3mm5PfO/+t869M5Nzfzn17fHbs9cYrxZ/ycX6x//kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD44jbe/+D+Squ1uv5Ypd1uf/iUri9aGctRtvrrX45z793fIzrG6RxvZfIoK7fPRsxHqfy73W4fy4DbAw7aY6u0a2cidSOqjPjCBJy4m5sP3r258f4H31jr3iIXF5dmlxbfWLh5d621Ott5HHGQwInYv+mPOhIAAAAAAAAAAABgWKfx5wSjniMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwfFueyfijFJmbvTFbtnd3Flrl0q3vrzmepJGk+HlSfJLcSmfJVN9wxdP289Ha0tuffr772f5Y4931G4O2G852vWQ6yVhdHtd4t595vKI3wzJh17uJg1H7TwAAAP//UOQPsQ==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(0x0, 0xc000, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r4, &(0x7f0000000f80)=""/4096, 0x1000)

8m27.160257088s ago: executing program 5 (id=1195):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000380)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_read_part_table(0x105e, &(0x7f0000001080)="$eJzsz7FNw1AUBdBrW7axoGICVxSMwBqIIdjCDVOwQSZIquySMkv8KN9S5AmSFOcU/+tevVe88FBDkrlNSt4OTW2+Xk6/yf/n6zX0zTIk75uFZf3qbJvzOP+1SUop+1tdjfX9nrq+2TSly/FjjVOSn909bgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ3cJAAD//1pKDhw=")
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, &(0x7f0000000340), &(0x7f0000000380)=r4}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

8m25.295587592s ago: executing program 5 (id=1200):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000800000000095000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r2)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000030000005800018044000400200001000a000000000000002d3a000000000000405f000000002e2d00000000200002000a00000000000000fc010000000000000000000000000000000000000d0001007564703a73"], 0x6c}}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x1004491, &(0x7f0000000380)=ANY=[], 0x2, 0x826, &(0x7f00000012c0)="$eJzs3U9sHFf9APDvuHacOGp+1e/3U4miNJ0kRUpE6q7t1sXqoWzXY2dae9faXaNEqGqjxilRnLZqVZVGiJJLCwiEOHEsvVa99AZCAokDcEKiBy4cKlXqBVQQSAiEkIJ2djde/1k7ThynlM9n1X2zb957897sZL87W7+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiqUyXSmNJzOXVxTNpf5Xpem1+k/Xd9n6+KtlkuxFJ67/YuzcOtrMO/v/K6ntbT8ficPvV4djbSvbGlf333vPY/w0OdOtv0qGbdbT/qqHeF0nEN1udunRueXnp5dvQkV30nZ92FvbecJV/XGs9z2bVvFHL58uzWZo3aunU5GTpodMzjXQmn8saZxvNbD6t1LNys1ZPT1ROpmNTUxNpNnq2tlidnS7PZd3MRx8cL5Um0ydHF7JyvVGrPvTkaKNyOp+by6uzRZnx0mvRKvNo60B8Km+mzaw8n6YXLi4vTWzV1VahsVU5w6sOnMMP3PPxqx/99eJS64Ds10jSOTDHx8bGx8cmH5l65NFSaXC8NL46o7RGXC8RAxGtErfloOXO2r9B3mDniFm3IuLa/+zMhzfcooFO/I+5yKMai3Em0khjoHheeQxFJaajHrWYb73+3dCa9evi/+cf+tNvNttub/zvRvmDK6sPRRH/j7RfHekX/9f1Ygceg/1arb7X7k1v3ivxelyJS3EulmM5luLltbX2rK2xweNGytzyY7idDuxsq7ORRTXyaEQSecxHuchJi5xapDEVkzEZpXgmTsdMNCKNmchjLrJoxNloRDOy4oiqRD2yKEczalGPNE5EJU5GGmMxFVMxEWlkMRpnoxaLUY3ZmI5y0cqFuFjs94k1/br3G8/+5Pnffvx2a/l6obFNBpK0vszt/zDiL5sUWhfutxH/WyUGOkf3rsQkdsnebb6rO/PBDTvgWhH/B+90NwAAAIDbKCl+fU8iYijuK5Zm8rnsK3e6WwAAAMAOKv6u+XArGWot3RdJ6/y/tEHJDyKGd717AAAAwA5Iijl2SUSMxP3tpe50qY1+BAAAAAD+AxX///9IKxmJeKPIcP4PAAAAnzHf6neN/Y/2FNfYHYnGwnDysz9HvT6UXF0480ByudwqV758V7teJ/ny9RabM4eSA51GimRy8Mr+JCIGK9nhpHv1y3915hJ8UjwfWrkAYb9r/SdbdCA270DxKr4bR9tljp5vp+e7a9pbGZnJ57LRSm3usbGk8+NI89UXLn4tiuF/uzp/IIkLF5eXRp97cfl80ZerrVauXu5cHj7p1opoT6jYpC/XurMp7tt4xEPFRIzOdkfa2y31jr9zNdmBzcef9G7zzTjWLnNspJ2OrB7/3tY2x0YfG4ty+cBAMzvTfPVaz+g7vRhbGflwd7TJNt6FN+N4u8zxE8fbyQa9GF/VixfW92K8d//f2L644V68ffSNM3/7ZS3JJrbqxcQt9gLgTrlQXPVnJQrtK6LQP6+1tQLamri7r1tzO59yF1a+ZXTr98S6wVgX3dObie5vxol2mRPt7xODhzaIK6UNPtFfuvjSrzqf6A+/+8MfPX3k1++vievb6MW7cbJdppPE//6iT4xtjfl7a6LqO60a7/TdbmNuPHlteGIoad98KK48ePHyueeXnl96YXx8YrL0cKn0yHgMFV8VOkmfnoo8AP/dtrrHzvtfv1603114koe3OKtOBrt/UjAaz8WLsRzn41Qx2yAi7t+41ZGeP0M4tcVZ60jPHV5ObXFuuVJ2fG3Z4eNJ9Ck70bPHPveDIvn7bXpDAGAXHNsiDidxT/uyP6/d3amxpsRdSXKq97z7qxFxqF/MbcXyk+0b53bPjqN/LO/1h076xd3YKQDwGZfVP0lGmm8l9Xq+8MzY1NRYuXk6S+u1ylNpPZ+ezdK82szqldPl6myWLtRrzVql+9PxdNZIG4sLC7V6M52p1dOFWiM/U9z5Pe3c+r2RzZerzbzSWJjLyo0srdSqzXKlmU7njUq6sPjEXN44ndWLyo2FrJLP5JVyM69V00ZtsV7JRtO0kWU9BfPprNrMZ/JsKM2r6UI9ny/Xr0bE3OJ8lk5njUo9X2jW2g12t5VXZw7U54tmR9cP/4+7vb8B4NPgldevXDq3vLz08s0t/P5GCt/pMQIAq4nSAAAAAAAAAAAAAADw6bd+ul4rd1sTAYfipqcPvjIcrYV9N1u9tfB0ZyS3MItxk4XB2OEGN1/4wnvtwexEg+vbGerm3L3VvM99q97TPZ1dvEs7YScXnn388UtXrkZEkZMM9u7eJ944ePrDLLqj26Sdjf+lbDTV9a0DEXt+/P12zpf6FE4Gd3ikH3QHuL3q15JN/uHv6scQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyQfwcAAP//LdJG/Q==")
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x24040840)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x10000}, 0x18)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r6, r6, 0x0, 0xb)

8m18.301294512s ago: executing program 5 (id=1217):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(r3, 0x0, 0x0)

8m16.719885103s ago: executing program 5 (id=1219):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r4, &(0x7f00000008c0)=[{&(0x7f0000000340)='9', 0x1}], 0x1)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x1d, &(0x7f0000000000)=0x3, 0x4)
recvmmsg(r3, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0)

8m14.610191519s ago: executing program 5 (id=1221):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'macsec0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
write$FUSE_CREATE_OPEN(r1, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x3, 0xffffffffffffff80, 0x3, 0x1, {0xffffffffffffffff, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x19e, 0x100100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080), 0x7f04)

7m56.248737826s ago: executing program 33 (id=1221):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'macsec0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
write$FUSE_CREATE_OPEN(r1, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x3, 0xffffffffffffff80, 0x3, 0x1, {0xffffffffffffffff, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x19e, 0x100100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080), 0x7f04)

1m10.895202726s ago: executing program 2 (id=2060):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$xdp(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000480)="fe", 0x1a000}], 0x1, 0x0, 0x0, 0x41}, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000000)={0x2, 0xfffffffffffffff9, 0x2, 0x8001, 0x2, [0x7, 0x12ae1acd, 0x7, 0x28]})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r4, 0x0, 0x0, 0x0, 0x0)
write(r4, &(0x7f0000001680)="95d404bf", 0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

1m9.621537132s ago: executing program 2 (id=2062):
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000000100)=0xfffe, 0x4)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)="3d4077e50823258d495dc9d2c2a25bc7dc0b11bde0d15d0770675db1790111e7", 0x20}, {&(0x7f0000000240)="b28231adddba8ed6f23bf98ca8caa015ab797f57353ec4ceacbd4995a9a6", 0x1e}], 0x2, 0x0)
recvmmsg(r3, &(0x7f0000001440)=[{{&(0x7f0000000280)=@un=@abs, 0x0, &(0x7f0000001400)=[{&(0x7f0000001480)=""/1}, {&(0x7f0000000300)=""/102}, {&(0x7f0000000380)=""/4096}, {&(0x7f0000001380)=""/111}]}}], 0x700, 0x40002002, 0x0)
write$binfmt_misc(r2, &(0x7f0000000040), 0xffc1)
setsockopt$sock_int(r3, 0x1, 0x10, &(0x7f0000000180)=0x55b7, 0x4)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000040)={{r5}, &(0x7f0000000000), &(0x7f0000001a80)='%pB    \x00'}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r6}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

1m8.894909201s ago: executing program 2 (id=2065):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getsockopt$MRT(0xffffffffffffffff, 0x0, 0xd0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
keyctl$setperm(0x5, 0x0, 0x9290101)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
socket$inet6(0xa, 0x80000, 0x1ff)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

1m4.817989944s ago: executing program 2 (id=2071):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000020100)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x266, &(0x7f0000000600)="$eJzs281OE1EYxvGHDwVBmCqKgjG+0Y1uJlCvoCGQGJtokBo/EpNBptp0aEmnwdQYYefW6yAu3ZkYb4CNV+DCHRuXLIxjmKnQlhrDQiba/29zXnJ4mnP6njZn0dl58Ha1XAzdoldXf59pUNrUrpRRvwaU6GuO/XF9Uq02dWMi/+XyvYePbufy+flFs4Xc0s2smY1f+fji1burn+qj99+PfxjSdubJzrfs1+3J7amdH0vPS6GVQqtU6+bZcrVa95YD31ZKYdk1uxv4XuhbqRL6tbb5YlBdW2uYV1kZG1mr+WFoXqVhZb9h9arVaw3znnmlirmua2Mjwp8UthYXvVzaq8DfVavlvDlJ04dmClupLAgAAKSK+38v4/7fC/bu/4+bn9923P8BAAAAAAAAAAAAAAAAAAAAAPgX7EaRE0WR82s8IcVP+ETNv09JGpE0Kum0pDFJ45IcSRlJZySdlTQh6Zyk85ImJV2QdFHSVMtrpb1XHEb/exv97230v7e1PLg7LK2+WS+sF5Ixmc8VVVIgXzNy9D3uZVNSL9zKz89YLKNLqxvN/MZ6YaA9Pytn78B0y88meWvPD8Xnbj+flbN3wLrls13zw7p+rSXvytHnp6oq0Ep8Jg/yr2fN5u7kO/LT8f/971zb17V/rvu7+SR/hPPR8f4Oanow3b1DChsvy14Q+DUKCgqK/SLtbyYch4Omp70SAAAAAAAAAAAAAAAAAMBRHMfPCdPeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnX4GAAD//5KSYE0=")
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
msgctl$MSG_INFO(0x0, 0xc, &(0x7f00000003c0)=""/82)
r4 = msgget$private(0x0, 0x4a0)
msgsnd(r4, 0x0, 0x0, 0x0)
msgrcv(r4, 0x0, 0x0, 0x2, 0xc7e031e7f31e4965)
write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xfd14)
mknod(&(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)

1m3.483281821s ago: executing program 2 (id=2072):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x10, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)

1m1.933973171s ago: executing program 2 (id=2076):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB])
r1 = getpid()
socket$netlink(0x10, 0x3, 0x8)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000001c0)={0x14, r4, 0x31f, 0xffffffff}, 0x14}, 0x1, 0x0, 0x0, 0x40c0}, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000400000000000000001000084080000000000000001"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000040)='source', &(0x7f0000000080)='//', 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r5, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

1m1.546924057s ago: executing program 34 (id=2076):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB])
r1 = getpid()
socket$netlink(0x10, 0x3, 0x8)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000001c0)={0x14, r4, 0x31f, 0xffffffff}, 0x14}, 0x1, 0x0, 0x0, 0x40c0}, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000400000000000000001000084080000000000000001"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000040)='source', &(0x7f0000000080)='//', 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r5, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

42.325472104s ago: executing program 0 (id=2114):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000100), 0xc06620, 0x4)

41.157011979s ago: executing program 0 (id=2117):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./bus\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@nodioread_nolock}, {@resgid}, {@data_err_ignore}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@nullb, 0x0, 0x0)

39.805698607s ago: executing program 0 (id=2120):
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_subtree(r4, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000980)={[{0x2d, 'pids'}]}, 0x1f)

33.963549652s ago: executing program 0 (id=2132):
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@nullb, 0x0, 0x0)

33.898221343s ago: executing program 0 (id=2133):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
listen(r0, 0x1ad72f7)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
link(0x0, 0x0)

32.831822767s ago: executing program 0 (id=2137):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f0000000040)=0xa, 0xd)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x8, 0x0, r5, &(0x7f0000000080), 0x0, 0x300000000000000}])

17.510896584s ago: executing program 35 (id=2137):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f0000000040)=0xa, 0xd)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x8, 0x0, r5, &(0x7f0000000080), 0x0, 0x300000000000000}])

14.679071191s ago: executing program 7 (id=2168):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0x9, 0x8, 0x8, 0x90, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r6, r5, 0x7, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r6, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r4}, 0x20)
sendmmsg$inet6(r4, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000ac0)}], 0x1}}], 0x2, 0x0)

