last executing test programs:

26m17.554934319s ago: executing program 3 (id=36):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r0 = socket(0x1, 0x5, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x7ffffffe, 0x3, {0x0, 0x0, 0x600, r3, 0x60, 0x880}, [@IFLA_MASTER={0x8, 0x3, r1}]}, 0x28}, 0x1, 0xd, 0x0, 0x480c5}, 0x80c4)

26m17.353505739s ago: executing program 3 (id=38):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x1, 0x419}}}, 0x7)
madvise(&(0x7f0000b28000/0x4000)=nil, 0x4000, 0xb)
wait4(0x0, 0x0, 0x80000000, 0x0)

26m17.246297625s ago: executing program 3 (id=39):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f00000002c0)='./file1\x00', 0x400, &(0x7f0000000200)=ANY=[@ANYRES8=0x0], 0x5, 0x19e, &(0x7f0000000000)="$eJzs0LFrE2EYx/Hv8957lyhUiRWHCiZgMV6oNncVB6fgFKG3iItg0ZDGppgqaSLY0kIXKUi1/4JOdXTRSUT/geIgOOi5dJNmCA7iIJE3eTP4N/T9wN3vngfufe6eZqfdyQB/+xt1Kgx5nOAzggbyMuopNcp3tv5pc3cUXLf1js3XNqc6a+sPaq1WY7VwrUDuvwbwy/Q041YnzxlFT6ggX/sb9ZrcSxhUWFGLPrl5Ss/xFmiHL5jSE5y+i8eguMMNRVse34STs10fWFu/tLxSW2osNR7G8dzV8pVyhnj2/nKrUX6LhM9E8ZJNwoRMwrFwEz/L0319nBlBwqZKPSn1CBbY3fcunp/pocJDBggfiz0y33WzoG5xgewd80NVJoVXeAnT82ZjmuGgKjIJRPqL/u0rslued7n+qLW4fVvJn2CvIodZiQ7wixFxKWLOrIZTfGI7ZTqlmrKXcvCDvLw3U8Z71Vvm/sZWZzkHAU9q3e5qFEAgxYTYXDmYGB6nzHeZEz7Yd2zwbfzgOI7jOI7jOI7jHAH/AgAA//8GdF8/")

26m16.134197561s ago: executing program 3 (id=42):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000840)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00', @ANYRES8, @ANYRES16=0x0, @ANYRESHEX=0x0], 0x1, 0x2c3, &(0x7f00000002c0)="$eJzs3b1ra2UYAPDnpPlCh0RwEsEDOjhdbu/qkiK9cDGTkkEd9OK9F6QJQgsFPzDt5Oqim6uLILj5T7j4HwiugpsdCkdOzjn5Mo2JNK16f7+lb973efI+7zmnLR3y9P0XR0eP0nhy/tkv0W4nUetFLy6S6EYtKmexoPdlAAD/ZRdZFr9nhW3ykoho764sAGCHtv79/8POSwIAduytt99546DfP3wzTdtxf/TF6SD/yz7/WqwfPIkPYxiP42504jIimyrG97MsG9fTXDdeGY1PB3nm6L2fyvc/+C1ikr8fnehOphbzH/QP99PCXP44r+OZcv9enn8vOvH8iv0f9A/vrciPQTNefXmu/jvRiZ8/iI9iGI8mRRT5UYv4fD9NX8+++uPTd/Py8vxkfDpoTeJmsr0bvjUAAAAAAAAAAAAAAAAAAAAAAPyP3Sl757Ri0r8nnyr77+xd5i8akVa6i/15ivykeqOl/kDjLL6p+vPcTdM0KwNn+fV4oR712zk1AAAAAAAAAAAAAAAAAAAA/LucfPzJ0cPh8PHxtQyqbgDVx/r/6fv05mZeivXBrYhGuVet3HYh5utWxCwr9qqYJGJtGfkhNii12rNoe7A++OyKpeeWa64G332/8aX7dnr2xt8EN6Z7ZZ1ruu/Lg+rpOnqYrL6Grahm2tVD8uN8TDM23Kt51VK21ePXXLnU2frszWcng/GamEjWFfbar8WVK2eS5VM0J1d1ZXp13+fSF2PamzzPs++Uv0im3TqSa/0ZBAAAAAAAAAAAAAAAAAAAFGYf+l2xeL480Zh/UctaOy0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7M7P//bzEYl8kbBDfj+OSWjwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBT4M8AAAD//zAXXTM=")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
open(&(0x7f0000000100)='./bus\x00', 0x24040, 0x10)

26m15.03182352s ago: executing program 3 (id=44):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet6_udp(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000000)={<r4=>0xffffffffffffffff, 0x8e59, 0x0, 0x3})
close_range(r4, 0xffffffffffffffff, 0x0)

26m9.738869644s ago: executing program 3 (id=54):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0xfe, 0x2b9, &(0x7f0000000300)="$eJzs3T+LI2UYAPBnsslsji12CysRnOIKG5fbay3MISuIWykp/AN6eHdwbMLBBgKnYrjKT2Bh4fewsxds/AaChaWdhxy8MjPZJCa55LJndmX5/Zp9ed7nmXnezOxmIcybz1/rn957NHjw5Ovfot3OotGJTjzN4iAacS6NBQBwLTxNKf680Pt7s7GtngCA7Zp5/289J2V3MfT2ttsCALbow48+fv/OycnxB0XRjuh/O+xmUf+s5+88iIfRi/txK/bj2fSzgJTq8bvvnRxHsygdxM3+aNgtK/uf/TJJzaOqP4r9OFhef1TUZupHw2b1n0eWRTzslI3cjv14ZaG+nD++vaQ+unm80R4vsjz/YezHr1/Eo+jFveozjen5v8mjeCd999dXn5TJZX02GnZ3q7yptHPZ1wYAAAAAAAAAAAAAAAAAAAAAgOvrsJg4iJv9MlTvv9PdeVbNH/5rvtpfp1HN1/VZRF4N5vYHGqX44Xx/nVtFUaSszp/s73OjGa82o3llCwcAAAAAAAAAAAAAAAAAAID/kcHjL0/v9nr3z/6Twfgh/8lj/Rc9Tmcm8nqsTt7d6FyxM04ve53POfr50/4kUi7iIs0PW0XEqp5bC5EbZT/rj/x3SillWcTLXabWi5xrzWBvdU75Av/0/d6bp3ezda9h+/zC/Tg7lcfZ4PHcNY1skw7TRrdfviInH98xL3ScvZf8JXrr9/pk40i2ZhWtmUhrPIjn3X7tje7ny/sbBAAAAAAAAAAAAAAAAAAA1KYP/S6ZfLKytLG1pgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkk2//386iIXI3GAUf1TFy3NSSqNJJI+zwVWvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOvvnwAAAP//LfNtKg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x8)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
pwrite64(r0, &(0x7f0000000000)="e8", 0x1, 0x8080c60)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