12.234185833s ago: executing program 3 (id=2170):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./bus\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@nodioread_nolock}, {@resgid}, {@data_err_ignore}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@nullb, 0x0, 0x0)
r3 = fsopen(&(0x7f00000000c0)='adfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x8, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})
pipe2$watch_queue(&(0x7f0000000100), 0x80)
socket$netlink(0x10, 0x3, 0x0)

11.823948598s ago: executing program 7 (id=2172):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r2, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r8 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)

11.189949176s ago: executing program 3 (id=2173):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
msgget(0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$ocfs2(&(0x7f0000004840), &(0x7f00000001c0)='./bus\x00', 0x8c0, &(0x7f0000004680)=ANY=[@ANYBLOB="61636c2c6e6f696e74722c6174696d655f7175616e74756d3d30303030303030303030303030303030303030372c6c6f63616c666c6f636b732c6c6f63616c616c6c6f633d30303030303030303030303030303030303030332c6c6f63616c666c6f636b732c696e74722c6865617274626561743d6e6f6e652c0024855616ead4c7dc9e9da093713b0e6a6e67e1af8e4f5d7cbff1185218b41bcefa2f4f41b8212051258a0a6168526c8eef9d759bbb36a4b49ff8042320899ca9b6e9fa68a0abe364e0e2d46408f18da37d557aa1ebb8aa29451a584f1980dc477bd97f6a0446b8957872e51c2adf98e1acff806babdc9d58bc06d6d0b19476862cebe64cafa5a069852602786f40bf6a1bf7594e171d16ced9409b168ef591c2f5b676a2eb18e8a3b91275fd4467aea2037bd9790e240137bc7c80cc99e9dd662a5f"], 0x7, 0x4430, &(0x7f0000000240)="$eJzs3c9PHNcdAPA3A67BtV1wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXNYLrG2ShbVgiXLwgdws5RQphygHK5Fy42RxyNX5E3LJ0TlbSg65RIpkhWh3Z2FndldsEAux8/kcGOb9Zr8zb98chhcnKg+W1nJLa7nCSq68cG/tQu7tcml9uRjiQ9K2/2OH1z/d6cV1ctTX3i/ZzctX/3vnQgifL375Ynt7eztU9Ye2xpp+/+7bRwvNx4Y4U6fabvvWDsobIYSzLeOq6gsh/P+zEKIQwqUkbTI5DoYQToV63p1H793NHdBonj4vXsy/nHu8NX5+dvPJVue/PQrho9Lv/nZ/+es/9o1/9ZcD6h4AAAAAAAAAAAAAAAAAgFfc9K2bt/8zOhaeRaF/M2p9X3c6OXZ6P3b7wPyh938sAAAAAAAAAAAAAAAAAAAA/Eztvv+fi860ef9/KjlOdKi//a/ej5Hemfn3zakro2PJ/u9RS/7fk6RvLvWF4Tb7vmf3f7+Uqd9+//fWfvarMb5Gv0MhikdS53E8MhLCJ8nG7+eiE3GpvFb5673y+srigQ3jlZWOf333/lR0kg39u43/ZKb93u///9uWq6l6fvfgLrHXWjr+fR3Lffpu1FX8L2fqHUb82b90/PtraYPNBSbqE0A1/u/37x3/qUz7vYr/6RBCLqqONZeaAaprmGp6p/UKaen4H6ulpabO5IPsdP9/n4n/lUz7RzX/b2S/iGgrHf9f1dIGUiV27//heO/7/2qm/aOIf3X8G77/u5KO//F6Yn+qSO2T7Hb+n86036v4346TcZ6OUlfAZlRP7/T/6khLx3+gJX/3+S/uav13LVP/sJ7/Gv02nv8a0/+fo/rzH+2l4z/YsVy39/9Mpl6v5/+J2vqP/UrH/0QtLb12Hqr97Db+s5n2exX/2qpkoBH/3fnkh+P19I+t/7qSjv+v64lxc4mN2s/a+i/ae/1/PdP+Uaz/quPfiHvb6+siHf+THctV4/9FF9//NzL1muLfurg4IKPW+vuWjv+pjuVq9//A3vGfy9Tr9f3/p142DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAKmEyOQyEaSp/H8chICJeT83PhRDRfWMzPl8oLb62FMJWk58KZ6H6pPF8o5ZdWyovFfKFUKi+EcCXJPxsGorVSuZJfLjy8utPWYPSgWFitzBcLlRDCdJL++3Cq0db8UmW58DCEcG0n7zdxefXhg8JKfnFp9Z+jo6OjYWZnDMNR8Z1KcaVS772eG8LsTt2hqGlwtezrO2M5Gb1ZXl9dKZRq6Tea6pTKC4VSU525JO+DMBxVVtdXFgqVYr5Uvt/o7yhNJMepmVv/u3VjrCX/blQ/Th7usAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4iZ6N/+PDEEJ//SwOIUw0fonalX/6vHgx/3Lu8db4+dnNJ1svOpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ed24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKA0EURiA34yF2nkMq2W3s11RRAtXBE+gx/AwehQv4R1SpEibIgSSWQibXdgmqb6veTA/M+/BPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//9kGHvg=")
mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0xfffffffffffffffd, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r3, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x1000}, {0x0}], 0x2}}], 0x1, 0x700, 0x0)
sendfile(r4, r3, 0x0, 0x578410eb)

10.408577926s ago: executing program 7 (id=2174):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000380)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00')

9.531149107s ago: executing program 6 (id=2175):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001f00), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_usbip_server_init(0x0)
r3 = socket$inet6(0xa, 0x802, 0x0)
sendmsg$inet(r3, &(0x7f0000000300)={&(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1100000000000000000000000100000000000000000000001c00000000000000000000000700"], 0x38}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
r5 = dup(r4)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0xe501, 0x3, 0x230, 0x0, 0xa, 0x1000000, 0x0, 0x0, 0x198, 0x230, 0x230, 0x198, 0x223, 0x3, 0x0, {[{{@ip={@broadcast, @multicast2, 0x0, 0xffffffff, 'ip6_vti0\x00', 'veth1_to_hsr\x00', {0xff}, {}, 0x6e, 0x0, 0x24}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@ip={@multicast2, @rand_addr, 0x0, 0xffffffff, 'vxcan1\x00', 'veth1_to_batadv\x00', {}, {0xff}, 0x1d}, 0x0, 0x98, 0x100, 0x0, {}, [@common=@unspec=@connlabel={{0x28}, {0x5, 0x1}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x589b, 0x6, 0x0, 'syz1\x00', 'syz1\x00', {0xb}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x290)

9.267882361s ago: executing program 3 (id=2176):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
io_uring_setup(0x200911, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1, 0x2}, 0x10)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r3, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e20, 0x3, 'lblc\x00', 0x1d, 0x2, 0x2a}, {@broadcast, 0x4e21, 0x10000, 0xc24, 0x0, 0xfffffffb}}, 0x44)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x268, 0x300, 0x0, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x230, 0x258, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x10000000}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'dummy0\x00'}, 0x0, 0xd0, 0x138, 0x0, {}, [@common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x5)
unshare(0xc040400)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000003d)

8.5499195s ago: executing program 7 (id=2177):
socket$nl_netfilter(0x10, 0x3, 0xc)
mknod$loop(0x0, 0x6000, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x21, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB], 0x7c}}, 0x50)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3c0, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x130, 0x168, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x420)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003b80)=[{{0x0, 0xd, &(0x7f00000003c0)=[{&(0x7f00000000c0)="e6", 0x1}], 0x1, 0x0, 0x0, 0x7000000}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)='&', 0x23fff}], 0x1}, 0xff03}], 0x4000070, 0x8000)

7.514421693s ago: executing program 3 (id=2178):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32], &(0x7f0000000200)='syzkaller\x00', 0x4, 0x0, 0xfffffffffffffffe, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x2, @scatter={0x0, 0x40600, 0x0}, &(0x7f0000000080)="0000501ef663", 0x0, 0x800004, 0x10030, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x7, 0x6576, 0x8})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r2, 0x100000000)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='gfs2\x00', 0x2208004, 0x0)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
add_key$user(&(0x7f0000002300), 0x0, 0x0, 0x0, 0xffffffffffffffff)
open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000080)=ANY=[], 0x32600)

7.078661989s ago: executing program 6 (id=2180):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c4400000000000e0fe1709850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=r5, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000200)="bd", 0x1}], 0x1}}], 0x1, 0x41)

5.328209351s ago: executing program 1 (id=2181):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, 0x0)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
write$FUSE_DIRENTPLUS(r1, 0x0, 0xb0)
write$FUSE_GETXATTR(r1, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r1, &(0x7f00000005c0)=ANY=[], 0xb8)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)

5.327049942s ago: executing program 6 (id=2182):
socket$inet6(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x200000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
flock(0xffffffffffffffff, 0xc)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_elf64(r4, &(0x7f00000003c0)=ANY=[], 0x78)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
r5 = socket(0x15, 0x5, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e22, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, 0x1c)

5.326729771s ago: executing program 7 (id=2190):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="6c617374626c6f636b3d30303030303030303030303030343030303232362c6164696e6963622c6769643d666f726765742c6e6f7374726963742c756e686964652c6e6f7374726963742c646d6f64653d30303030303030303030303031373737373737373737372c7569643d69676e6f72652c73686f727461642c766f6c756d653d30303030303030303030303030303030303030362c006ccfc2609774313e02c2d8491759bd076d2396dd461f428efd5264becd21addd0616c4f9f9ca450e594eb5a96e323ef167abe79ce4893c5efad6f0d8a069759c60b312a926d668efafdc0cce6325c6c20a1cb1e27f163af918ec6ee857c7ce7f7fbaa1014e5a39e1efcb973dfbc3da0c89621bce397c9b6d9ad6492c3efdb53eb3303884c5f720e3fea4363cd709ed949ea615bfde9c9bd5d66ea0ebac03738fce899afb6e310af29a5033ad193b0e8dcee7e85d1fef91c5e5120f484b2a5111a879e57821f0602bcf09daec6d08cca7051b20d9849873f852a294a8d7dc1f508be76636f8cd"], 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000001940)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x20040844)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')

4.998378196s ago: executing program 1 (id=2183):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {0x1}, @result={0xffffffe0, 0xfffff001}}], 0x1c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{}], 0x1}, 0x0)
syz_pidfd_open(0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000000)={0x0, 0xb, 0x10, 0x5, 0x0, 0x10001, 0x0})
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000eaff"])
request_key(0x0, 0x0, &(0x7f0000000440)='**+\x00', 0xfffffffffffffffd)
syz_clone3(&(0x7f0000000200)={0x280c200, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r5 = syz_open_dev$dri(&(0x7f0000000740), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000100)={&(0x7f0000000200)})
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f0000000080)={0x5, 0x2, 0x2})
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f00000000c0)=0x3)

3.947155869s ago: executing program 6 (id=2184):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0xfffffefffbfbb7fe, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty, 0x6}, 0x1c)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_ON(r5, 0x7001)

3.13131271s ago: executing program 7 (id=2185):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x121d, &(0x7f0000000480)={0x0, 0xfffffffd, 0x80, 0x3, 0x34e}, &(0x7f0000000980)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0xffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket(0x2a, 0x2, 0xfffffffe)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x5c, 0x0, 0x0, 0x0, 0x23457})

3.11880521s ago: executing program 1 (id=2186):
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_open_dev$radio(0x0, 0x2, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r4 = fanotify_init(0xf00, 0x1000)
fanotify_mark(r4, 0x105, 0x5000003a, r3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
readv(r4, &(0x7f0000000c40)=[{&(0x7f0000000500)=""/169, 0xffffffa0}], 0x1)

3.08774318s ago: executing program 3 (id=2187):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a60274fcffffffffffffff14e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bc00d08e36655c00"})
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000400)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x0, 0x60, &(0x7f0000000300)='M', 0x1, 0xc, 0x0, 0x0, 0x5, 0x5f8480, 0x0})
ioctl$USBDEVFS_CLEAR_HALT(r4, 0x80045515, &(0x7f0000000380)={0x1, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.498158301s ago: executing program 3 (id=2188):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16, @ANYRESDEC, @ANYRESOCT], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$proc_mixer(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0xb8)
semget$private(0x0, 0x3, 0x1a0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r3, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)

981.528518ms ago: executing program 1 (id=2189):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}}, 0x0, 0x0, 0xf, 0x0, "0c9e089c1b4a01860b479037f43d223b3c1b324debec40e57a07f7bd0000000021946aff1e7154519cc275d04f6205abd307a0c4fa3838bf399ad5bd35f21907c7988d13000000000000f90900"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000a40)={@in6={{0xa, 0x0, 0x0, @local}}, 0x0, 0x0, 0x2, 0x0, "a1c1dd75a68473ba07d945c3b03e10951cd4b347113e55eb499419be4f7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de9441031348589b763d46d14810acc5f7"}, 0xd8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0xf, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a6843e10951cd4b347113e55eb499519becf7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de9441031348589b763d46d14810acc5f700"}, 0xd8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000300)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)

978.989808ms ago: executing program 6 (id=2191):
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cpuacct.usage_user\x00', 0x275a, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xf, 0x4, &(0x7f0000000100)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8001}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="7a0a00ff0000000071"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x4001, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x10123, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x44)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket(0xa, 0x40000000002, 0x0)
connect$bt_sco(r3, &(0x7f0000000080)={0x1f, @none}, 0x8)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001ac0)={0x1c, 0x8, 0x6, 0x301, 0x0, 0x0, {0x1, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20048040}, 0x4000)

788.94662ms ago: executing program 6 (id=2192):
r0 = socket$alg(0x26, 0x5, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
get_mempolicy(0x0, 0x0, 0x2, &(0x7f0000240000/0x1000)=nil, 0x3)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(ecb-aes-aesni)\x00'}, 0x58)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000440)={'syztnl2\x00', &(0x7f0000000300)={'syztnl2\x00', <r3=>0x0, 0x40, 0x8000, 0x9, 0x1, {{0x5, 0x4, 0x1, 0x33, 0x14, 0x64, 0x0, 0x8, 0x29, 0x0, @rand_addr=0x64010100, @local}}}})
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYRES16=r2, @ANYBLOB="00042cbd7000ffdbdf25180000001c000180080003000300000008000100", @ANYRES32, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="080000000300000014000200697036746e6c300000000000000000008a55c0476293a1ab9d4b520acc9b5267ad7ba004309a2faf646c1eaec035e8be275d901e06cad3d6c393083cf912650d7a96f6691f6552ab8dad581d4bfdd28f3075bc9b992277a6a829f55664def098"], 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x24000844)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x2e0c00, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = fcntl$dupfd(r6, 0x0, r7)
sendto$inet6(r8, 0x0, 0x0, 0xc001, 0x0, 0x0)

594.773803ms ago: executing program 1 (id=2193):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x12, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x6, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0x80a0000})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x183822, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

0s ago: executing program 1 (id=2194):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = open$dir(0x0, 0x40000, 0x10a)
mkdirat(r3, &(0x7f0000000300)='./file0\x00', 0x11c)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r5, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_open_procfs(0x0, 0x0)

kernel console output (not intermixed with test programs):

ned pid=7156 comm="syz.0.692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  360.887115][   T27] audit: type=1326 audit(1748468396.786:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.0.692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  360.939629][ T7169] loop5: detected capacity change from 0 to 16
[  360.943432][   T27] audit: type=1326 audit(1748468396.786:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.0.692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  360.976216][ T7169] erofs: (device loop5): mounted with root inode @ nid 36.
[  361.851822][   T27] audit: type=1326 audit(1748468396.786:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.0.692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  364.898772][ T7189] loop2: detected capacity change from 0 to 512
[  364.942234][ T7189] EXT4-fs (loop2): ea_inode feature is not supported for Hurd
[  369.647050][ T7240] No source specified
[  370.234507][ T7244] netlink: 12 bytes leftover after parsing attributes in process `syz.2.716'.
[  370.345107][ T7245] bridge2: port 1(ip6gretap1) entered blocking state
[  370.351919][ T7245] bridge2: port 1(ip6gretap1) entered disabled state
[  370.374803][ T7245] device ip6gretap1 entered promiscuous mode
[  370.544958][ T7244] device veth3 entered promiscuous mode
[  370.623864][ T7244] bridge2: port 2(veth3) entered blocking state
[  370.643597][ T7244] bridge2: port 2(veth3) entered disabled state
[  373.661834][ T7272] 9pnet_virtio: no channels available for device syz
[  374.033189][ T7273] netlink: 60 bytes leftover after parsing attributes in process `syz.5.725'.
[  376.014942][   T27] audit: type=1326 audit(1748468413.076:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7287 comm="syz.1.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  376.384783][   T27] audit: type=1326 audit(1748468413.076:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7287 comm="syz.1.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  376.674674][ T7306] netlink: 12 bytes leftover after parsing attributes in process `syz.0.731'.
[  376.699637][ T7306] bridge2: port 1(ip6gretap2) entered blocking state
[  376.706626][ T7306] bridge2: port 1(ip6gretap2) entered disabled state
[  376.720475][ T7306] device ip6gretap2 entered promiscuous mode
[  377.605070][ T7306] device veth5 entered promiscuous mode
[  377.633060][ T7306] bridge2: port 2(veth5) entered blocking state
[  377.669386][ T7306] bridge2: port 2(veth5) entered disabled state
[  378.045286][ T7319] batman_adv: batadv0: Adding interface: dummy0
[  378.657061][ T7319] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.682840][ T7319] batman_adv: batadv0: Interface activated: dummy0
[  378.820633][ T7319] net_ratelimit: 16 callbacks suppressed
[  378.820656][ T7319] batadv0: mtu less than device minimum
[  378.847109][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.859544][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.871991][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.884501][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.896930][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.909406][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.921841][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.934286][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.946688][ T7319] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.982423][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  378.988907][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  379.140898][ T7337] device bond2 entered promiscuous mode
[  379.194577][ T7337] 8021q: adding VLAN 0 to HW filter on device bond2
[  379.208814][ T7340] netlink: 60 bytes leftover after parsing attributes in process `syz.3.743'.
[  383.060145][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.1.750'.
[  384.446203][ T7393] netlink: 4 bytes leftover after parsing attributes in process `syz.0.754'.
[  386.671471][ T7407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.758'.
[  387.119839][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.1.762'.
[  390.761571][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.775'.
[  390.792550][ T7476] netlink: 180900 bytes leftover after parsing attributes in process `syz.5.774'.
[  390.813607][   T27] audit: type=1326 audit(1748468427.946:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  390.852362][ T7476] net_ratelimit: 10 callbacks suppressed
[  390.852380][ T7476] openvswitch: netlink: Flow actions attr not present in new flow.
[  390.977667][   T27] audit: type=1326 audit(1748468427.946:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  391.147018][ T7469] sctp: failed to load transform for md5: -4
[  391.321019][ T7463] sctp: failed to load transform for md5: -4
[  391.321506][ T7454] sctp: failed to load transform for md5: -4
[  391.670143][   T27] audit: type=1326 audit(1748468427.946:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  391.704450][ T7465] sctp: failed to load transform for md5: -2
[  391.762406][ T7477] sctp: failed to load transform for md5: -4
[  391.789853][   T27] audit: type=1326 audit(1748468427.956:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  392.033489][   T27] audit: type=1326 audit(1748468427.956:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  392.249563][ T7508] device gtp0 entered promiscuous mode
[  392.280424][   T27] audit: type=1326 audit(1748468427.956:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  392.361433][   T27] audit: type=1326 audit(1748468427.956:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  392.439601][   T27] audit: type=1326 audit(1748468427.956:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  392.576120][   T27] audit: type=1326 audit(1748468427.966:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  392.600363][   T27] audit: type=1326 audit(1748468427.966:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.1.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  394.016854][ T7528] netlink: 8 bytes leftover after parsing attributes in process `syz.3.784'.
[  394.025755][ T7528] netlink: 8 bytes leftover after parsing attributes in process `syz.3.784'.
[  396.994584][ T7556] netlink: 8 bytes leftover after parsing attributes in process `syz.5.788'.
[  397.121515][ T7561] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  397.190962][ T7561] device bridge_slave_0 left promiscuous mode
[  397.350378][ T7561] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.432155][ T7561] device bridge_slave_1 left promiscuous mode
[  398.113292][ T7567] I/O error, dev loop5, sector 128 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  398.128940][ T7567] gfs2: error 10 reading superblock
[  398.133983][ T7561] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.309639][ T7561] bond0: (slave bond_slave_0): Releasing backup interface
[  398.367526][ T7561] device bond_slave_0 left promiscuous mode
[  398.414741][ T7561] bond0: (slave bond_slave_1): Releasing backup interface
[  398.451619][ T7561] device bond_slave_1 left promiscuous mode
[  398.608009][ T7561] team0: Port device team_slave_0 removed
[  398.704843][ T7561] team0: Port device team_slave_1 removed
[  398.729816][ T7561] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  398.741522][ T7561] batman_adv: batadv0: Removing interface: batadv_slave_0
[  398.766665][ T7561] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  398.780426][ T7561] batman_adv: batadv0: Removing interface: batadv_slave_1
[  398.867985][ T7561] bond1: (slave vlan2): Releasing active interface
[  398.975632][ T7561] device ip6gretap1 left promiscuous mode
[  398.982420][ T7561] bridge2: port 1(ip6gretap1) entered disabled state
[  399.012626][ T7561] bridge2: port 2(veth3) entered disabled state
[  399.471808][ T7587] xt_nat: multiple ranges no longer supported
[  400.541719][ T7593] device bond2 entered promiscuous mode
[  400.611833][ T7593] 8021q: adding VLAN 0 to HW filter on device bond2
[  407.670915][ T7659] MPTCP: kernel_bind error, err=-98
[  409.147513][ T7684] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  410.851259][ T7694] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  410.860674][ T7694] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  410.869872][ T7694] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  410.878735][ T7694] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  413.596079][ T7713] netlink: 'syz.2.827': attribute type 1 has an invalid length.
[  413.866711][ T7713] netlink: 'syz.2.827': attribute type 7 has an invalid length.
[  414.414519][ T7724] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  415.635772][   T27] audit: type=1326 audit(1748468452.796:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  417.252586][   T27] audit: type=1326 audit(1748468452.816:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  417.711672][   T27] audit: type=1326 audit(1748468452.816:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.188108][   T27] audit: type=1326 audit(1748468452.816:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.274089][   T27] audit: type=1326 audit(1748468452.816:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.296734][   T27] audit: type=1326 audit(1748468452.816:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.319191][   T27] audit: type=1326 audit(1748468452.816:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.341636][   T27] audit: type=1326 audit(1748468452.816:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.364779][   T27] audit: type=1326 audit(1748468452.816:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.387304][   T27] audit: type=1326 audit(1748468452.816:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.5.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ac098e969 code=0x7fc00000
[  418.875462][ T7748] netlink: 12 bytes leftover after parsing attributes in process `syz.3.834'.
[  419.604182][ T7746] loop2: detected capacity change from 0 to 32768
[  419.624346][ T7746] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.833 (7746)
[  419.728979][ T7746] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  419.740649][ T7746] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  419.749535][ T7746] BTRFS info (device loop2): using free space tree
[  419.872840][ T7761] netlink: 24 bytes leftover after parsing attributes in process `syz.0.836'.
[  420.869669][ T7746] BTRFS info (device loop2): enabling ssd optimizations
[  421.185452][ T7792] netlink: 4 bytes leftover after parsing attributes in process `syz.5.839'.
[  421.619329][ T4254] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  421.970088][ T7792] device hsr_slave_1 left promiscuous mode
[  422.207940][ T7703] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop2 scanned by udevd (7703)
[  425.326000][ T7835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.856'.
[  425.388215][ T7836] netlink: 8 bytes leftover after parsing attributes in process `syz.2.856'.
[  426.202052][ T7840] loop2: detected capacity change from 0 to 1024
[  426.410416][ T7840] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  427.170390][ T7840] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2748: inode #2: comm syz.2.849: corrupted in-inode xattr
[  427.179909][ T7849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  427.246101][ T7849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.425171][ T7849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  427.458881][ T7840] EXT4-fs (loop2): Remounting filesystem read-only
[  427.472943][ T7849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.140132][ T7849] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan2: link becomes ready
[  428.287942][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  428.363484][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.403007][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  428.433683][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.492533][ T4254] EXT4-fs (loop2): unmounting filesystem.
[  428.520090][ T7855] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan2: link becomes ready
[  428.643553][ T7865] netlink: 'syz.3.854': attribute type 1 has an invalid length.
[  429.030881][ T7870] 8021q: adding VLAN 0 to HW filter on device bond2
[  430.350370][ T7873] bond2 (unregistering): Released all slaves
[  430.653589][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  430.674940][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  430.702208][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  430.750675][ T7903] device ip6gretap0 entered promiscuous mode
[  430.983532][ T7899] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  431.000277][ T7899] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  431.526003][ T7915] netlink: 8 bytes leftover after parsing attributes in process `syz.5.865'.
[  431.887349][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  431.914643][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  431.944913][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  431.952368][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  432.053803][ T7899] ip6gretap0 speed is unknown, defaulting to 1000
[  432.709089][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  432.719152][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.729158][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  432.739284][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.750177][ T7922] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan2: link becomes ready
[  433.828965][ T7927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  433.843575][ T7927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.862061][ T7927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  433.899885][ T7927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  433.926753][ T7927] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan2: link becomes ready
[  434.085389][ T7934] macvtap1: mtu less than device minimum
[  434.140572][ T7937] device batadv0 entered promiscuous mode
[  434.151156][ T7937] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  434.159696][ T7937] device macvlan0 entered promiscuous mode
[  434.166509][ T7937] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  434.185613][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  435.742606][ T7949] netlink: 180900 bytes leftover after parsing attributes in process `syz.0.879'.
[  435.779775][ T7949] openvswitch: netlink: Flow actions attr not present in new flow.
[  438.272980][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  438.495000][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.553528][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  438.636532][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.949840][ T7985] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  439.176593][ T7985] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  440.263635][ T7985] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  440.303482][ T7985] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  440.364690][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  440.381707][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  440.980370][ T8001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.891'.
[  446.297531][ T8047] netlink: 1272 bytes leftover after parsing attributes in process `syz.1.902'.
[  447.823970][ T8052] netlink: 'syz.5.904': attribute type 1 has an invalid length.
[  447.901063][ T8056] netlink: 60 bytes leftover after parsing attributes in process `syz.3.905'.
[  447.902422][ T8052] 8021q: adding VLAN 0 to HW filter on device bond3
[  447.970213][ T8056] unsupported nlmsg_type 40
[  448.842501][ T8072] netlink: 4 bytes leftover after parsing attributes in process `syz.0.907'.
[  448.897979][ T8073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.907'.
[  449.217600][ T8058] 8021q: adding VLAN 0 to HW filter on device bond3
[  449.243984][ T8058] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  449.668068][ T8083] loop2: detected capacity change from 0 to 1024
[  450.975977][ T8058] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  452.079532][ T6732] hfsplus: b-tree write err: -5, ino 4
[  453.293133][ T8090] Set syz1 is full, maxelem 65536 reached
[  453.374325][ T8052] device veth3 entered promiscuous mode
[  453.432363][ T8052] bond3: (slave veth3): Enslaving as an active interface with a down link
[  453.968479][ T8074] bond3: (slave erspan0): making interface the new active one
[  454.004968][ T8074] bond3: (slave erspan0): Enslaving as an active interface with an up link
[  456.771662][ T8126] netlink: 8 bytes leftover after parsing attributes in process `syz.5.924'.
[  457.356366][ T8129] loop5: detected capacity change from 0 to 1024
[  457.389157][ T8129] EXT4-fs: Ignoring removed orlov option
[  457.571418][ T8134] netlink: 28 bytes leftover after parsing attributes in process `syz.2.927'.
[  457.614578][ T8134] netlink: 8 bytes leftover after parsing attributes in process `syz.2.927'.
[  457.731180][ T8129] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  460.148824][ T8196] netlink: 87 bytes leftover after parsing attributes in process `syz.0.930'.
[  463.002396][ T8219] ip6gretap0 speed is unknown, defaulting to 1000
[  463.135062][ T4454] EXT4-fs (loop5): unmounting filesystem.
[  466.844889][ T8247] xt_ecn: cannot match TCP bits for non-tcp packets
[  466.875865][ T8250] netlink: 'syz.2.939': attribute type 1 has an invalid length.
[  467.777375][ T8261] device bond3 entered promiscuous mode