26m8.798349292s ago: executing program 32 (id=54):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0xfe, 0x2b9, &(0x7f0000000300)="$eJzs3T+LI2UYAPBnsslsji12CysRnOIKG5fbay3MISuIWykp/AN6eHdwbMLBBgKnYrjKT2Bh4fewsxds/AaChaWdhxy8MjPZJCa55LJndmX5/Zp9ed7nmXnezOxmIcybz1/rn957NHjw5Ovfot3OotGJTjzN4iAacS6NBQBwLTxNKf680Pt7s7GtngCA7Zp5/289J2V3MfT2ttsCALbow48+fv/OycnxB0XRjuh/O+xmUf+s5+88iIfRi/txK/bj2fSzgJTq8bvvnRxHsygdxM3+aNgtK/uf/TJJzaOqP4r9OFhef1TUZupHw2b1n0eWRTzslI3cjv14ZaG+nD++vaQ+unm80R4vsjz/YezHr1/Eo+jFveozjen5v8mjeCd999dXn5TJZX02GnZ3q7yptHPZ1wYAAAAAAAAAAAAAAAAAAAAAgOvrsJg4iJv9MlTvv9PdeVbNH/5rvtpfp1HN1/VZRF4N5vYHGqX44Xx/nVtFUaSszp/s73OjGa82o3llCwcAAAAAAAAAAAAAAAAAAID/kcHjL0/v9nr3z/6Twfgh/8lj/Rc9Tmcm8nqsTt7d6FyxM04ve53POfr50/4kUi7iIs0PW0XEqp5bC5EbZT/rj/x3SillWcTLXabWi5xrzWBvdU75Av/0/d6bp3ezda9h+/zC/Tg7lcfZ4PHcNY1skw7TRrdfviInH98xL3ScvZf8JXrr9/pk40i2ZhWtmUhrPIjn3X7tje7ny/sbBAAAAAAAAAAAAAAAAAAA1KYP/S6ZfLKytLG1pgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkk2//386iIXI3GAUf1TFy3NSSqNJJI+zwVWvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOvvnwAAAP//LfNtKg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x8)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
pwrite64(r0, &(0x7f0000000000)="e8", 0x1, 0x8080c60)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3m49.288215553s ago: executing program 5 (id=7862):
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
pivot_root(0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$vimc1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0cc5640, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000240), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r4, 0xc02464bb, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, 0x0, 0x0, 0xf}, 0x94)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000340)={0x0, 0x0, 0x0, <r6=>0x0})
r7 = openat$drirender128(0xffffff9c, &(0x7f0000000300), 0xe0000, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r7, 0xc01064c5, &(0x7f0000000540)={&(0x7f0000000500)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000040)={0x0, r6, 0x9, 0x7, 0x1})
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8923, &(0x7f0000000000)={'bridge_slave_0\x00', 0x1})
socket(0x10, 0x2, 0x0)

3m47.929652241s ago: executing program 5 (id=7874):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={0x2c, 0xd, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x1001}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)

3m47.33717553s ago: executing program 5 (id=7877):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x14, 0x21, 0x9, 0x70bd29, 0x25dfdbff, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