[  468.049787][ T8261] 8021q: adding VLAN 0 to HW filter on device bond3
[  469.985633][ T8286] befs: (nbd2): No write support. Marking filesystem read-only
[  470.001207][    T8] block nbd2: Attempted send on invalid socket
[  470.008028][    T8] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  470.578888][ T8296] loop2: detected capacity change from 0 to 256
[  470.686887][   T22] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  470.886227][   T22] usb 6-1: config 0 has no interfaces?
[  470.896392][   T22] usb 6-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  470.936386][   T22] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.966472][ T8296] ip6gretap0 speed is unknown, defaulting to 1000
[  470.986036][   T22] usb 6-1: config 0 descriptor??
[  472.136830][ T8294] device team_slave_0 entered promiscuous mode
[  472.143642][ T8294] device team_slave_1 entered promiscuous mode
[  472.217580][ T8294] device vlan2 entered promiscuous mode
[  472.240494][ T8294] device team0 entered promiscuous mode
[  472.316120][ T8308] device dummy0 entered promiscuous mode
[  472.333562][ T8308] device vlan3 entered promiscuous mode
[  472.893911][ T8315] netlink: 8 bytes leftover after parsing attributes in process `syz.3.958'.
[  472.912981][ T4304] usb 6-1: USB disconnect, device number 4
[  473.118628][ T8321] IPv6: Can't replace route, no match found
[  479.316168][ T8374] netlink: 'syz.3.974': attribute type 2 has an invalid length.
[  481.283593][ T8387] netlink: 4 bytes leftover after parsing attributes in process `syz.3.977'.
[  481.302633][ T8391] loop5: detected capacity change from 0 to 2048
[  481.330196][ T8387] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  481.347251][ T8387] batadv0: mtu less than device minimum
[  481.368731][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.381242][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.393679][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.406298][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.418719][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.431135][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.443826][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.456293][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.468686][ T8387] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  481.551103][ T8391] EXT4-fs (loop5): invalid inodes per group: 1
[  481.551103][ T8391] 
[  482.466362][ T8387] batman_adv: batadv0: Removing interface: batadv_slave_1
[  483.079828][   T27] kauditd_printk_skb: 348 callbacks suppressed
[  483.079848][   T27] audit: type=1326 audit(1748468520.136:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  483.196749][   T27] audit: type=1326 audit(1748468520.136:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  483.239979][   T27] audit: type=1326 audit(1748468520.206:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  483.342160][   T27] audit: type=1326 audit(1748468520.206:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  483.411016][   T27] audit: type=1326 audit(1748468520.206:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  483.434161][   T27] audit: type=1326 audit(1748468520.226:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  483.497307][   T27] audit: type=1326 audit(1748468520.226:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  483.679979][   T27] audit: type=1326 audit(1748468520.226:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  487.364148][ T8445] device ip6gretap0 entered promiscuous mode
[  487.624133][ T8445] device vlan3 entered promiscuous mode
[  488.086247][ T8463] netlink: 8 bytes leftover after parsing attributes in process `syz.0.998'.
[  488.293851][  T127] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  489.113528][  T127] usb 6-1: Using ep0 maxpacket: 8
[  489.134704][  T127] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  489.153768][  T127] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  490.103812][  T127] usb 6-1: Product: syz
[  490.108053][  T127] usb 6-1: Manufacturer: syz
[  490.112675][  T127] usb 6-1: SerialNumber: syz
[  490.121482][  T127] usb 6-1: config 0 descriptor??
[  491.249025][  T127] dvb_usb_rtl28xxu 6-1:0.0: chip type detection failed -110
[  491.276097][  T127] dvb_usb_rtl28xxu: probe of 6-1:0.0 failed with error -110
[  491.610448][  T127] usb 6-1: USB disconnect, device number 5
[  492.896185][ T8483] ip6gretap0 speed is unknown, defaulting to 1000
[  492.963890][ T4263] Bluetooth: hci3: Unknown advertising packet type: 0x14
[  492.963999][ T4263] Bluetooth: hci3: Unknown advertising packet type: 0x20
[  492.972081][ T4263] Bluetooth: hci3: Unknown advertising packet type: 0x32
[  492.979564][ T4263] Bluetooth: hci3: Malformed LE Event: 0x0d
[  494.717974][ T8515] device bridge0 entered promiscuous mode
[  494.741955][ T8515] device vlan2 entered promiscuous mode
[  499.468062][ T8543] x_tables: duplicate underflow at hook 3
[  503.050825][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  503.061361][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  507.308521][ T8643] netlink: 'syz.1.1033': attribute type 10 has an invalid length.
[  509.088719][ T8658] IPv6: Can't replace route, no match found
[  511.986742][ T8681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1040'.
[  512.229136][ T8681] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1040'.
[  512.266196][ T8681] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  512.274909][ T8681] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  512.283209][ T8681] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  512.292336][ T8681] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  512.546690][ T8686] device dummy0 entered promiscuous mode
[  512.552461][ T8686] device vlan2 entered promiscuous mode
[  513.200687][ T8690] device dummy0 entered promiscuous mode
[  513.208432][ T8690] device vlan2 entered promiscuous mode
[  513.267918][ T8694] loop2: detected capacity change from 0 to 1024
[  513.329669][ T8698] loop5: detected capacity change from 0 to 256
[  513.681480][ T8703] SET target dimension over the limit!
[  514.294342][ T8708] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1049'.
[  514.513379][ T8706] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1049'.
[  515.740735][ T8698] ip6gretap0 speed is unknown, defaulting to 1000
[  517.025702][ T8727] loop2: detected capacity change from 0 to 32768
[  517.391692][ T8727] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  517.405099][ T8727] XFS (loop2): Mounting V5 Filesystem
[  517.521164][ T8727] XFS (loop2): Ending clean mount
[  517.789129][ T8727] XFS (loop2): Quotacheck needed: Please wait.
[  518.106960][ T8727] XFS (loop2): Quotacheck: Done.
[  518.807197][   T27] audit: type=1804 audit(1748468555.966:469): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1056" name="/newroot/209/bus/bus" dev="loop2" ino=9290 res=1 errno=0
[  519.714400][ T4254] XFS (loop2): Unmounting Filesystem
[  520.573220][ T8753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1069'.
[  521.918103][ T8763] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  521.930345][ T8763] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  521.941739][ T8763] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  524.719605][   T27] audit: type=1326 audit(1748468561.876:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  524.934616][   T27] audit: type=1326 audit(1748468561.896:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  525.137202][ T8800] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1073'.
[  525.797409][   T27] audit: type=1326 audit(1748468561.896:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  525.915165][   T27] audit: type=1326 audit(1748468561.896:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  526.623034][   T27] audit: type=1326 audit(1748468561.896:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  526.887985][   T27] audit: type=1326 audit(1748468561.906:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  527.056036][   T27] audit: type=1326 audit(1748468561.906:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  527.079105][   T27] audit: type=1326 audit(1748468561.906:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  527.107568][   T27] audit: type=1326 audit(1748468561.906:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  527.131903][   T27] audit: type=1326 audit(1748468561.906:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  528.054719][ T8823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1079'.
[  528.466643][ T8843] loop5: detected capacity change from 0 to 512
[  528.542218][ T8843] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  528.651537][ T8843] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  528.680160][ T8843] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  529.119102][ T4454] EXT4-fs (loop5): unmounting filesystem.
[  533.923739][ T8879] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  533.950931][ T8879] CIFS: Unable to determine destination address
[  539.916175][ T8902] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1096'.
[  539.952752][ T8902] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  539.964267][ T8902] net_ratelimit: 10 callbacks suppressed
[  539.964286][ T8902] batadv0: mtu less than device minimum
[  539.984554][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  539.997064][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.009533][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.021987][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.034441][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.046923][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.059480][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.071925][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.084442][ T8902] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  540.527260][ T8902] batman_adv: batadv0: Removing interface: batadv_slave_1
[  540.717713][ T8932] loop2: detected capacity change from 0 to 128
[  541.363031][ T8932] FAT-fs (loop2): Directory bread(block 32) failed
[  541.370106][ T8932] FAT-fs (loop2): Directory bread(block 33) failed
[  541.377359][ T8932] FAT-fs (loop2): Directory bread(block 34) failed
[  541.384019][ T8932] FAT-fs (loop2): Directory bread(block 35) failed
[  541.390695][ T8932] FAT-fs (loop2): Directory bread(block 36) failed
[  541.397521][ T8932] FAT-fs (loop2): Directory bread(block 37) failed
[  541.404471][ T8932] FAT-fs (loop2): Directory bread(block 38) failed
[  541.411130][ T8932] FAT-fs (loop2): Directory bread(block 39) failed
[  541.418350][ T8932] FAT-fs (loop2): Directory bread(block 40) failed
[  541.424998][ T8932] FAT-fs (loop2): Directory bread(block 41) failed
[  542.418290][ T8945] xt_TPROXY: Can be used only with -p tcp or -p udp
[  543.074614][ T8944] MPTCP: kernel_bind error, err=-99
[  543.130790][ T8951] loop5: detected capacity change from 0 to 128
[  543.373576][ T8951] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  544.082678][ T8951] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  545.349625][ T4454] EXT4-fs (loop5): unmounting filesystem.
[  546.335405][ T8969] ptrace attach of "./syz-executor exec"[8980] was attempted by "./syz-executor exec"[8969]
[  550.312167][ T9015] tipc: Started in network mode
[  550.469263][ T9015] tipc: Node identity -:, cluster identity 4711
[  550.544145][ T9015] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  556.146433][ T9054] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1135'.
[  558.204827][ T9080] MPTCP: kernel_bind error, err=-98
[  559.223135][ T9090] No such timeout policy "syz1"
[  561.122999][ T9099] netlink: 'syz.2.1147': attribute type 1 has an invalid length.
[  561.510738][ T9101] device vlan4 entered promiscuous mode
[  561.558668][ T9101] device vlan3 entered promiscuous mode
[  561.579169][ T9101] device gretap0 entered promiscuous mode
[  563.587056][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  563.593472][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  566.392407][ T9152] loop5: detected capacity change from 0 to 512
[  568.201367][ T9152] fscrypt: Error allocating hmac(sha512): -2
[  568.210416][ T9165] xt_hashlimit: overflow, rate too high: 0
[  568.559206][ T9177] netlink: 'syz.1.1176': attribute type 1 has an invalid length.
[  568.903792][ T9177] 8021q: adding VLAN 0 to HW filter on device bond3
[  570.259701][ T9183] bond3: (slave gretap1): making interface the new active one
[  570.278826][ T9183] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  570.298757][ T8220] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  577.655538][ T9264] loop5: detected capacity change from 0 to 1024
[  579.069849][ T9283] 8021q: VLANs not supported on gre0
[  580.646105][ T9297] loop5: detected capacity change from 0 to 8192
[  580.809826][ T9297]  loop5: p1 < > p3 < p5 > p4
[  580.814810][ T9297] loop5: partition table partially beyond EOD, truncated
[  580.824860][ T9297] loop5: p1 start 4294967040 is beyond EOD, truncated
[  581.143647][ T3624]  loop5: p1 < > p3 < p5 > p4
[  581.148499][ T3624] loop5: partition table partially beyond EOD, truncated
[  581.183855][ T3624] loop5: p1 start 4294967040 is beyond EOD, truncated
[  581.925159][ T9308] No such timeout policy "syz1"
[  582.201977][ T8767] I/O error, dev loop5, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  582.232049][ T9304] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1199'.
[  583.369266][ T9323] tipc: Started in network mode
[  583.392289][ T9323] tipc: Node identity -:, cluster identity 4711
[  583.642635][ T9323] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  584.173435][ T9335] xt_l2tp: unknown flags: 17
[  585.178774][ T9331] loop5: detected capacity change from 0 to 764
[  585.224261][ T8767] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  589.740478][ T8637] udevd[8637]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[  589.756889][ T8699] udevd[8699]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  589.767331][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  589.767348][   T27] audit: type=1326 audit(1748468626.877:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  589.849529][ T8767] udevd[8767]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  589.898294][   T27] audit: type=1326 audit(1748468626.877:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  590.405337][   T27] audit: type=1326 audit(1748468626.877:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  590.932546][   T27] audit: type=1326 audit(1748468626.877:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  591.033185][   T27] audit: type=1326 audit(1748468626.877:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  591.216154][ T8767] udevd[8767]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  591.246536][ T8637] udevd[8637]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[  591.247026][ T8699] udevd[8699]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  592.131236][   T27] audit: type=1326 audit(1748468626.987:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  592.213693][ T9394] ieee802154 phy0 wpan0: encryption failed: -22
[  592.241092][   T27] audit: type=1326 audit(1748468626.987:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  592.537054][   T27] audit: type=1326 audit(1748468626.987:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz.1.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7ffc0000
[  596.652933][ T9432] batman_adv: batadv0: Adding interface: ip6gretap2
[  596.671858][ T9432] batman_adv: batadv0: The MTU of interface ip6gretap2 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  596.712455][ T9432] batman_adv: batadv0: Not using interface ip6gretap2 (retrying later): interface not active
[  596.735065][ T9434] batman_adv: batadv0: Removing interface: ip6gretap2
[  596.921316][ T9434] device batadv0 left promiscuous mode
[  597.127533][ T9434] bond0: (slave macvlan0): Releasing backup interface
[  597.195874][ T9434] device macvlan0 left promiscuous mode
[  600.315663][ T9461] loop2: detected capacity change from 0 to 4096
[  600.366976][ T9461] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[  600.949158][ T9472] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1238'.
[  600.958175][ T9472] ksmbd: Unknown IPC event: 0, ignore.
[  601.345380][ T9475] 9pnet: Found fid 0 not clunked
[  616.549294][ T9603] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1260'.
[  617.577970][ T9604] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  617.589296][ T9604] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  617.598667][ T9604] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  617.629451][ T9604] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  617.642228][ T9604] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  617.652167][ T9604] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  618.065450][ T9597] ip6gretap0 speed is unknown, defaulting to 1000
[  618.911919][ T9615] overlayfs: missing 'lowerdir'
[  619.723534][ T4263] Bluetooth: hci5: command 0x0409 tx timeout
[  621.559588][ T5632] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.652498][ T5632] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  621.759577][   T22] libceph: connect (1)[c::]:6789 error -101
[  621.781762][   T22] libceph: mon0 (1)[c::]:6789 connect error
[  621.801536][ T4263] Bluetooth: hci5: command 0x041b tx timeout
[  621.839807][ T9635] ceph: No mds server is up or the cluster is laggy
[  622.208890][   T22] libceph: connect (1)[c::]:6789 error -101
[  622.215042][   T22] libceph: mon0 (1)[c::]:6789 connect error
[  622.339544][ T5632] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  622.398547][ T5632] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  622.679284][ T5632] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  622.697763][ T5632] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  622.714410][ T9651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1274'.
[  622.729078][ T9597] chnl_net:caif_netlink_parms(): no params data found
[  623.599434][ T5632] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.612747][ T5632] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  623.846953][ T9660] netlink: 'syz.3.1274': attribute type 10 has an invalid length.