3m47.159188372s ago: executing program 5 (id=7881):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000f9000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f00000001c0), &(0x7f0000000200)}, 0x20)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xd81, &(0x7f0000000a00)={@random="c5bb36c76521", @multicast, @void, {@mpls_mc={0x8848, {[], @llc={@llc={0xf0, 0xbc, "bc", "a24ed5795781c2029dde00c57aff1dd534a1294f57695840a2e6553df6b82bb1bef5da4acb40778c1a4d4edfe3739bc323d7d6862c787142a62b30dc8be626c69852c3158354362447547ae1b419bc9ecad28e39ca19c3246f240e1355a9a9903e48f0577511469560426398637b6a976dba082637ebe9ae466b3a994654fb244e62c61725f7493f94c7519940a80b3a65a6a24237e0e8d17a4eed1e385b344072861bb09b6d7950cb0a4e7dc0bbef66345d3e94e650f72578b1cf8d76da1871454a97dfa046fbc0145d1b768c869a86abd60b6f74ab7ee35b4220147d78d2ebd5dcfcf9914104ed9ba30c03f400e2523969655df6541a92a2ff022deaaf8366ea5ce3fde8862e77bfc96525c5de149bb4f79713eb62c45251803ee0838d5998f2ba0dfde79246b21e39793e4dbb884f3985f708c09d4135507fb6e20fdfa797c0a71abba948f3c5e5dcef610b5bfcd32b838f3b6a67cdfef2073b8b53c5ef89390945381771815b7886ecd185b6149eac286a0826da54ee5539f7c2c4f5f76fe30c6e070009b38fc7ebfcfd3c55f3c185fa58c49a5ab361b7555f5787ee85f539ecf460ff0aadc89c627edf122a05a9d623a02fd5022dcbe88100fa6e33f0d1e70cb8e8cb10a13c8c0388b24aba46b4e1209535072806c32e91da8c905ae1da5c38a493526e1b77fe5a2b40c3ef0874293b994cfdb902f3ea25f32f80cd8fe1e613c9187f8c6d77d86f6db40465f1b5e0b37eb09cdd42249674d0a0fd3cf802e53df71e9d4657b4814c190da80c9f3bb354b907c3e35ae4ccedeeea056889bcc97b466c10570868fe506f8d9a2580967e2da47b9b42db6e82295a221d4d0f9f2100fce7bd2c6a6adcf2ccb58a709b232a63599ca16fb22342cdc4e28ab168d393867235499d666f3ca319db3560b91b46ba929b7f714b5abaf7c788e4621b8c134910db18d17ffab631371370448c4fc8c725be79c22e1cecaa75d488bcbb43f2c67a16401b978e0d4c196475d9cb5d8cf033efd3b4bfe7a8c79dce0745df9516a737bb2c51689b8a7f2b1b359b944681fe7bdb743a3f96c5ec79639cf7307afa44ec34ba7709cefe38a2b3eb6f33c33e25a7b06977b2e628a7fde48e1dd636ff78921ef6989d5782b2ea5d2698c2a3d9f1ac6cca1c29b3f7a26096867bf87518b04d4b48c7d1f587d9f1e3eae7bbc2262ed83cc12ae9ab67017e5a3d1e8c6af3612b8c02caba9a38e84e200032e8c496b814e849817fbbeb1bd35043e4098dde3860402fe821d05dbb0c119e1200a1588b8f33d38ad3b7eef38529baddf879c361763ce472363137aa59d2e3e136460fa3857a43e6d07102f1bd8ad95fcdc5590d003c30fa1ea7a2d87cfb8a9d5a676b5ccfa0f0950aecc7040ede596d48ae6afbf733f9864486d2a5c4da24fb0764906e6cd215e0b31ff0ead6b209ba91ce33755f7be52102dbf944cb8b8da1a1069e9b73c136e842f14fff3211e7db411bd0f70d73c00ab43ee9b05a479fd5d1b85695ae9a47fd5bcce85c3f7bb808721fdc7e85ffdae693280e22e323868eef21b0b1fd4b044abbbb1a7b0871b179c9a2d6ef4758c92ea1c21ad5b683c02ed46d1d7111c76a44ee510f09884c5cf834ce018ed7b12fa135010804297b5de220bde1983f242489cceebe4ba6127a28cfc91d9ff89f8adbf3d2085e80204e3a7476a667dc127fbfe1b95b92cc7620f28058460c8a42a7ad51ac63cfa647fb7483f829b2aaa1ace21e607567bb07acf270eeedde91183e57044690e1df433f12888f69fc9677a545e1fe7e9a2da93c3f871aaea14a85a495da695127fe46f7950a59965834d83e143dee866e18544848e593cd18b1b4ddce764f3e6963a8eab239cd0c03e7e02880f15c06877f618d7e6ae7608e51dbebaf98e64b147774174d4ff31e5859f939197d581487857f1bb609ea659de5b8c20e18b9f4bd2ff4e1e43d08c87e9fb0cf7b14c96a18b945a09765d3e5b0900860089b7003fa66aee41f9c0ec0aefaa1cd58542ca3699baff65557386e2fe387ecf57e54c7af2f91f936ebf5f8f6dbb9c974875bd386b8be3fdba467d7d2f4dfdc395a19a2aab2cca808b717105af5d4c326693cc7371fe92b050261308af2d98acdb37b1b81785a1aac94c97a7d1165a3110ef239150a9a21378c4bf0e0397aeadc7618a8d76c118a738697be331b8d6b7406dc5a0eb2d7a6c55b6367969564d35cbbe0c70369a2f1a3af50ef9db9a249e7ba3e544c47bd153361a4c80337e0676c06c301cb61a35d94e3fb56cd6066bb9ecf89d022c7802fa81b82697dd33f1a3cf5769cdf131221bcbda886d95e1ca005ff67b826ce17d022000effd5f160ba83bafe7ac560591b714fbc69944ad706bcd484cd42751eb7573e788c45aed4886181624f868d213ee67708ea6b7ae7d2a7b098d0d021e00bc3d8c1e43f4ea5e86b36a1308a0978ed1348c2d9e9995e23cb8a69222af70ec4ddd7b9a5e80c2475f9277141f0b27dcc4cc2e3fa70ae166256bb72c7c293f283e976b268721c9c4097e31651ba3659d495ae32b3cdf2b83acb96d2aa754d8c040acbcda44976c33abd206aac0156ad4c2abd841512384147f1bc3047830a169562919d2f81b5f7fa4d2d4b1f349086d09dc3cba15e7bdc25486b845d2f749de3e4af929ca05204fc950720b0ce69be163902b1da9d551154582b7ce4b5345b5b06508bc1388e3cea17553dd01cceb9ca0af00c12e6b619e0ace0c085fa27edd88658b04aba6f35879ea21f9845b78d6c064a5cd0e63fe8ee05b995ead406a8d848d1dda5d0233df5ea61a556ffc402c548cba03f84ef1e21fc35a1baead0a90f52e72e726af2fa66bf3c8e6389d9db2d60ec97679f8ada7dca26cbdadca0a9d324853013ddf89b0ce1ab8321f7538d296ede6ea8442ce610c7f2b79d0978753479fd8504a7accff194e5387d5d41f695bb21dc289a1d3aeaa3f9e8a1cbea82b24f8cee0e08ebc20efb6dd8b2c0de24c32a2c0c1a41e659090940666129ceb1be5ce9b4abdad965b99c61145bca40fe116a7c6ec6b82dbe780272622f63a60f83729d6a476f02286d0f38f37f4e5725fe0a573f287adad723a556a98a18d9e4ed2caeb81049c71d85e670e28ce69e8482bb81ae7daa212ad4562773425fc5e6358788b3daa4265924e37b5675fde7276595f057b704edc442f5521acb24179425c556ca7631e4aaa2dcfbaf661a44eb1b5f0e50c2bc42f8b63a430ad0d9a890326cd978dd1674123bfe2d755267fdde904a2c6f9c8dc5ca43bd7a7b5443d85e500130c3adf7ea145147692341a78265887d3cd66f9e06d09a7cfe0862746b05d46c74c6c434bf933311153ad95449b7ce7533865fbd1f4e19ca6d349a46b2610d39dc947e37dd27f0ec2091209783a3466c8f9c819e9213304f6f0c89a9574409dc3721b73c7b687b996d1e638510f33a41f7b37d7fb0491a2a4080768965ed8890a886c1dd72d52551f175de1a9faa81b0f74f178b26ec66f06bce1100848168324d1d4fd0af1dbfdc77d842ab1ddc20383862512fb57ab2505f600ba958432eb520b18f4540d8db973323369adde19e15d168b12d4ac556829d80a98d081c71730f580b31f2c996585adc4f886614967dc9a95f1cfe6217f594174a5810d5266127d240c0cabbb5a462d07a18459da71ba26f479d150c1087e9240e125192b76facae4161996d8fd70a61913b4f9966c004dc664e0e3c5e5addf01779fe1cdb53a6466357592b2fc44e8f2cedd3dbcfeca885d9ab1deeefe3a4bd9b990cb81c43f294442e6d84a81687ec69caa0ec002ab95fbbd576650c75820eea4e08c343c63006bb6942bf448702f24054ae2817b49cc3c8a7367bde66b7529faccb5e066b65a329f1f0df89c805c79852ff95ece5a114d57c8e2820323ea73be8bba14ebea380d25358238aeb43dfaf63cf564e85f5482c6a1d637d3141bd3c107eca0d4ccee2b2784ad0acc665296647118bd7f2228d032c5cc720becc9c3b146f9c9b1f31a34d85762246934c09143280756b17b9dfd62d840db008be2ef491ad6a63fde619a12b47b7e80b364f3e52fd6cf1c6c06f6b83594fa8d3e1db3b3acc82063f39e1f2db614a3b8bd02f5714588e6608c342d329229ce8aa3fa2d2044c24dd00af567cc3bf6f365806e6641efe9535591a61334aff0800a61eea60d5d0755974f17e947a69aa7721b05b623305d638764c8fc4dab75b8ab1bc9c38f3b5bc62f4491bfaa6cf2768fef8d8e9235012cb9507e741bc05212ff8d58e71ef9708722306585051e50ac28d51a22c4cdcf5e3467120ff839c724dcb6bb968155158e7f60cb6269e3f42b56fa71fd8dcba007b059ce56dd965b1c11794772aebc97abd2510715db3491ba398960e4859f190d5d48282d203002873a6f458b36d75ae2b8cc84924170560a4e42cf5c8d2734c7f35669846ebf19d3a868ce0dd476f6ee0011ecba15e4df0a803af3063a14e6300cfe999fef13d783fd0a31a8868ea7ef08eda03029ee4d7414b7ababa17a2f33f8070f6f391cfd0f71f7d15f8b5b0b605e2075bc3ccb88fdf0b08af26b06f36365d5158cca2b7c7045411c7d46150e129debcb0e61d06e71fd840e88a0ccf85a80a7923c61894be0a0dbc9372f6db6d55bd2a4b15ae40ad37b7e43f5812dc97322c82c12ec7b6f180449b3bf0340f1fbb134c2c894243e1fa4fbdac0e163e690d83b9d45e5d1a1da86cc147cca33ac06be0a8c5d75db9ee7ac6df2cc92980b5605f39e6eeecdb6a4ee23fd2f703fb404e785454d62b268b13b685a4bb83c4c33320d4f5b3417b8391e6a26805479d81994e17191191bc9d639faff228efd24661028e22"}}}}}}, 0x0)

3m47.066384599s ago: executing program 5 (id=7882):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_io_uring_setup(0x495, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x7, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x4, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

3m46.737080767s ago: executing program 5 (id=7886):
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r3=>0xffffffffffffffff]}}], 0x78}, 0x0)
sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000180)={0x0, 0x3e, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010028bd70000700000002000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='pmap_register\x00', r4}, 0x18)

3m31.649550162s ago: executing program 33 (id=7886):
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r3=>0xffffffffffffffff]}}], 0x78}, 0x0)
sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000180)={0x0, 0x3e, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010028bd70000700000002000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='pmap_register\x00', r4}, 0x18)

3m11.838636888s ago: executing program 2 (id=8075):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000010004b04bd7000fcdbdf257a000d0000", @ANYRES32=0x0, @ANYBLOB], 0x60}}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)

3m11.732144383s ago: executing program 2 (id=8077):
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000003c0)={'erspan0\x00', 0x0, 0x8000, 0x700, 0x4, 0xc2e, {{0x1a, 0x4, 0x0, 0x0, 0x68, 0x66, 0x0, 0x5, 0x2f, 0x0, @rand_addr=0x64010102, @multicast1, {[@timestamp={0x44, 0x20, 0xce, 0x0, 0x8, [0xffffffff, 0xb93b, 0x9, 0x6, 0x4, 0x7, 0x0]}, @cipso={0x86, 0x6}, @timestamp_addr={0x44, 0x24, 0xe5, 0x1, 0x6, [{@dev={0xac, 0x14, 0x14, 0x39}, 0x4}, {@loopback, 0x6}, {@private=0xa010102, 0x2}, {@empty, 0x8}]}, @generic={0x89, 0x8, "e64ba64992f5"}]}}}}})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_genetlink_get_family_id$smc(&(0x7f00000033c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100", @ANYRES32=0x0], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="40010000", @ANYRES16, @ANYBLOB="01000000000004000000010000002400030000000000000000000000000000000000000000000000000000000000000000001400020077673100000000000000000000000000f4000880"], 0x140}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000bc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x0, 0x4c, 0x1a, 0x160, 0x73, 0x2b0, 0x258, 0x258, 0x2b0, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'dvmrp1\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0x118, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x7}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@uncond, 0x0, 0x120, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@multiport={{0x50}, {0x1, 0x4, [0x4e22, 0x4e20, 0x4e24, 0x8, 0x4e21, 0x4e22, 0x4e23, 0x4e21, 0x4e21, 0x4e23, 0x4e22, 0x4e20, 0x4e23, 0x4e21, 0x4e24], [0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1], 0x1}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x5400}}, {0x28}}}}, 0x3e0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))

3m10.557951784s ago: executing program 2 (id=8083):
unshare(0x24060400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000140)=r0, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000001850000000000020000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffff0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9a)

3m10.414445703s ago: executing program 2 (id=8084):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3168049, 0x0, 0xfe, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000340)=""/207, 0xcf)

3m10.084051369s ago: executing program 2 (id=8086):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40000, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xfffe, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xfff3, 0xf}}, [@TCA_RATE={0x4, 0x5, {0xff, 0xce}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20008850)

3m9.162420745s ago: executing program 2 (id=8091):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80, &(0x7f0000000040)={[{@umask={'umask', 0x3d, 0xe}}, {@type={'type', 0x3d, "103683de"}}, {@umask={'umask', 0x3d, 0x1}}, {@umask={'umask', 0x3d, 0x5}}, {@nobarrier}, {@umask={'umask', 0x3d, 0x3}}, {@nls={'nls', 0x3d, 'iso8859-7'}}]}, 0x44, 0x6ff, &(0x7f0000000500)="$eJzs3U1sHGf5APBn1uu1N5XcbZu0/f+FFKsRETSQ2F5KgoREqBDyoUKRuPS6JE5jee1GtoucCBEXKBzhhHLooQiZQ0+oB6QiDohyRkLiinKPxD3iwKKZnVnvh73ebfyRhN9Pmp13Zt6PZ57OvN6dbbQB/M9afDsmtyOJxQtvbaXbD3bqzQc79dWiHBFTEVGKKLdXkaxFJJ9FXI32Ev+X7sy7S/Yb542Hn354/v7H9fZWOV+y+qVh7Xa1hoywnS8xGxET+XpM5f36ux5vDvR3b6yuk07cacLOFYmDk9YasD1O8xHuW+BJdy9iYnKP/bWIUxExnb8PiHx2KB1zeIdurFkOAAAAnkwTB1V4/lE8iq2YOZ5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NmQtH8zMMmXUlGejaT4/f9Kvi9VqZxwvMN95YDjH9w8pkAAAAAAAAAA4Eh8kn9xf/ZRPIqtmCn2t5LsO//Xso3T2etz8V5sxFKsx8XYikZsxmasx3zE5ExXh5Wtxubm+vxgy19H2rLVat3LWy5ERG2g5cI+gZYO+cQBAAAAAAAA4Nn0k1iMmZMOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuiURE+1VtpwuyrUolSNiOiIqab3tiD8V5afZn086AAAAADh61Xw9k/ynXWgl2Wf+l7PP/dPxXqzFZizHZjRjKW5kzwLan/pLf9+uNx/s1FfTZbDjb/9rrDiyHiNiIt7fZ+S5rMaZTovF+G58Py7EbFyL9ViOH0YjNmMpZqOankQ0Iolatf30olbEuXe8V3u2rvXHdrZv+9UskmrcjOUstotxvRLtxybZOaRjvto12h8qEX0jvp9mJ/lWbsQc3ej67/Wr/LlMrvX8iH0cjVp25pOdjMyluc+z8cLw3I95nfSPNB+lzjOo07ujpJv9IxU5/8E4OT/VXk2nLz/vzflhG/NRWn8mFqKUX30RL/fm/PYX77/Y2/jL//jLtVultZVbNzcuHOEpPY7ZgypMFoX+TNS7MvHK8Ksvz0QzzcT26JmY7N8xPWrLo1XJs5FNRSPOlt/JSo14resSfDduxFJcjrmYjysxF9+Ihah3rrB0OdOT13J9tTcn2b1WGpzfqkOCP/elrkq/OKDy8Urz8kJXXrtnulp2LN9z9Zcx13X1vTj86hv7r0A6/v/n5XSMn3b+4jwJejKRz81FdC8Nz8RvWunrRnNtZf1W4/aI453P1+lt+0Hv3Pzb0aPu/+t+GNLrJZ1xy9lWlpNqcb2kx17qRNubr0r+jUu7XWng2JnOsVrMxHJ8b987tZK/hxvsqX3sle5j/9ydOSv5+5viWM+7nHg3mtm7kD4HTtUAHLNTr5+qVB9W/1b9qPqz6q3qW9NvTl2Z+kIlJv9a/uPE70u/K30zeT0+ih/HzElHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4KNO3dXGs3m0nqnENP9ex63UNl3rOGFKB1YZ+e50TqMWsTwsZK8UDncc38aC9Xo21P8wtLj9vxJRAypU3ns4JOxr7GxC2keDqXDVqud1GxPa2KM5uWi1d51yrExHSuNpLzHHTe1exdEbaXR/Herp3k1um4Z4Bl3aXP19qWNO3e/urzaeGfpnaW1hSuXr1yuf33+a5duLjeX5tqvJx0lcBQ27tyd2GP3wC/dAgAAAAAAAAAAAE+O/P/+3/zc/5ihfECdyvrG3iOfPe5TBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5Si2/H5HYkMT93cS7dfrBTb6ZLUd6tWY6IUkQkP4pIPou4Gu0lal3dJfuN88bDTz88f//j+m5f5aJ+aVi70WznS8xGxES+PtjUHt0M9ne9q7/tzxVe0jnDNGHnisTBSftvAAAA//9u//cB")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000340)='./file2\x00', &(0x7f00000003c0), 0x0, 0x0, 0x1)