[  623.875170][ T4263] Bluetooth: hci5: command 0x040f tx timeout
[  624.447550][ T9597] bridge0: port 1(bridge_slave_0) entered blocking state
[  624.481261][ T9597] bridge0: port 1(bridge_slave_0) entered disabled state
[  624.538169][ T9597] device bridge_slave_0 entered promiscuous mode
[  624.564798][ T9597] bridge0: port 2(bridge_slave_1) entered blocking state
[  624.582236][ T9597] bridge0: port 2(bridge_slave_1) entered disabled state
[  624.593912][ T9597] device bridge_slave_1 entered promiscuous mode
[  624.677662][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  624.693705][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  625.997770][ T4263] Bluetooth: hci5: command 0x0419 tx timeout
[  627.019954][ T9597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  627.218827][ T9699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1283'.
[  627.658549][ T9708] loop2: detected capacity change from 0 to 512
[  627.925263][ T9597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  629.321608][ T9597] team0: Port device team_slave_0 added
[  630.146386][ T9708] EXT4-fs (loop2): Test dummy encryption mode enabled
[  630.154081][ T9708] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  630.171996][ T9708] EXT4-fs (loop2): 1 truncate cleaned up
[  630.193424][ T9708] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  630.215154][ T9597] team0: Port device team_slave_1 added
[  630.674697][ T4254] EXT4-fs (loop2): unmounting filesystem.
[  630.761007][ T5632] tipc: Left network mode
[  630.910894][ T9597] batman_adv: batadv0: Adding interface: batadv_slave_0
[  630.963446][ T9597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.017787][ T9597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.935513][ T9597] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.964232][ T9597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  632.011433][ T9597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  632.122780][ T9760] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1294'.
[  635.123735][ T9597] device hsr_slave_0 entered promiscuous mode
[  635.444725][ T9597] device hsr_slave_1 entered promiscuous mode
[  635.499152][ T9597] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  635.609862][ T9597] Cannot create hsr debugfs directory
[  635.637998][ T9789] ip6gretap0 speed is unknown, defaulting to 1000
[  640.709525][ T5632] bond3: (slave erspan0): Releasing active interface
[  642.312587][ T9597] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  642.323082][ T9597] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  642.334427][ T9597] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  644.083933][ T9597] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  647.049936][ T9885] device vlan4 entered promiscuous mode
[  647.065720][ T9885] device bond0 entered promiscuous mode
[  647.071863][ T9885] device bond_slave_0 entered promiscuous mode
[  647.185267][ T9885] device bond_slave_1 entered promiscuous mode
[  648.456415][ T9904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1328'.
[  649.061412][ T9597] 8021q: adding VLAN 0 to HW filter on device bond0
[  649.210194][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  649.249107][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  649.393445][ T5632] device hsr_slave_0 left promiscuous mode
[  649.620012][ T5632] batman_adv: batadv0: Interface deactivated: dummy0
[  649.638204][ T5632] batman_adv: batadv0: Removing interface: dummy0
[  649.725845][ T5632] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  649.743635][ T5632] batman_adv: batadv0: Removing interface: batadv_slave_0
[  649.821227][ T5632] device bridge_slave_1 left promiscuous mode
[  649.845098][ T5632] bridge0: port 2(bridge_slave_1) entered disabled state
[  649.888613][ T5632] device bridge_slave_0 left promiscuous mode
[  649.914009][ T5632] bridge0: port 1(bridge_slave_0) entered disabled state
[  650.047962][ T5632] device veth1_macvtap left promiscuous mode
[  650.065640][ T5632] device veth0_macvtap left promiscuous mode
[  650.079732][ T5632] device veth1_vlan left promiscuous mode
[  650.092541][ T5632] device veth0_vlan left promiscuous mode
[  650.391738][ T9923] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1333'.
[  651.533015][ T5632] bond3 (unregistering): (slave veth3): Releasing active interface
[  652.618863][ T9936] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1335'.
[  654.301328][ T9940] loop2: detected capacity change from 0 to 1024
[  654.428452][ T9940] EXT4-fs (loop2): filesystem is read-only
[  655.633434][   T27] audit: type=1326 audit(1748468692.358:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  655.779434][   T27] audit: type=1326 audit(1748468692.778:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  655.807133][   T27] audit: type=1326 audit(1748468692.808:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  655.873741][   T27] audit: type=1326 audit(1748468692.818:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  655.903882][   T27] audit: type=1326 audit(1748468692.818:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  655.954694][   T27] audit: type=1326 audit(1748468692.818:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  656.003082][   T27] audit: type=1326 audit(1748468692.818:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  656.035574][ T5632] bond3 (unregistering): Released all slaves
[  656.080239][   T27] audit: type=1326 audit(1748468692.818:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  656.143565][   T27] audit: type=1326 audit(1748468692.818:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  656.216997][   T27] audit: type=1326 audit(1748468692.818:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9939 comm="syz.2.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e73d8e969 code=0x7ffc0000
[  656.529284][ T5632] bond2 (unregistering): Released all slaves
[  656.611892][ T5632] bond1 (unregistering): (slave geneve2): Releasing active interface
[  656.632049][ T5632] bond1 (unregistering): Released all slaves
[  658.044797][ T5632] device team_slave_1 left promiscuous mode
[  658.070765][ T5632] team0 (unregistering): Port device team_slave_1 removed
[  658.155478][ T5632] device team_slave_0 left promiscuous mode
[  658.165460][ T5632] team0 (unregistering): Port device team_slave_0 removed
[  658.234574][ T5632] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  658.334076][ T5632] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  659.037457][ T5632] bond0 (unregistering): Released all slaves
[  659.144972][ T9597] 8021q: adding VLAN 0 to HW filter on device team0
[  659.157618][ T9917] netlink: 'syz.3.1331': attribute type 13 has an invalid length.
[  659.170785][ T9917] gretap0: refused to change device tx_queue_len
[  659.178060][ T9917] net_ratelimit: 10 callbacks suppressed
[  659.178073][ T9917] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  659.530939][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  659.585917][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  659.648461][ T5711] bridge0: port 1(bridge_slave_0) entered blocking state
[  659.655661][ T5711] bridge0: port 1(bridge_slave_0) entered forwarding state
[  659.753027][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  659.854693][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  659.915306][ T5711] bridge0: port 2(bridge_slave_1) entered blocking state
[  659.922475][ T5711] bridge0: port 2(bridge_slave_1) entered forwarding state
[  659.956600][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  659.966202][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  659.975522][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  659.993488][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  660.022386][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  660.053873][ T5711] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  660.130966][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  660.177854][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  660.210631][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  660.231998][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  660.400009][T10000] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1347'.
[  660.432704][ T9597] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  660.556194][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  661.675745][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  666.449261][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  666.466440][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  666.518223][ T9597] 8021q: adding VLAN 0 to HW filter on device batadv0
[  671.197958][T10094] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1369'.
[  671.294008][T10094] device macvtap2 entered promiscuous mode
[  671.299892][T10094] device team0 entered promiscuous mode
[  671.363843][T10094] 8021q: adding VLAN 0 to HW filter on device macvtap2
[  671.403583][T10100] device team0 left promiscuous mode
[  673.237921][T10126] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1373'.
[  674.563919][T10126] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1373'.
[  674.624020][T10134] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1376'.
[  675.374654][ T4263] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  675.385787][ T4263] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  675.395319][ T4263] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  675.433723][ T4263] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  675.441433][ T4263] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  675.450340][ T4263] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  675.815774][T10156] binder: 10155:10156 ioctl c0306201 0 returned -14
[  675.849957][T10144] ip6gretap0 speed is unknown, defaulting to 1000
[  675.925412][T10158] sctp: [Deprecated]: syz.1.1382 (pid 10158) Use of struct sctp_assoc_value in delayed_ack socket option.
[  675.925412][T10158] Use struct sctp_sack_info instead
[  677.608750][ T4263] Bluetooth: hci3: command 0x0409 tx timeout
[  678.876977][T10144] chnl_net:caif_netlink_parms(): no params data found
[  679.672609][ T4263] Bluetooth: hci3: command 0x041b tx timeout
[  680.580921][T10188] Bluetooth: MGMT ver 1.22
[  681.293817][T10144] bridge0: port 1(bridge_slave_0) entered blocking state
[  681.839881][T10198] loop2: detected capacity change from 0 to 512
[  681.866665][T10144] bridge0: port 1(bridge_slave_0) entered disabled state
[  681.880443][T10198] EXT4-fs: Ignoring removed bh option
[  681.908943][T10144] device bridge_slave_0 entered promiscuous mode
[  681.932807][T10198] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  682.168769][ T4263] Bluetooth: hci3: command 0x040f tx timeout
[  682.194710][T10144] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.202041][T10144] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.252421][T10198] EXT4-fs (loop2): 1 truncate cleaned up
[  682.256749][T10144] device bridge_slave_1 entered promiscuous mode
[  682.263593][T10198] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  683.273413][T10218] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1392'.
[  683.803927][T10144] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  683.864783][T10144] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  683.921624][ T4254] EXT4-fs (loop2): unmounting filesystem.
[  684.213497][ T4263] Bluetooth: hci3: command 0x0419 tx timeout
[  684.261384][T10144] team0: Port device team_slave_0 added
[  685.135996][T10144] team0: Port device team_slave_1 added
[  686.650148][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  686.659722][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  686.812473][T10144] batman_adv: batadv0: Adding interface: batadv_slave_0
[  686.819545][T10144] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  686.883917][T10144] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  687.096182][T10242] ip6gretap0 speed is unknown, defaulting to 1000
[  687.096759][T10144] batman_adv: batadv0: Adding interface: batadv_slave_1
[  687.115894][T10144] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  687.192699][T10262] 9pnet: Found fid 0 not clunked
[  687.281294][T10144] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  687.846103][T10254] netlink: 'syz.3.1403': attribute type 21 has an invalid length.
[  687.854016][T10254] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1403'.
[  687.863146][T10254] netlink: 'syz.3.1403': attribute type 5 has an invalid length.
[  687.870939][T10254] netlink: 'syz.3.1403': attribute type 6 has an invalid length.
[  687.878676][T10254] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1403'.
[  688.230989][T10144] device hsr_slave_0 entered promiscuous mode
[  688.255525][T10144] device hsr_slave_1 entered promiscuous mode
[  688.456027][T10144] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  688.464036][T10144] Cannot create hsr debugfs directory
[  691.129455][ T9604] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260
[  691.136374][T10296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  692.300910][ T5632] device hsr_slave_0 left promiscuous mode
[  692.308345][ T5632] device hsr_slave_1 left promiscuous mode
[  692.318329][ T5632] batman_adv: batadv0: Removing interface: batadv_slave_0
[  692.329564][ T5632] batman_adv: batadv0: Removing interface: batadv_slave_1
[  692.338166][ T5632] device bridge_slave_1 left promiscuous mode
[  692.345022][ T5632] bridge0: port 2(bridge_slave_1) entered disabled state
[  692.357476][ T5632] device bridge_slave_0 left promiscuous mode
[  692.364402][ T5632] bridge0: port 1(bridge_slave_0) entered disabled state
[  692.659509][ T5632] team0 (unregistering): Port device team_slave_1 removed
[  692.732870][ T5632] team0 (unregistering): Port device team_slave_0 removed
[  692.789897][ T5632] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  692.848800][ T5632] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  693.445985][ T5632] bond0 (unregistering): Released all slaves
[  693.823146][T10144] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  693.849654][T10144] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  693.875062][T10144] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  693.899435][T10144] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  694.070164][T10144] 8021q: adding VLAN 0 to HW filter on device bond0
[  694.123041][T10144] 8021q: adding VLAN 0 to HW filter on device team0
[  694.147678][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  694.156397][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  694.186158][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  694.199483][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  694.208905][ T4487] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.216094][ T4487] bridge0: port 1(bridge_slave_0) entered forwarding state
[  694.224727][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  694.234453][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  694.243086][ T4487] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.250374][ T4487] bridge0: port 2(bridge_slave_1) entered forwarding state
[  694.285787][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  694.304247][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  694.321948][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  694.331611][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  694.345030][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  694.354853][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  694.364858][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  694.379670][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  694.399684][ T6727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  694.413934][ T6727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  694.431640][T10144] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  694.446970][T10144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  694.457420][ T6727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  694.466944][ T6727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  694.736375][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  694.745738][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  694.764342][T10144] 8021q: adding VLAN 0 to HW filter on device batadv0
[  695.254283][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  695.263915][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  695.296015][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  695.306379][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  695.323381][T10144] device veth0_vlan entered promiscuous mode
[  695.331573][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  695.340687][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  695.356818][T10144] device veth1_vlan entered promiscuous mode
[  695.388007][ T5632] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  695.404768][ T5632] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  695.413162][ T5632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  695.428049][ T5632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  695.440842][T10144] device veth0_macvtap entered promiscuous mode
[  695.451560][T10144] device veth1_macvtap entered promiscuous mode
[  695.472636][T10144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  695.485180][T10144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  695.497581][T10144] batman_adv: batadv0: Interface activated: batadv_slave_0
[  695.509425][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  695.525646][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  695.538656][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  695.550234][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  695.566898][T10144] batman_adv: batadv0: Interface activated: batadv_slave_1