3m8.775262913s ago: executing program 34 (id=8091):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80, &(0x7f0000000040)={[{@umask={'umask', 0x3d, 0xe}}, {@type={'type', 0x3d, "103683de"}}, {@umask={'umask', 0x3d, 0x1}}, {@umask={'umask', 0x3d, 0x5}}, {@nobarrier}, {@umask={'umask', 0x3d, 0x3}}, {@nls={'nls', 0x3d, 'iso8859-7'}}]}, 0x44, 0x6ff, &(0x7f0000000500)="$eJzs3U1sHGf5APBn1uu1N5XcbZu0/f+FFKsRETSQ2F5KgoREqBDyoUKRuPS6JE5jee1GtoucCBEXKBzhhHLooQiZQ0+oB6QiDohyRkLiinKPxD3iwKKZnVnvh73ebfyRhN9Pmp13Zt6PZ57OvN6dbbQB/M9afDsmtyOJxQtvbaXbD3bqzQc79dWiHBFTEVGKKLdXkaxFJJ9FXI32Ev+X7sy7S/Yb542Hn354/v7H9fZWOV+y+qVh7Xa1hoywnS8xGxET+XpM5f36ux5vDvR3b6yuk07cacLOFYmDk9YasD1O8xHuW+BJdy9iYnKP/bWIUxExnb8PiHx2KB1zeIdurFkOAAAAnkwTB1V4/lE8iq2YOZ5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NmQtH8zMMmXUlGejaT4/f9Kvi9VqZxwvMN95YDjH9w8pkAAAAAAAAAA4Eh8kn9xf/ZRPIqtmCn2t5LsO//Xso3T2etz8V5sxFKsx8XYikZsxmasx3zE5ExXh5Wtxubm+vxgy19H2rLVat3LWy5ERG2g5cI+gZYO+cQBAAAAAAAA4Nn0k1iMmZMOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuiURE+1VtpwuyrUolSNiOiIqab3tiD8V5afZn086AAAAADh61Xw9k/ynXWgl2Wf+l7PP/dPxXqzFZizHZjRjKW5kzwLan/pLf9+uNx/s1FfTZbDjb/9rrDiyHiNiIt7fZ+S5rMaZTovF+G58Py7EbFyL9ViOH0YjNmMpZqOankQ0Iolatf30olbEuXe8V3u2rvXHdrZv+9UskmrcjOUstotxvRLtxybZOaRjvto12h8qEX0jvp9mJ/lWbsQc3ej67/Wr/LlMrvX8iH0cjVp25pOdjMyluc+z8cLw3I95nfSPNB+lzjOo07ujpJv9IxU5/8E4OT/VXk2nLz/vzflhG/NRWn8mFqKUX30RL/fm/PYX77/Y2/jL//jLtVultZVbNzcuHOEpPY7ZgypMFoX+TNS7MvHK8Ksvz0QzzcT26JmY7N8xPWrLo1XJs5FNRSPOlt/JSo14resSfDduxFJcjrmYjysxF9+Ihah3rrB0OdOT13J9tTcn2b1WGpzfqkOCP/elrkq/OKDy8Urz8kJXXrtnulp2LN9z9Zcx13X1vTj86hv7r0A6/v/n5XSMn3b+4jwJejKRz81FdC8Nz8RvWunrRnNtZf1W4/aI453P1+lt+0Hv3Pzb0aPu/+t+GNLrJZ1xy9lWlpNqcb2kx17qRNubr0r+jUu7XWng2JnOsVrMxHJ8b987tZK/hxvsqX3sle5j/9ydOSv5+5viWM+7nHg3mtm7kD4HTtUAHLNTr5+qVB9W/1b9qPqz6q3qW9NvTl2Z+kIlJv9a/uPE70u/K30zeT0+ih/HzElHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4KNO3dXGs3m0nqnENP9ex63UNl3rOGFKB1YZ+e50TqMWsTwsZK8UDncc38aC9Xo21P8wtLj9vxJRAypU3ns4JOxr7GxC2keDqXDVqud1GxPa2KM5uWi1d51yrExHSuNpLzHHTe1exdEbaXR/Herp3k1um4Z4Bl3aXP19qWNO3e/urzaeGfpnaW1hSuXr1yuf33+a5duLjeX5tqvJx0lcBQ27tyd2GP3wC/dAgAAAAAAAAAAAE+O/P/+3/zc/5ihfECdyvrG3iOfPe5TBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5Si2/H5HYkMT93cS7dfrBTb6ZLUd6tWY6IUkQkP4pIPou4Gu0lal3dJfuN88bDTz88f//j+m5f5aJ+aVi70WznS8xGxES+PtjUHt0M9ne9q7/tzxVe0jnDNGHnisTBSftvAAAA//9u//cB")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000340)='./file2\x00', &(0x7f00000003c0), 0x0, 0x0, 0x1)