[  695.579235][T10144] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  695.593907][T10144] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  695.602690][T10144] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  695.613082][T10144] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  695.624291][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  695.634013][ T4487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  695.754562][ T6730] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  695.763073][ T6730] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  695.816239][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  695.825489][ T4487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  695.835758][ T4487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  695.850017][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  698.599920][T10391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1414'.
[  698.688705][T10392] ceph: No mds server is up or the cluster is laggy
[  698.911586][T10387] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1415'.
[  703.085253][T10428] loop6: detected capacity change from 0 to 64
[  703.735065][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056c26c00: rx timeout, send abort
[  704.419380][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056c26c00: abort rx timeout. Force session deactivation
[  704.677728][T10443] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  707.645399][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  709.263300][   T27] audit: type=1326 audit(1748468744.738:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  709.471404][T10473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1435'.
[  709.493304][   T27] audit: type=1326 audit(1748468744.738:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  710.122743][   T27] audit: type=1326 audit(1748468744.738:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  710.276831][   T27] audit: type=1326 audit(1748468744.738:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  711.543056][   T27] audit: type=1326 audit(1748468744.738:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  711.573365][   T27] audit: type=1326 audit(1748468744.738:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  711.648911][T10495] block nbd2: NBD_DISCONNECT
[  711.710065][   T27] audit: type=1326 audit(1748468744.738:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  713.643295][   T27] audit: type=1326 audit(1748468744.738:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  713.854908][   T27] audit: type=1326 audit(1748468744.748:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  713.924697][   T27] audit: type=1326 audit(1748468744.748:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  714.048546][   T27] audit: type=1326 audit(1748468744.748:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  714.112365][   T27] audit: type=1326 audit(1748468744.748:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  715.155234][   T27] audit: type=1326 audit(1748468744.748:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  715.178111][   T27] audit: type=1326 audit(1748468744.748:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  715.233400][   T27] audit: type=1326 audit(1748468744.748:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.3.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  717.512733][T10539] blktrace: Concurrent blktraces are not allowed on loop2
[  718.515207][T10549] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  721.190393][T10559] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1452'.
[  721.776183][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1455'.
[  724.138521][   T27] audit: type=1326 audit(1748468761.288:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  724.699160][   T27] audit: type=1326 audit(1748468761.838:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  724.728768][   T27] audit: type=1326 audit(1748468761.838:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  724.776267][   T27] audit: type=1326 audit(1748468761.848:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  724.815979][   T27] audit: type=1326 audit(1748468761.848:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  724.906224][   T27] audit: type=1326 audit(1748468761.858:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  724.996011][T10596] Process accounting resumed
[  725.041659][   T27] audit: type=1326 audit(1748468761.858:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  725.143452][   T27] audit: type=1326 audit(1748468761.858:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  725.194789][T10604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1462'.
[  725.205379][T10604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1462'.
[  725.384960][   T27] audit: type=1326 audit(1748468761.858:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  728.057781][   T27] audit: type=1326 audit(1748468761.858:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10589 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  728.964676][T10637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1471'.
[  729.277033][T10640] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1470'.
[  731.066430][T10661] xt_TPROXY: Can be used only with -p tcp or -p udp
[  731.181374][T10666] loop2: detected capacity change from 0 to 128
[  731.252217][T10666] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  731.289882][T10666] ext4 filesystem being mounted at /287/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  731.418466][   T27] kauditd_printk_skb: 16 callbacks suppressed
[  731.418481][   T27] audit: type=1326 audit(2000000006.230:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  731.688143][   T27] audit: type=1326 audit(2000000006.270:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.235791][   T27] audit: type=1326 audit(2000000006.270:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.258267][   T27] audit: type=1326 audit(2000000006.270:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.263140][ T4254] EXT4-fs (loop2): unmounting filesystem.
[  732.281762][   T27] audit: type=1326 audit(2000000006.270:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.326214][   T27] audit: type=1326 audit(2000000006.270:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.428709][   T27] audit: type=1326 audit(2000000006.270:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.490006][   T27] audit: type=1326 audit(2000000006.270:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.573325][   T27] audit: type=1326 audit(2000000006.270:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  732.621406][   T27] audit: type=1326 audit(2000000006.270:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.0.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  735.373021][T10699] loop2: detected capacity change from 0 to 8
[  735.400186][T10699] SQUASHFS error: Unable to read inode 0x13f
[  737.067176][T10717] xt_l2tp: unknown flags: 17
[  738.734075][T10729] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1488'.
[  741.580748][T10764] xt_connbytes: Forcing CT accounting to be enabled
[  741.588350][T10764] --map-set only usable from mangle table
[  742.271153][T10770] loop2: detected capacity change from 0 to 512
[  743.390503][T10770] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1500: casefold flag without casefold feature
[  743.446035][T10770] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1500: couldn't read orphan inode 15 (err -117)
[  743.563812][T10770] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  744.282394][T10795] Driver unsupported XDP return value 0 on prog  (id 391) dev N/A, expect packet loss!
[  745.106878][ T4254] EXT4-fs (loop2): unmounting filesystem.
[  745.777382][T10802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1503'.
[  747.565497][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  747.571885][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  748.190218][   T27] kauditd_printk_skb: 20 callbacks suppressed
[  748.190235][   T27] audit: type=1326 audit(2000000023.005:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10828 comm="syz.1.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7fc00000
[  748.241750][   T27] audit: type=1326 audit(2000000023.005:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10828 comm="syz.1.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f11cc18e969 code=0x7fc00000
[  748.341931][   T27] audit: type=1326 audit(2000000023.005:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10828 comm="syz.1.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11cc18e969 code=0x7fc00000
[  748.750861][T10845] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  752.112215][T10862] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1518'.
[  753.356957][T10879] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1521'.
[  754.482285][T10886] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1521'.
[  757.530335][T10922] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1530'.
[  757.660185][T10928] SET target dimension over the limit!
[  759.070802][T10953] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1535'.
[  762.621548][T10996] Cannot find add_set index 0 as target
[  763.193432][T10998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1549'.
[  765.376677][T11026] netlink: 120 bytes leftover after parsing attributes in process `syz.1.1552'.
[  766.762819][T11040] batman_adv: batadv0: Adding interface: dummy0
[  766.800605][T11040] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  767.091926][T11040] batman_adv: batadv0: Interface activated: dummy0
[  767.156775][T11044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1558'.
[  767.260713][T11046] batadv0: mtu less than device minimum
[  767.315640][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.328146][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.340591][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.353027][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.365431][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.377864][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.390276][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.402720][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.415175][T11046] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  767.712973][T11044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1558'.
[  767.762364][T11060] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1561'.
[  774.422600][T11121] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1576'.
[  774.928606][T11133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1576'.
[  776.150124][T11140] loop6: detected capacity change from 0 to 40427
[  776.189700][T11140] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  776.198364][T11140] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  776.220038][T11140] F2FS-fs (loop6): invalid crc value
[  776.258289][T11140] F2FS-fs (loop6): Found nat_bits in checkpoint
[  776.328186][T11140] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  776.335809][T11140] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  779.795079][ T9604] Bluetooth: hci1: unexpected cc 0x2007 length: 100 > 2
[  781.245821][T11182] CIFS mount error: No usable UNC path provided in device string!
[  781.245821][T11182] 
[  781.256365][T11182] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  782.151470][T11191] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1592'.
[  782.249809][T11191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  782.323337][T11191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  782.504541][T11191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  782.672469][T11191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  782.831802][T11197] fuse: Bad value for 'fd'
[  782.974277][T11191] device vlan0 entered promiscuous mode
[  783.020592][T11191] device dummy0 entered promiscuous mode
[  783.196021][T11204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1593'.
[  783.365951][T11204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1593'.
[  783.873517][ T9604] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  783.882606][ T9604] Bluetooth: hci1: Injecting HCI hardware error event
[  783.894759][ T9604] Bluetooth: hci1: hardware error 0x00
[  785.408238][T11232] loop6: detected capacity change from 0 to 512
[  785.711508][T11236] loop2: detected capacity change from 0 to 1024
[  786.702939][ T9604] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  787.028042][T11232] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  787.075283][T11232] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  787.199193][ T4608] hfsplus: b-tree write err: -5, ino 4
[  789.190198][T11256] xt_NFQUEUE: number of total queues is 0
[  789.472061][T11258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1606'.
[  789.510020][T10144] EXT4-fs (loop6): unmounting filesystem.
[  789.595074][T11259] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1606'.
[  791.521475][ T4299] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  791.755070][ T4299] usb 7-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.f4
[  791.784609][ T4299] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.822729][ T4299] usb 7-1: Product: syz
[  791.842800][ T4299] usb 7-1: Manufacturer: syz
[  792.156230][ T4299] usb 7-1: SerialNumber: syz
[  793.284457][ T9604] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  793.773622][ T4299] usb 7-1: config 0 descriptor??
[  794.362640][T11321] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1619'.
[  795.025988][   T22] usb 7-1: USB disconnect, device number 2
[  800.833493][ T4263] Bluetooth: hci3: command 0x0406 tx timeout
[  801.192592][T11390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1637'.
[  808.908707][T11444] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1648'.
[  809.963580][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  809.969935][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  813.013251][T11471] hub 1-0:1.0: USB hub found
[  813.038655][T11471] hub 1-0:1.0: 1 port detected
[  817.783775][T11523] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1665'.
[  819.620745][T11523] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1665'.
[  821.612329][T11549] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1671'.
[  826.172200][T11597] loop6: detected capacity change from 0 to 128
[  827.165356][T11602] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  827.173702][T11602] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  827.185353][T11602] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  827.193328][T11602] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  827.704103][T11597] FAT-fs (loop6): Unrecognized mount option "000000000000000000000040xffffffffffffffff01777777777777777777777" or missing value
[  827.792344][T11604] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1683'.
[  827.942560][T11608] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1683'.
[  828.042349][T11435] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  833.459740][T11651] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1694'.
[  836.683616][T11678] overlayfs: failed to clone upperpath
[  836.825738][T11679] ip6gretap0 speed is unknown, defaulting to 1000
[  839.542674][T11687] loop6: detected capacity change from 0 to 256
[  839.703631][T11687] exfat: Deprecated parameter 'namecase'
[  839.724714][T11687] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  841.317564][T11685] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  842.473360][T11685] usb 7-1: Using ep0 maxpacket: 32
[  842.542783][T11685] usb 7-1: device descriptor read/all, error -71
[  846.764137][T11754] UBIFS error (pid: 11754): cannot open "./file0", error -22
[  853.247315][T11818] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1735'.
[  853.472944][T11818] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1735'.
[  861.589446][   T27] audit: type=1326 audit(2000000135.985:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  861.875284][   T27] audit: type=1326 audit(2000000135.985:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  861.898016][T11869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1749'.
[  861.952825][   T27] audit: type=1326 audit(2000000135.985:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  861.975581][T11869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1749'.
[  862.186715][   T27] audit: type=1326 audit(2000000135.985:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  862.209506][   T27] audit: type=1326 audit(2000000135.985:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  862.234669][   T27] audit: type=1326 audit(2000000135.985:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  863.671324][   T27] audit: type=1326 audit(2000000135.985:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  863.685084][T11898] loop6: detected capacity change from 0 to 512
[  863.724296][T11898] EXT4-fs: Ignoring removed mblk_io_submit option
[  864.730969][T11904] Process accounting resumed
[  864.767896][   T27] audit: type=1326 audit(2000000135.985:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  864.803847][T11898] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b816c118, mo2=0002]
[  864.943007][   T27] audit: type=1326 audit(2000000135.985:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  864.967170][   T27] audit: type=1326 audit(2000000135.985:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.0.1747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[  865.012971][T11898] System zones: 1-12
[  865.019087][T11898] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.1755: corrupted in-inode xattr
[  865.078202][T11898] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1755: couldn't read orphan inode 15 (err -117)
[  865.804175][T11912] loop2: detected capacity change from 0 to 40427
[  865.818775][T11912] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  865.823809][T11898] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  865.828039][T11912] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  866.170365][T11912] F2FS-fs (loop2): invalid crc value
[  867.353971][T11912] F2FS-fs (loop2): Found nat_bits in checkpoint
[  867.398214][T10144] EXT4-fs (loop6): unmounting filesystem.
[  867.407118][T11912] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  867.414600][T11912] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  869.268697][ T4254] syz-executor: attempt to access beyond end of device
[  869.268697][ T4254] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  870.291892][   T27] kauditd_printk_skb: 5 callbacks suppressed
[  870.291908][   T27] audit: type=1326 audit(2000000144.955:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11940 comm="syz.6.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707cf8e969 code=0x7fc00000
[  870.493701][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  870.500132][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  874.391120][ T4339] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  874.985746][ T4339] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  875.751508][ T4339] usb 7-1: string descriptor 0 read error: -71
[  875.762570][ T4339] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  875.813303][ T4339] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  875.851337][ T4339] usb 7-1: can't set config #1, error -71
[  875.893426][ T4339] usb 7-1: USB disconnect, device number 5
[  878.445397][T12017] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  878.498506][T12017] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  878.840728][T12033] overlayfs: failed to clone upperpath
[  878.861291][T12017] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  879.615722][T12017] device bridge_slave_0 left promiscuous mode
[  879.622057][T12017] bridge0: port 1(bridge_slave_0) entered disabled state
[  881.856092][T12017] device bridge_slave_1 left promiscuous mode
[  881.873590][T12017] bridge0: port 2(bridge_slave_1) entered disabled state
[  882.050408][T12017] bond0: (slave bond_slave_0): Releasing backup interface
[  882.184584][T12017] bond0: (slave bond_slave_1): Releasing backup interface
[  882.220910][T12017] team0: Port device team_slave_0 removed
[  882.252740][T12017] team0: Port device team_slave_1 removed
[  882.264479][T12017] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  882.331801][T12051] xt_l2tp: unknown flags: 17
[  883.084021][T12017] batman_adv: batadv0: Removing interface: batadv_slave_0
[  883.352769][T12017] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  883.360509][T12017] batman_adv: batadv0: Removing interface: batadv_slave_1
[  883.424934][T12058] overlayfs: failed to clone upperpath
[  885.341508][T12053] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  885.351087][T12053] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  885.607671][T12069] loop6: detected capacity change from 0 to 1024
[  885.689277][T12069] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  886.255697][T12069] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  886.530016][   T27] audit: type=1326 audit(2000000161.343:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12076 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7fc00000
[  887.046889][T10144] EXT4-fs (loop6): unmounting filesystem.
[  887.226363][   T27] audit: type=1326 audit(2000000161.343:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12076 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f64afd8e969 code=0x7fc00000
[  887.831243][   T27] audit: type=1326 audit(2000000161.343:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12076 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7fc00000
[  887.900900][   T27] audit: type=1326 audit(2000000161.343:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12076 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7fc00000
[  887.968803][   T27] audit: type=1326 audit(2000000161.343:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12076 comm="syz.3.1798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7fc00000
[  891.111743][T12117] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  894.012006][T12150] overlayfs: failed to clone upperpath
[  894.417756][T12151] overlayfs: failed to clone upperpath
[  899.776323][T12214] overlayfs: failed to clone upperpath
[  905.819262][   T27] audit: type=1326 audit(2000000180.633:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  905.902597][   T27] audit: type=1326 audit(2000000180.713:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  906.603804][   T27] audit: type=1326 audit(2000000181.423:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  906.789042][   T27] audit: type=1326 audit(2000000181.443:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  906.882358][   T27] audit: type=1326 audit(2000000181.443:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  906.913552][   T27] audit: type=1326 audit(2000000181.443:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  907.077703][T12288] loop2: detected capacity change from 0 to 32768
[  907.132349][   T27] audit: type=1326 audit(2000000181.443:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  907.182324][T12288] XFS (loop2): Mounting V5 Filesystem
[  907.264375][   T27] audit: type=1326 audit(2000000181.443:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  907.295644][   T27] audit: type=1326 audit(2000000181.443:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  907.373502][   T27] audit: type=1326 audit(2000000181.443:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12271 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64afd8e969 code=0x7ffc0000
[  907.379198][T12288] XFS (loop2): Ending clean mount
[  907.416923][T12288] XFS (loop2): Quotacheck needed: Please wait.
[  908.678867][T12288] XFS (loop2): Quotacheck: Done.
[  908.984260][T12320] Invalid ELF header len 16
[  909.047399][T12322] Cannot find del_set index 0 as target
[  910.105251][ T4254] XFS (loop2): Unmounting Filesystem
[  914.187279][T12370] netlink: 'syz.2.1856': attribute type 2 has an invalid length.
[  915.920720][T12379] loop2: detected capacity change from 0 to 40427
[  915.929016][T12379] F2FS-fs (loop2): Unrecognized mount option "age_extent_cache" or missing value
[  917.183256][T12396] net_ratelimit: 11 callbacks suppressed
[  917.189191][T12396] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  918.754762][T12409] netlink: 'syz.3.1879': attribute type 4 has an invalid length.
[  923.333838][T12444] loop8: detected capacity change from 0 to 7
[  923.428002][T12444] Dev loop8: unable to read RDB block 7
[  923.438245][T12444]  loop8: unable to read partition table
[  923.483556][T12444] loop8: partition table beyond EOD, truncated
[  923.562784][T12444] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  923.562784][T12444] 
) failed (rc=-5)
[  930.974725][T12515] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1904'.
[  931.875940][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  931.882381][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  933.342585][T12533] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1909'.
[  939.071699][T12600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1923'.
[  944.566815][T12642] loop6: detected capacity change from 0 to 32768
[  945.073809][T12282] I/O error, dev loop6, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  954.174353][T12707] overlayfs: failed to clone upperpath
[  957.004238][T12723] loop2: detected capacity change from 0 to 40427
[  957.546002][T12723] F2FS-fs (loop2): invalid crc value
[  957.955510][T12728] netem: change failed
[  957.993605][T12723] F2FS-fs (loop2): Found nat_bits in checkpoint
[  958.027177][T12723] F2FS-fs (loop2): Start checkpoint disabled!
[  958.074568][T12723] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  958.958754][ T5080] kworker/u4:15: attempt to access beyond end of device
[  958.958754][ T5080] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  959.028503][ T5080] kworker/u4:15: attempt to access beyond end of device
[  959.028503][ T5080] loop2: rw=2049, sector=41000, nr_sectors = 8 limit=40427
[  962.731737][T12756] Can't find a SQUASHFS superblock on nullb0
[  965.604236][T12773] overlayfs: failed to clone upperpath
[  968.913821][T12803] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1975'.
[  969.824468][T12806] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1975'.
[  972.038608][T12835] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1982'.
[  972.877686][T12845] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  974.043726][T12851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  974.304880][T12854] loop2: detected capacity change from 0 to 1024
[  974.331528][T12854] EXT4-fs: Ignoring removed orlov option
[  974.339650][ T4323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  974.417438][ T4323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  974.734859][T12854] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  975.534057][ T4254] EXT4-fs (loop2): unmounting filesystem.
[  975.755392][T12869] loop6: detected capacity change from 0 to 256
[  977.424405][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  977.424421][   T27] audit: type=1800 audit(2000000252.243:641): pid=12869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1992" name="file2" dev="loop6" ino=1048715 res=0 errno=0
[  977.635244][T12881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1993'.
[  978.116809][T12877] xt_hashlimit: max too large, truncated to 1048576
[  978.872477][T12888] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1993'.
[  981.864379][T12909] overlayfs: failed to clone lowerpath
[  986.242791][T12937] loop2: detected capacity change from 0 to 512
[  986.268282][T12937] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  986.287074][T12937] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  987.439352][T12937] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  987.813802][T12937] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  987.821935][T12937] System zones: 0-2, 18-18, 34-34
[  988.963883][T12937] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  988.995483][T12937] EXT4-fs (loop2): 1 truncate cleaned up
[  989.001211][T12937] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  990.305887][ T5632] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  990.324402][ T5632] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  990.333909][T12970] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  991.626827][ T4254] EXT4-fs (loop2): unmounting filesystem.
[  991.978610][T12983] --map-set only usable from mangle table
[  993.593781][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  993.609268][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  996.654527][T12985] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2018'.
[  999.660781][T13027] loop6: detected capacity change from 0 to 1024
[ 1000.278746][T13027] EXT4-fs: Ignoring removed nobh option
[ 1001.223639][T13027] EXT4-fs: Ignoring removed bh option
[ 1002.708400][T13027] EXT4-fs warning (device loop6): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop6.
[ 1008.790847][T13109] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2046'.
[ 1009.689086][T13104] loop2: detected capacity change from 0 to 4096
[ 1009.885570][T13114] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1011.474823][T13122] loop6: detected capacity change from 0 to 1024
[ 1013.333017][ T6730] hfsplus: b-tree write err: -5, ino 4
[ 1014.918663][T13158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2057'.
[ 1016.013132][ T4257] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1016.853146][ T4257] usb 7-1: Using ep0 maxpacket: 8
[ 1018.831596][ T4257] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1019.088599][ T4257] usb 7-1: unable to read config index 0 descriptor/start: -71
[ 1019.189323][ T4257] usb 7-1: can't read configurations, error -71
[ 1021.909708][T13205] loop2: detected capacity change from 0 to 128
[ 1022.646130][T13208] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[ 1022.655791][T13208] FAT-fs (loop2): Filesystem has been set read-only
[ 1022.885706][T13213] xt_l2tp: v2 doesn't support IP mode
[ 1023.567878][T12389] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[ 1024.844880][T13222] overlayfs: failed to clone upperpath
[ 1026.248397][ T4263] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1026.260874][ T4263] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1026.270599][ T4263] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1026.281034][ T4263] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1026.289002][ T4263] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1026.296608][T13235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1026.353962][T13234] ip6gretap0 speed is unknown, defaulting to 1000
[ 1026.554413][T13234] chnl_net:caif_netlink_parms(): no params data found
[ 1026.678535][T13234] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1026.688168][T13234] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1026.704628][T13234] device bridge_slave_0 entered promiscuous mode
[ 1026.716024][T13234] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1026.723566][T13234] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1026.732040][T13234] device bridge_slave_1 entered promiscuous mode
[ 1026.782216][T13234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1026.794527][T13234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1026.844967][T13234] team0: Port device team_slave_0 added
[ 1026.855855][T13234] team0: Port device team_slave_1 added
[ 1026.884063][T13234] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1026.891243][T13234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1026.917896][T13234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1026.930733][T13234] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1026.937914][T13234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1026.971645][T13234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1027.039454][T13234] device hsr_slave_0 entered promiscuous mode
[ 1027.052774][T13234] device hsr_slave_1 entered promiscuous mode
[ 1027.060881][T13234] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1027.076566][T13234] Cannot create hsr debugfs directory
[ 1027.200728][T13234] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1027.210054][T13234] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1027.219513][T13234] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1027.231700][T13234] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1027.258778][T13234] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1027.265971][T13234] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1027.273451][T13234] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1027.280564][T13234] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1027.332488][T13234] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1027.348918][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1027.360514][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1027.374495][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1027.386019][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1027.406080][T13234] 8021q: adding VLAN 0 to HW filter on device team0
[ 1027.424019][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1027.432571][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1027.439747][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1027.452453][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1027.462439][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1027.471615][ T4608] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1027.478779][ T4608] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1027.491983][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1027.507452][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1027.520552][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1027.534034][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1027.542965][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1027.556564][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1027.565611][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1027.578228][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1027.588735][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1027.600783][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1027.609904][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1027.625675][T13234] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1027.836412][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1027.844643][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1027.858940][T13234] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1028.158934][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1028.168212][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1028.192726][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1028.204225][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1028.216002][T13234] device veth0_vlan entered promiscuous mode
[ 1028.224058][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1028.232382][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1028.245715][T13234] device veth1_vlan entered promiscuous mode
[ 1028.267510][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1028.276233][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1028.286096][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1028.295951][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1028.308300][T13234] device veth0_macvtap entered promiscuous mode
[ 1028.319917][T13234] device veth1_macvtap entered promiscuous mode
[ 1028.337153][T13234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1028.348704][T13234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1028.363510][T13235] Bluetooth: hci1: command 0x0409 tx timeout
[ 1028.363540][T13234] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1028.370482][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1028.387005][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1028.395550][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1028.404657][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1028.417925][T13234] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1028.429595][T13234] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.438512][T13234] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.448740][T13234] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.457809][T13234] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.469486][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1028.478773][ T6730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1028.567311][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1028.589794][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1028.610777][ T4608] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1028.611992][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1028.628281][ T4608] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1028.643992][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1030.902433][T13235] Bluetooth: hci1: command 0x041b tx timeout
[ 1032.994711][T13235] Bluetooth: hci1: command 0x040f tx timeout
[ 1033.324130][T13296] xt_l2tp: v2 doesn't support IP mode
[ 1034.530903][T13308] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2094'.
[ 1034.572062][T13309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2089'.
[ 1035.387330][T13235] Bluetooth: hci1: command 0x0419 tx timeout
[ 1035.536402][T13309] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1035.545997][T13309] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1035.556075][T13309] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1038.126783][T13336] loop7: detected capacity change from 0 to 1024
[ 1038.150417][T13336] EXT4-fs: Ignoring removed orlov option
[ 1038.999042][T13336] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1039.696955][T13353] xt_l2tp: v2 doesn't support IP mode
[ 1040.168327][T13234] EXT4-fs (loop7): unmounting filesystem.
[ 1041.957392][   T27] audit: type=1326 audit(2000000316.773:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1041.998991][   T27] audit: type=1326 audit(2000000316.803:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1042.022782][   T27] audit: type=1326 audit(2000000316.803:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1043.177787][   T27] audit: type=1326 audit(2000000316.803:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1043.364963][   T27] audit: type=1326 audit(2000000316.803:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1043.398380][   T27] audit: type=1326 audit(2000000316.803:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1043.969272][   T27] audit: type=1326 audit(2000000316.803:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1043.995781][   T27] audit: type=1326 audit(2000000316.803:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1044.377494][   T27] audit: type=1326 audit(2000000316.803:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1044.612845][   T27] audit: type=1326 audit(2000000316.803:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.0.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7ffbc818e969 code=0x7ffc0000
[ 1050.130430][T13440] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2124'.
[ 1052.534180][T13455] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2131'.
[ 1054.763564][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.769926][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.917816][T13476] loop7: detected capacity change from 0 to 40427
[ 1055.360113][T13476] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1055.368078][T13476] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1055.402728][T13476] F2FS-fs (loop7): invalid crc value
[ 1055.630206][T13476] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1055.806991][T13476] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1055.814177][T13476] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1060.177318][T13518] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2143'.
[ 1063.310843][T13540] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2149'.
[ 1064.348077][T13545] ieee802154 phy0 wpan0: encryption failed: -22
[ 1064.695651][T13549] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2150'.
[ 1065.357673][T13559] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma?
[ 1067.622999][T13574] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1068.114800][T13577] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2157'.
[ 1068.406947][T13582] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[ 1071.614533][T13608] could not allocate digest TFM handle cbcmac-aes-neon
[ 1072.823473][ T9604] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1072.845310][ T9604] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1072.854813][ T9604] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1072.866224][ T9604] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1072.873934][ T9604] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1072.881289][ T9604] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1072.947673][T13617] loop6: detected capacity change from 0 to 512
[ 1073.025923][T13497] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1074.928964][ T6732] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.977149][T13235] Bluetooth: hci4: command 0x0409 tx timeout
[ 1075.396270][ T6732] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1075.660228][T13642] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2172'.
[ 1075.688655][T13639] loop6: detected capacity change from 0 to 4096
[ 1075.813760][T13639] NILFS (loop6): invalid segment: Checksum error in segment payload
[ 1075.839822][T13637] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2172'.
[ 1075.855597][T13639] NILFS (loop6): trying rollback from an earlier position
[ 1075.899510][T13639] NILFS (loop6): recovery complete
[ 1075.915928][T13644] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1076.134942][ T6732] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.163192][ T6732] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1076.200694][T13615] ip6gretap0 speed is unknown, defaulting to 1000
[ 1076.993130][T13235] Bluetooth: hci4: command 0x041b tx timeout
[ 1078.348975][T13659] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1078.767005][T13660] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1078.805046][ T6732] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1078.850212][ T6732] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1079.073406][T13235] Bluetooth: hci4: command 0x040f tx timeout
[ 1079.283839][T13657] xt_CT: No such helper "syz1"
[ 1079.463939][T13615] chnl_net:caif_netlink_parms(): no params data found
[ 1080.355414][T13677] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2179'.
[ 1081.259601][T13235] Bluetooth: hci4: command 0x0419 tx timeout
[ 1081.570343][T13687] loop7: detected capacity change from 0 to 2048
[ 1081.612250][T13687] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[ 1081.630252][T13687] UDF-fs: Scanning with blocksize 512 failed
[ 1081.756836][T13691] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma?
[ 1082.005652][T13687] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1082.066150][T13615] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1082.199191][T13615] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1082.509254][T13615] device bridge_slave_0 entered promiscuous mode
[ 1082.710341][T13615] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1082.726943][T13615] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1082.745981][T13615] device bridge_slave_1 entered promiscuous mode
[ 1083.480607][T13615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1083.655805][T13615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1085.162659][ T6732] tipc: Left network mode
[ 1085.389961][T13615] team0: Port device team_slave_0 added
[ 1085.476625][T13615] team0: Port device team_slave_1 added
[ 1086.434621][ T6732] bond1: (slave ip6gretap1): Releasing active interface
[ 1086.445075][ T6732] bond1: (slave ip6gretap1): the permanent HWaddr of slave - f2:29:d9:74:65:ce - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[ 1086.462978][ T6732] bond1: (slave erspan0): making interface the new active one
[ 1086.542978][ T6732] device ip6gretap2 left promiscuous mode
[ 1086.704637][ T6732] bridge2: port 1(ip6gretap2) entered disabled state
[ 1087.163703][T13615] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1087.171164][ T4303] ip6gretap0 speed is unknown, defaulting to 1000
[ 1087.181131][T13615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1087.193163][ T4303] ==================================================================
[ 1087.215164][ T4303] BUG: KASAN: use-after-free in siw_query_port+0x358/0x450
[ 1087.222421][ T4303] Read of size 4 at addr ffff88802369e0e0 by task kworker/0:6/4303
[ 1087.230337][ T4303] 
[ 1087.232681][ T4303] CPU: 0 PID: 4303 Comm: kworker/0:6 Not tainted 6.1.140-syzkaller #0
[ 1087.241273][ T4303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1087.251460][ T4303] Workqueue: infiniband ib_cache_event_task
[ 1087.257407][ T4303] Call Trace:
[ 1087.260700][ T4303]  <TASK>
[ 1087.263741][ T4303]  dump_stack_lvl+0x168/0x22e
[ 1087.268447][ T4303]  ? __lock_acquire+0x7c50/0x7c50
[ 1087.273492][ T4303]  ? show_regs_print_info+0x12/0x12
[ 1087.278709][ T4303]  ? load_image+0x3b0/0x3b0
[ 1087.283232][ T4303]  ? __virt_addr_valid+0x465/0x540
[ 1087.288362][ T4303]  ? siw_query_port+0x358/0x450
[ 1087.293224][ T4303]  print_report+0xa8/0x220
[ 1087.297652][ T4303]  kasan_report+0x10b/0x140
[ 1087.302174][ T4303]  ? siw_query_port+0x358/0x450
[ 1087.307040][ T4303]  siw_query_port+0x358/0x450
[ 1087.311724][ T4303]  ? ib_query_port+0x372/0x820
[ 1087.316496][ T4303]  ib_cache_update+0x1bb/0x980
[ 1087.321274][ T4303]  ? ib_cache_setup_one+0x5d0/0x5d0
[ 1087.326486][ T4303]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 1087.332480][ T4303]  ? read_lock_is_recursive+0x10/0x10
[ 1087.337862][ T4303]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 1087.343772][ T4303]  ? _raw_spin_unlock+0x40/0x40
[ 1087.348636][ T4303]  ib_cache_event_task+0xd4/0x1c0
[ 1087.353689][ T4303]  ? process_one_work+0x7a1/0x1160
[ 1087.358838][ T4303]  process_one_work+0x898/0x1160
[ 1087.363818][ T4303]  ? worker_detach_from_pool+0x240/0x240
[ 1087.369481][ T4303]  ? _raw_spin_lock_irq+0xab/0xe0
[ 1087.374528][ T4303]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 1087.379914][ T4303]  ? kthread_data+0x4b/0xc0
[ 1087.384433][ T4303]  worker_thread+0xaa2/0x1250
[ 1087.389125][ T4303]  ? __kthread_parkme+0x162/0x1c0
[ 1087.394167][ T4303]  kthread+0x29d/0x330
[ 1087.398251][ T4303]  ? worker_clr_flags+0x1a0/0x1a0
[ 1087.403285][ T4303]  ? kthread_blkcg+0xd0/0xd0
[ 1087.407915][ T4303]  ret_from_fork+0x1f/0x30
[ 1087.412354][ T4303]  </TASK>
[ 1087.415405][ T4303] 
[ 1087.417729][ T4303] Allocated by task 4262:
[ 1087.422233][ T4303]  kasan_set_track+0x4b/0x70
[ 1087.426848][ T4303]  __kasan_kmalloc+0x8e/0xa0
[ 1087.431472][ T4303]  __kmalloc_node+0xb0/0x240
[ 1087.436122][ T4303]  kvmalloc_node+0x6c/0x180
[ 1087.440636][ T4303]  alloc_netdev_mqs+0x84/0xf00
[ 1087.445415][ T4303]  rtnl_create_link+0x2fb/0xb80
[ 1087.450287][ T4303]  rtnl_newlink+0x13ca/0x1ff0
[ 1087.454972][ T4303]  rtnetlink_rcv_msg+0x79b/0xed0
[ 1087.460033][ T4303]  netlink_rcv_skb+0x1de/0x420
[ 1087.465181][ T4303]  netlink_unicast+0x74c/0x8c0
[ 1087.469964][ T4303]  netlink_sendmsg+0x89e/0xbc0
[ 1087.474748][ T4303]  __sys_sendto+0x44f/0x5c0
[ 1087.479264][ T4303]  __x64_sys_sendto+0xda/0xf0
[ 1087.483979][ T4303]  do_syscall_64+0x4c/0xa0
[ 1087.488410][ T4303]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1087.494319][ T4303] 
[ 1087.496644][ T4303] Freed by task 6732:
[ 1087.500622][ T4303]  kasan_set_track+0x4b/0x70
[ 1087.505227][ T4303]  kasan_save_free_info+0x2d/0x50
[ 1087.510264][ T4303]  ____kasan_slab_free+0x126/0x1e0
[ 1087.515390][ T4303]  slab_free_freelist_hook+0x131/0x1a0
[ 1087.520856][ T4303]  __kmem_cache_free+0xb6/0x1f0
[ 1087.525718][ T4303]  device_release+0x92/0x1c0
[ 1087.530315][ T4303]  kobject_put+0x21d/0x460
[ 1087.534748][ T4303]  netdev_run_todo+0xc8f/0xd80
[ 1087.539520][ T4303]  ip6gre_exit_batch_net+0x44a/0x490
[ 1087.544814][ T4303]  cleanup_net+0x77b/0xb80
[ 1087.549241][ T4303]  process_one_work+0x898/0x1160
[ 1087.554186][ T4303]  worker_thread+0xaa2/0x1250
[ 1087.558872][ T4303]  kthread+0x29d/0x330
[ 1087.562951][ T4303]  ret_from_fork+0x1f/0x30
[ 1087.567381][ T4303] 
[ 1087.569708][ T4303] The buggy address belongs to the object at ffff88802369e000
[ 1087.569708][ T4303]  which belongs to the cache kmalloc-cg-4k of size 4096
[ 1087.584037][ T4303] The buggy address is located 224 bytes inside of
[ 1087.584037][ T4303]  4096-byte region [ffff88802369e000, ffff88802369f000)
[ 1087.597406][ T4303] 
[ 1087.599752][ T4303] The buggy address belongs to the physical page:
[ 1087.606180][ T4303] page:ffffea00008da600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23698
[ 1087.616337][ T4303] head:ffffea00008da600 order:3 compound_mapcount:0 compound_pincount:0
[ 1087.624665][ T4303] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1087.632753][ T4303] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff88801744c280
[ 1087.641343][ T4303] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[ 1087.649925][ T4303] page dumped because: kasan: bad access detected
[ 1087.656352][ T4303] page_owner tracks the page as allocated
[ 1087.662068][ T4303] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4254, tgid 4254 (syz-executor), ts 86626424045, free_ts 86616718257
[ 1087.683613][ T4303]  post_alloc_hook+0x173/0x1a0
[ 1087.688395][ T4303]  get_page_from_freelist+0x1a26/0x1ac0
[ 1087.693955][ T4303]  __alloc_pages+0x1df/0x4e0
[ 1087.698552][ T4303]  alloc_slab_page+0x5d/0x160
[ 1087.703247][ T4303]  new_slab+0x87/0x2c0
[ 1087.707411][ T4303]  ___slab_alloc+0xbc6/0x1220
[ 1087.712091][ T4303]  __kmem_cache_alloc_node+0x1a0/0x260
[ 1087.717560][ T4303]  __kmalloc_node_track_caller+0x9e/0x230
[ 1087.723286][ T4303]  kmemdup+0x27/0x60
[ 1087.727212][ T4303]  __devinet_sysctl_register+0x99/0x320
[ 1087.732768][ T4303]  devinet_sysctl_register+0x17c/0x1f0
[ 1087.738240][ T4303]  inetdev_init+0x2b4/0x4f0
[ 1087.742756][ T4303]  inetdev_event+0x270/0x1410
[ 1087.747444][ T4303]  raw_notifier_call_chain+0xcb/0x160
[ 1087.752822][ T4303]  register_netdevice+0x1600/0x1aa0
[ 1087.758031][ T4303]  register_netdev+0x37/0x50
[ 1087.762653][ T4303] page last free stack trace:
[ 1087.767325][ T4303]  free_unref_page_prepare+0x8b4/0x9a0
[ 1087.772799][ T4303]  free_unref_page+0x2e/0x3f0
[ 1087.777497][ T4303]  qlist_free_all+0x76/0xe0
[ 1087.782014][ T4303]  kasan_quarantine_reduce+0x144/0x160
[ 1087.787480][ T4303]  __kasan_slab_alloc+0x1e/0x80
[ 1087.792347][ T4303]  slab_post_alloc_hook+0x4b/0x480
[ 1087.797465][ T4303]  __kmem_cache_alloc_node+0x140/0x260
[ 1087.802930][ T4303]  kmalloc_trace+0x26/0xe0
[ 1087.807451][ T4303]  ref_tracker_alloc+0x129/0x450
[ 1087.812425][ T4303]  netdev_queue_update_kobjects+0x18d/0x480
[ 1087.818338][ T4303]  netdev_register_kobject+0x265/0x310
[ 1087.823817][ T4303]  register_netdevice+0x12b9/0x1aa0
[ 1087.829026][ T4303]  bond_newlink+0x39/0x80
[ 1087.833366][ T4303]  rtnl_newlink+0x14c4/0x1ff0
[ 1087.838056][ T4303]  rtnetlink_rcv_msg+0x79b/0xed0
[ 1087.843008][ T4303]  netlink_rcv_skb+0x1de/0x420
[ 1087.847812][ T4303] 
[ 1087.850136][ T4303] Memory state around the buggy address:
[ 1087.855763][ T4303]  ffff88802369df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1087.863831][ T4303]  ffff88802369e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1087.871893][ T4303] >ffff88802369e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1087.879956][ T4303]                                                        ^
[ 1087.887157][ T4303]  ffff88802369e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1087.895225][ T4303]  ffff88802369e180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1087.903285][ T4303] ==================================================================
[ 1088.214004][T13615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1088.336624][T13615] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1088.413330][T13615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1088.493834][T13615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1088.799942][ T4303] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1088.807212][ T4303] CPU: 0 PID: 4303 Comm: kworker/0:6 Not tainted 6.1.140-syzkaller #0
[ 1088.815389][ T4303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1088.825472][ T4303] Workqueue: infiniband ib_cache_event_task
[ 1088.831396][ T4303] Call Trace:
[ 1088.834675][ T4303]  <TASK>
[ 1088.837605][ T4303]  dump_stack_lvl+0x168/0x22e
[ 1088.842298][ T4303]  ? memcpy+0x3c/0x60
[ 1088.846286][ T4303]  ? show_regs_print_info+0x12/0x12
[ 1088.851495][ T4303]  ? load_image+0x3b0/0x3b0
[ 1088.856013][ T4303]  panic+0x2c9/0x710
[ 1088.859927][ T4303]  ? bpf_jit_dump+0xd0/0xd0
[ 1088.864445][ T4303]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 1088.870437][ T4303]  ? _raw_spin_unlock+0x40/0x40
[ 1088.875300][ T4303]  ? print_memory_metadata+0x314/0x400
[ 1088.880768][ T4303]  check_panic_on_warn+0x80/0xa0
[ 1088.885719][ T4303]  ? siw_query_port+0x358/0x450
[ 1088.890572][ T4303]  end_report+0x66/0x110
[ 1088.894827][ T4303]  kasan_report+0x118/0x140
[ 1088.899348][ T4303]  ? siw_query_port+0x358/0x450
[ 1088.904210][ T4303]  siw_query_port+0x358/0x450
[ 1088.908901][ T4303]  ? ib_query_port+0x372/0x820
[ 1088.913745][ T4303]  ib_cache_update+0x1bb/0x980
[ 1088.918533][ T4303]  ? ib_cache_setup_one+0x5d0/0x5d0
[ 1088.923742][ T4303]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 1088.929746][ T4303]  ? read_lock_is_recursive+0x10/0x10
[ 1088.935155][ T4303]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 1088.941285][ T4303]  ? _raw_spin_unlock+0x40/0x40
[ 1088.946151][ T4303]  ib_cache_event_task+0xd4/0x1c0
[ 1088.951191][ T4303]  ? process_one_work+0x7a1/0x1160
[ 1088.956328][ T4303]  process_one_work+0x898/0x1160
[ 1088.961367][ T4303]  ? worker_detach_from_pool+0x240/0x240
[ 1088.967020][ T4303]  ? _raw_spin_lock_irq+0xab/0xe0
[ 1088.972161][ T4303]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 1088.977673][ T4303]  ? kthread_data+0x4b/0xc0
[ 1088.982197][ T4303]  worker_thread+0xaa2/0x1250
[ 1088.986893][ T4303]  ? __kthread_parkme+0x162/0x1c0
[ 1088.991932][ T4303]  kthread+0x29d/0x330
[ 1088.996127][ T4303]  ? worker_clr_flags+0x1a0/0x1a0
[ 1089.001181][ T4303]  ? kthread_blkcg+0xd0/0xd0
[ 1089.005809][ T4303]  ret_from_fork+0x1f/0x30
[ 1089.010245][ T4303]  </TASK>
[ 1089.013614][ T4303] Kernel Offset: disabled
[ 1089.017946][ T4303] Rebooting in 86400 seconds..