2m38.002720876s ago: executing program 4 (id=8268):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./bus\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5102003bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x603b, &(0x7f0000003100)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIaLMIrIB4ASzOsIkEoVDPnjGtqetxj7OmanvP7Se2qr0/X9Cn/p6YvdTkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMR3vv3Ds72IuPrLdMfRiE/FIKIfsVjXJ6KeuZwfP4yIY7HRHM9FxGA+ol5+459nIi5ExEdHItbW7yzXd5/bYz8unrl985Pvfuvvv/nDvWM/fvNHH7Tbf/Dp8x/+9m7E0e+/9uEnd5/MugMAAEApqqqqeulj/vH0+b7fdacAgKnIr/9Vku9Xq9Vq9ROtf98/WP1RF1o3VePdbRYRsdpcpn7PYHc8AMyY1fi46y7QIfkXbRgRT3XdCeBA63XdAfbF2vqd5V7Kt9d8PTix2Z6/p9yW/2pv6/yO3aaTtI8xmdbv170YxLO79GdxSn04SHL+/Xb+VzfbR+lx+53/tOyW/2jz1Kfi5PwH7fxbtuX/x4iY2fz7Y/MvVc5/+Cj5rw5mePuXPwAAAAAAh1/+/v/o1vf/q53s/51//FXZk932/w0erDIAAAAAAAAAzJzHHf9vi/H/AAAA4MCqP6vX/nTkwX27XYutvv9KL+Lp1uOBwqSTZZa67gcAAAAAAAAAAAAAlGS4eQzvlV7EXEQ8vbRUVVV9a2rXj+pxl591pa8/lKzrP/IAALDpoyOtc/l7EQsRcSVd629uaWmpqhYWl6qlanE+v58dzS9Ui43PtXla3zc/2sMb4uGoqn/YQmO5pkmflye1t39e/VyjarCHjk1Hh4EDQERsvhqteUU6ZKrqmej6XQ6zwfZ/+Nj+2Yuuf08BAACA/VdVVdVLl/M+nvb597vuFAAwDQv59b+9X0CtVqvVavXhq5uq8e42i4hYbS5Tv2cwHD8AzJjV+LjrLtAh+RdtGBHHuu4EcKD1uu4A+2Jt/c5yL+Xba74epPHd87Eg2/Jf7W0sl5cfN52kfYzJtH6/7sUgnt2lP89NqQ8HSc6/387/6mb7KD1uv/Oflt3yr9fzaAf96VrOf9DOv+Xw5N8fm3+pcv7DR8p/IH8AAAAAADjA8vf/R+3/zasMAAAAAAAAADNnbf3Ocj7vNe///+yYx/Wac1v7/+cjwvl/syzn39tz/s7/PUxy/v12/q0DcgaN+ftvPMj/X+t3lj+4/c/P5OnY/P+6tuOio53lPzcY1c891+sPhumYn2rurbgeN2Ilzux4/HBb+9kd7XPb2s9NaD+/o31Uty/m9lOxHD+LG/HmVvv8hAOjFia0VxPac/4D23+Rcv7Dxq3Ofym191rT2v33+zu2++Z03PNc/st/Xty5dU3fvRhsrVtTvX4nO+jPxv/JU6P4xa2Vm6d+de327ZtnI0223Xsu0uQJy/nPpVvO/6UXNtvz3/3m9nr//dEj539Q3Ivhrvm/0Jiv1/flKfetCzn/Ubrl/PMr0Pjtf5bz3337f6WD/gAAAAAAAAAAAAAAAMDDVFW1cYro5Yi4lM7/6ercTABgqn73vTRTVdsv1aFWq9Vqtfrw1U3VeK83i1jYvsyliPj1uB8GABxk/42If3TdCToj/4Ll6/3V08913Rlgqm69+95Prt24sXLzVtc9AQAAAAAAAAD+X3n8zxON8Z83jgNqjRu9bfzXN+LEjnE/BzMy/md/NNgY6zyt0PPx8PG/T8bDx/8eTni+uQntownt8xPaFya0jz3RoyHn/3zKOOd/PK1YSeO/vtRBf7qW8z+ZxnrO+X+h9bhm/tWfZzn//rb8T99+5+enb7373qvX37n29srbKz89e+bShfMXL5y/ePH0W9dvrJzZ/LfDHu+vnH8e+9pxoGXJ+efM5V+WnP/nUy3/suT8X0y1/MuS88/v9+Rflpx//uwj/7Lk/F9OtfzLkvP/YqrlX5ac/yupln9Zcv5fSrX8y5LzfzXV8i9Lzv9UquVflpz/6VTLvyw5/7yHS/5lyfnnIxvkX5ac/7lUy78sOf/zqZZ/WXL+F1It/7Lk/C+mWv5lyflfSrX8y5Lz/3Kq5V+WnP9XUi3/suT8X0u1/MuS8/9qquVflpz/11It/7Lk/L+eavmXJef/jVTLvyw5/2+mWv5lyfm/nmr5l+XB9f/NTHnm33+LOADdMGNm3EzXf5kAAAAAAAAAAAAAgLZpHE7c9ToCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9u4uRq7yvh/42Td7bUjwP7wTB9bGgIHFu34FhxhMEvKnpE0pCWnTkhrHXhsnfqt3nQBCZSm0JQpSkdoLetE0RGkUqa1AUaSmEo2QGqm9K1eJuGjUSlxYKlQOSiqlArY6c57n2ZnZ2Zlde9c7c87ng8zPu3Nm5pkzZ2bnu9Z3BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOpt+MTEn/ZlWZb/qf1vXZZdnP99TbY3/3J610qvEAAAADhf79X+/3eXpG/sXcCZ6rb5l2v/7QczMzMz2ZfeOfP+n8/MpBNGsmxgdZbVTov+9Ve/nKnfJngmG+7rr/u6v8PVD3Q4fbDD6UMdTl/V4fTVHU4f7nD6nB0wx5ri9zG1C9tU++u6Ypdml2VDtdM2tTjXM32r+/vj73Jq+mrnmRk6lB3JjmYT2fic8/TV/suyVzfk13VfFq+rv+661mdZdvbnTx6Ia+gL+3hT1nBlNfX33dv3ZCPv/PzJA9+deuvqVrPjbpiz0izbvDFf57NZNvvrqqwvW532SVxnf90617dY50DDOvtq58v/3rzOswtcZ7zdw2Gdr7dZ5/rwvceuz7JsOpt3m2bPZP3Z2qZrTft7uDgi8svI78oPZYOLOk42LOA4yc/z5vWNx0nzMRn3/4awTwbnWUP93fH206vm7PdzPU7yW90Nx2p+2Q/kVzo8XP+r1YZjNd/myRvmPwZa3nctjoF0LNcdAxs7HQP9qwZqx0D/7Jo3NhwDW+ecpz/rq13XmRvaHwNjU8dOjk0+/sRtR47tPzxxeOL41vFdO7bv3LF9586xQ0eOToyPHRo6OjH3GCuLtVl/OgY3hueaeAze1LRt/SE589LSPQ6Gu+RxkN/2z92YL+ji/myeYzzf5tnN5/84SD/36x4Hg3WPg5bPqTNzHweDC3gc5Nuc3bywn5mDdX9arWG5ngvX1R0DK/nzML/Oh2+e/7lwfVjXc7cs9ufhwJxjIN6svvDYy7+TXu8N3xH2y9zj4pr8hItWZacnJ05teWz/1NSprVkYF8SldfdV8/Gytu42ZXOOl/5FHy97//bdG69p8f11YV8N39r+vsq32THa/r6qPbs37s9VWbE/G767LQtj4Tq9/F+R/dnqp1m+P1OWaLM/822eve38XwumXFL3/DfU6flvYGiweP4bSHtjqOH5b+5dM1BbWZadvW1hz39D4c+Ffv67rEue//J99fCW9sdAvs1zY4s9BgbbPv9dH2ZfWM/NITEM1+X+92unTxeHad192fG4GRwcCsfNYLzGxuNm+5zz5JeWX/fm8XM7bjZf33hfNbxuKeFxk++rvxhvf9zk27y29fyfO9bEv9Y9d6zqdAwMDazK1zuUDoLi+W5mTTwGtmQHshPZ0exgOk9+L+fXNbptYcfAqvDnQj93XNUlx0C+r17c1v4YyLf58falfe20OXwnbVP32qn59wvzZf5rBmcvr3m3LXXmz9f5yZ98Jn2vVYbIt3lrx2JzRvv9dGv4zkUt9lPz42e+Y/pgdmH201VhnUd3tv/dVL7NZbsWeDztzbLsjXffqP2+K/x+9/unf/KDht/7tvqd8htb37h/7MGfLmb9AACcu/dr/59eVbzWrPsX64X8+z8AAADQE2Lu7w8zkf8BAACgNGLuHwgzkf8BAACgNGLuHwwzqUj+f/SO3S+/91SW3g1wJoinx93wwF3FdrHjPR2+HpmZlX//498ZevnrTy3suvuzLHv3/g+33P7Ru+K6CifjOj/a+P05rrpuQdf/yEOz29W/f8LZ3cXlx9uz0MMgdpVfHdtWu9yRx7fW5mv3Z7X54PRzzxSXX3wdtz+zvdj+r8Kbluw91Ndw/s1hPZvCHAnvKfPA3tn9kM94vpfXX/vPl35+9vri+fo2frB2M1/8w+Jy43tEvXBpsX283fOt/5++8b2X8+0fu6H1+p/qb73+M+Fy3wzzV3uK7ev3+dfr1v/HYf3x+uL5tnz7Ry3X/8qVxfavhOPiW2E2r/+eP/vIe63ur3g9e+8szhevf/x/dtTOFy8vXn7z+oef2tqwP5ov/7V3isvZ89VfDNRvH78fryd65M7G47sv3L8NPfIsy773J1nDfs4+VpzvH5vWHy/v5J2t139r0zpP9l1XO//s7VnXcLu++TfbWt7euJ69f7+u4fa8cG/Yf++M/Ti/3DMPhuMxnP6/rxeX1/xmRq/c2/h8E7f/1rricRsvb6xp/S80rX/6unzfdV7/fe8U63/l7tUN69/7qXA83VfMTus//NeXNJz/pe8W98epr40ePzF5+sjBur1a/zhePbxm7UUXf+CDl4Tn0uav952YenTi1Mj4yHiWjfTgWwYu9/q/HeZ/F2N66a+h8NNfFMfd858ufm7d9Mvi6xfC9x8J92f8+fjNvxxqOF6b7/fpu4t5vuu/Jaxjoa78xn9et6ANz3zx1dP/8EdvNb8uiLfn5OXDtdv34oYraqf1vVac3vx81cl/XN74uP7Z4Hht/jDs15nwzswbryiur/ny43uTPP/Z4vEbX8nF82dN7yeybqDxdpzv+n8WXsf86KrG5794fPzwqaZ3c16X9eVLmA7PD9l0cXrcKu7v589e0fL64vvwZNNXL2aZ85p8fHLs6JHjpx8bm5qYnBqbfPyJfcdOnD4+ta/23qX7vtzp/LOP77W1x/fBiV07stqj/UQxltlKr//kQwcO3j5+48GJQ/tPH5p66OTEqcMHJicPTBycvHH/oUMTX+t0/iMH92zdtnv77dtGDx85uOeO3bu37x49cvxEvoxiUR3sGv/K6PFT+2pnmdyzY/fWnTt3jI8eO3FwYs/t4+Ojpzudv/azaTQ/91dHT00c3T915NjE6OSRJyb2bN29a9e2ju/+eOzkocmRsVOnj4+dnpw4NVbclpGp2rfzn32dzk81TJ4Iz3dN+sKr8y/cuiu9P27uO0/Pe1HFJo0vT7O3w3tBxZ9vnb6OuX8ozKQi+R8AAACqIOb+8Mb/syfI/wAAAFAaMfevDjOR/wEAAKA0Yu4vkv9w+vj3quT/per/P63/X6P/r/+f6f8nXdT/j8/t+v8rQP9f/78d/X/9/15ev/6//j+ddVv/P+T+8OLQv/8DAABAGcXcvzbMZL78/+8fGt90IRYGAAAALJmY+y8KM/Hv/wAAAFAaMfdfHGZSkfzv8//1//X/2/X/47b6/1lv9//brr+H+v+b/kv/fw79f/3/TP//nK10f77X19+F/f81+v90m27r/8fc/4Ewk4rkfwAAAKiCmPs/GGYi/wMAAEBpxNx/SZiJ/A8AAAClEXP/ujCTiuR//X/9f/3/in/+/z36/z3U//f5/y3o/+v/Z/r/52yl+/O9vv4u7P/7/H+6Trf1/2Pu/39hJhXJ/wAAAFAFMfd/KMxE/gcAAIDSiLn/0jAT+R8AAABKI+b+y8JMKpL/q9n/fzPLshXt/6c+l/6//v+K9/99/r/+/zLT/9f/b0f/X/+/l9ev/6//T2fd1v+Puf/yMJOK5H8AAACogpj7rwgzkf8BAACgNGLuvzLMRP4HAACA0oi5/6owk4rk/2r2/33+v/5/Qf+/cZ36//r/y0H/X/+/Hf1//f9eXr/+v/4/nXVb/z/m/qvDTCqS/wEAAKAKYu6/JsxE/gcAAIDSiLn/w2Em8j8AAACURsz968NMKpL/9f/1//X/9f/1//X/l9JQ09e91f/vn/cU/f+C/n+jpev/T88uoAv6//ly9P/1/zudX/+fhTi//n9f/bP4kvT/Y+7/SJhJRfI/AAAAVEHM/deGmcj/AAAAUBox918XZiL/AwAAQGnE3D8SZlKR/K//r/+v/6//r/+v/7+ceqv/Pz/9/4L+fyOf/6//r/+v/0973fb5/zH3bwgzqUj+BwAAgCqIuX9jmIn8DwAAAKURc//1YSbyPwAAAJRGzP2bwkwqkv/1//X/9f/1//X/9f+Xk/6//n87+v/6/728fv1//X8667b+f8z9N4SZVCT/AwAAQBXE3H9jmIn8DwAAAN1p9eLPEnP/TWEm8j8AAACURsz9m8NMKpL/9f/1//X/e7j/P6D/n+n/d5fmnav/r//fgf6//n8vr1//X/+fzrqt/x9z/81hJhXJ/wAAAFAFMfffEmYi/wMAAEBpxNx/a5iJ/A8AAAClEXP/aJhJRfK//r/+v/5/D/f/ff5/w/r1/7uT/r/+fzv6//r/vbx+/X/9fzrrtv5/zP23hZksNPj1L3A7AAAAYMXE3L8lzKQi//4PAAAAVRBz/1iYifwPAAAApRFz/3iYSUXyv/6//r/+v/6//r/+/3LS/9f/b0f/X/+/l9e/TP3//IlA/5/S6Lb+f8z9W8NMKpL/AQAAoApi7t8WZiL/AwAAQGnE3L89zET+BwAAgNKIuX9HmElF8n+P9P+3pAKU/r/+v/6//r/+f0/R/9f/b0f/X/+/l9fv8//1/2nU6qPxL1j/v/nrefr/MffvDDOpSP4HAACAKoi5f1eYifwPAAAApRFz/+1hJvI/AAAAlEbM/XeEmVQk//dI/9/n/+v/d0P/Pz1B6P830v8v6P+3pv+v/9+O/r/+fy+vX/9f/5/Ouu3z/2Pu3x1mUpH8DwAAAFUQc/9Hw0zkfwAAACiNmPvvDDOR/wEAAKCntPocwijm/o+FmVQk/y9h//+lcJL+f1f1/2dW6//7/H/9//br1/9fXvr/+v/t6P/r//fy+vX/9f/prNv6/zH37wkzqUj+BwAAgCqIuf+uMBP5HwAAAEoj5v67w0zkfwAAACiNmPv3hplUJP/7/P+y9/99/r/+v/5/p/Xr/y8v/X/9/3b0/3uz/x9etuj/d1H/Pz+G9P/pRt3W/4+5/54wk4rkfwAAAKiCmPs/HmYi/wMAAEBpxNz/iTAT+R8AAABKI+b+T4aZVCT/6//r/+v/6//r/+v/Lyf9/2Xr/9eeCvX/C/r/52al+/O9vv5u6v/7/H+6Vbf1/2PuvzfMpCL5HwAAAKog5v5PhZnI/wAAAFAaMff//zAT+R8AAABKI+b++8JMKpL/9f/1//X/9f/1//X/l5P+v8//b0f/X/+/l9ev/6//T2fd1v+Puf/Xwkwqkv8BAACgCmLuvz/MRP4HAACA0oi5/9NhJvI/AAAA9JhV854Sc/+vh5lUJP/3Xv9/pCf7//3p8vX/9f/1//X/9f+Xkv6//n+m/3/OVro/3+vr1//X/6ezbuv/x9z/G2EmFcn/AAAAUAUx938mzET+BwAAgNKIuf83w0zkfwAAACiNmPsfCDOpSP5f6v5/8/nb8fn/+v+Z/r/+v/6//v950v/X/8/0/8/ZSvfne339+v/6/3TWbf3/mPt/K8ykIvkfAAAAqiDm/gfDTOR/AAAA6FKPLvocMfd/NsxE/gcAAIDSiLn/c2EmFcn/vff5//r/+v/6//r/+v+9RP9f/78d/X/9/15ev/6//j+ddVv/P+b+h8JMKpL/AQAAoApi7v98mIn8DwAAAKURc/9vh5nI/wAAAFAaMff/TphJRfK//r/+v/6//r/+v/7/ctL/n9v/z5/D9P8L+v/6/728fv1//X8667b+f8z9XwgzqUj+BwAAgCqIuf93w0zkfwAAACiNmPt/L8xE/gcAAIDSiLn/4TCTiuR//X/9f/1//X/9f/3/5aT/7/P/29H/1//v5fXr/+v/01m39f9j7v9imElF8j8AAABUQcz9vx9mIv8DAABAacTcvy/MRP4HAACA0oi5/5Ewk4rkf/1//X/9f/1//X/9/+Wk/6//385i+v/DLS5f///8rHR/vtfXr/+v/09n3db/j7l/f5jJ3sarAQAAAHpXzP1fCjOpyL//AwAAQBXE3H8gzET+BwAAgNKIuf9gmElF8r/+v/6//r/+v/6//v9y0v/X/2/H5//r//fy+vX/9f/prNv6/zH3T4SZVCT/AwAAQBXE3H8ozET+BwAAgNKIuf9wmIn8DwAAAKURc/+jYSYVyf/6//r/+v+V7f+//v2mder/6/8vB/1//f929P/1/3t5/fr/+v901m39/5j7j4SZVCT/AwAAQBXE3P/lMBP5HwAAAEoj5v6vhJnI/wAAAFAaMfcfDTOpSP7X/9f/1/+vbP9/YZ//v2b2evX/9f/Phf6//n87+v/6/728fv1//X8667b+f8z9x8JMKpL/AQAAoApi7j8eZiL/AwAAQGnE3H8izET+BwAAgNKIuf9kmElF8r/+/+L6/33zdAP1/1uvX/+/BP3/Ovr/+v/nQv9f/78d/X/9/15ev/6//j+ddVv/P+b+PwgzqUj+BwAAgCqIuf9UmIn8DwAAAKURc/9kmIn8DwDwf+zd145ed9XH8ed17MTWq9wBB7kFxAVwCVwDEgdcAL0m9NAh9N5C6BA6hN577723EAi9BAmU8Vor8WRm74k9zzN7/9fnc5AVxpZnD7Ylfhq+2gAwjNz9D4hbmux//b/3/+v/9f/6f/3/Nun/9f9T9P/6/zU/v/5f/8+8pfX/ufsfGLc02f8AAADQQe7+B8Ut9j8AAAAMI3f/g+MW+x8AAACGkbv/IXFLk/2v/9f/6//1//p//f826f/1/1N23P/foP+/0O76+YO/nvU8/8H0//p/5i2t/8/d/9C45dDhd+YIXyUAAACwJLn7Hxa3NPn+PwAAAHSQu//hcYv9DwAAAMPI3f+IuKXJ/tf/6//1/8fV/192l19f/6//1//r/3v0/3f8LV5c/3/5hZ9P/3+hk+7n1/78+n/9P/OW1v/n7n9k3NJk/wMAAEAHufsfFbfY/wAAADCM3P2PjlvsfwAAABhG7v6r45Ym+1//r//X/6/w/f+n9f/6//XQ/3fo/1fz/n/9/z4n3c+v/fn1//p/5i2t/8/df03c0mT/AwAAQAe5+x8Tt9j/AAAAMITT9W9nN4+NW+x/AAAAGEbu/sfFLU32v/5f/6//X2H/7/3/+v8V0f/r/6fo//X/a35+/b/+n3lL6/9z9z8+bmmy/wEAAKCD3P1PiFvsfwAAABhG7v4nxi32PwAAAAwjd/+T4pa77P9zO3yq3dH/6//1//p//b/+f5v0//r/Kfp//f+an1//r/9n3tb7//tcu3eP2v/n7r82bvH9fwAAABhG7v4nxy32PwAAAAwjd/9T4hb7HwAAAIaRu/+pcUuT/a//1//f0f//9//0//p//f8dH9f/Hw/9v/5/iv5f/7/m59f/6/+Zt/X+f6b33/+fc/c/LW5psv8BAACgg9z9T49b7H8AAAAYRu7+Z8Qt9j8AAAAMI3f/M+OWJvtf/6//9/7/Hfb/t230//p//f8x0/9fdP+//6/ehfT/R6L/1/8f1v/f+wjPr/+ng6X1/7n7nxW3NNn/AAAA0EHu/mfHLfY/AAAADCN3/3Vxi/0PAAAAw8jd/5y4pcn+X2L/f4X+X/8/av+/ivf/n2rZ/9/+Mf3/duj/F9v/T9P/H4n+X//v/f/6f6Ytrf/P3f/cuOXI+/9eZ4/6MwEAAICTkbv/eXFLk+//AwAAQAe5+58ft9j/AAAAMIzc/S+IW5rs/yX2/xv9v/5f/1+/zuLf/3/ZGP2/9/9vj/5f/z9F/6//X/Pz6//1/8xbWv+fu/+FcUuT/Q8AAADDO7Wp3f+iuMX+BwAAgGHk7n9x3GL/AwAAwDBy978kbmmy//X/+n/9v/7/kvr/Qd7/r//fHv2//n/KUfv/jf6/vhb9/3KeX/+v/2fe0vr/3P0vjVua7H8AAADoIHf/y+IW+x8AAACGkbv/5XGL/Q8AAADDyN3/irilyf7X/2+p/z+70f/r//X/+n/9v/5f/z/D+//1/2t+fv2//p95S+v/c/e/Mm5psv8BAACgg9z9r4pb7H8AAAAYRu7+V8ct9j8AAAAMI3f/a+KW/fv/1C6fanf0/97/r//X/+v/9f/bpP/X/0/R/x/c/5895PPp/5f1/Pp//T/zltb/5+6/Pm7x/X8AAAAYRu7+18Yt9j8AAAAMI3f/DXGL/Q8AAADDyN3/urilyf4/rP+/9f/P/7j+/2j0/wc/v/5f/6//1//r//X/U/T/3v+/5ufX/+v/mbe0/j93/+vjlib7HwAAADrI3f+GuMX+BwAAgGHk7n9j3GL/AwAAwDBy978pbmmy/4///f9X6f/1//r/uPp//b/+X/+v/5+m/9f/r/n59f/6f+Ytrf/P3f/muKXJ/gcAAIAOcve/JW6x/wEAAGAYufvfGrfY/wAAADCM3P1vi1ua7P/j7/+9/383/f81m2H6/1P6/6T/j99X/b/+/27Q/+v/N/r/i3bS/fzan1//r/9n3tL6/9z9N+5NvX77HwAAADq4ce+fZzdvj1vsfwAAABhG7v53xC32PwAAAAwjd/8745Ym+1//v9b+3/v/N/p//f++59f/L5P+X/8/Rf+v/1/z8+v/9f/MW1r/n7v/XXFLk/0PAAAAHeTuf3fcYv8DAADAMGL3n/8/v9v/AAAAMKT37P3z7Oa9cUuT/d+4/7/qUvv/c3f6d/3/wc+v/z+W/v/G/X/29P/6/zXR/+v/p+j/9f9rfv5L7P/zf0oeQ/8fH7ha/8/yLK3/z93/vrilyf4HAACADnL3vz9usf8BAABgGLn7b4pb7H8AAAAYRu7+D8QtTfZ/4/5/kPf/3/eWeAL9/7j9v/f/x9X/6/8Pov/X/2/0/xftpPv5tT+/9//r/5m3tP4/d/8H45Ym+x8AAAA6yN3/objF/gcAAIBh5O7/cNxi/wMAAMAwcvd/JG5psv/1/2vv/y/y/f/xG6n/1/9vttf/n96M0f9fqf+/NPp//f8U/b/+f83Pr//X/zNvaf1/7v6Pxi1N9j8AAAB0kLv/Y3GL/Q8AAADDyN3/8bjF/gcAAIBh5O7/RNzSZP/r/5v2//H5t9n/3/5J9P9N+v9rvP9/o/8/lP5f/z9F/6//X/Pz6//1/8xbWv+fu/+TcUuT/Q8AAAAd5O7/VNxi/wMAAMAwcvd/Om6x/wEAAGAYufs/Ezfc88qTe6TjdeaQj0dvrv/X/3v//4D9/+Wbzebk3/+v/9f/79H/6/+n6P/1/2t+fv2//p95S+v/c/d/Nm7x/X8AAAAYRu7+z8Ut9j8AAAAMI3f/5+MW+x8AAACGkbv/C3FLk/2v/9f/6/9X2/+fW8z7//X/e/T/B9P/6/+n6P/1/2t+fv2//p95S+v/c/d/MW5psv8BAACgg9z9X4pb7H8AAAAYRu7+L8ct9j8AAAAMI3f/V+KWJvtf/6//1/+vtv8//P3/+v89+v9l0P/r/6fo//X/a35+/b/+n3lL6/9z9381bmmy/wEAAKCD3P1fi1vsfwAAABhG7v6vxy32PwAAAAwjd/834pYm+//+pzb6/zt9XP+v/9f/6/+T/v946P/1/1P0//r/NT+//l//z7yl9f+5+78ZtzTZ/wAAANBB7v5vxS32PwAAAAwjd/+34xb7HwAAAIaRu/87cUuT/T/y+/+nfpr+/zz9v/5/o//X/2+Z/l//P0X/r/9f8/Pr//X/zFta/5+7/7txS5P9DwAAAB3k7v9e3GL/AwAAwDBy938/brH/AQAAYBi5+38QtzTZ/yP3/1OW1P/ffI+T6P/PBzf6f/3/Rv+v/98y/f+u+v/TR/r5+v8Lvw79v/5f/6//Z7tOqP8/szmk/8/d/8O4pcn+BwAAgA5y9/8obrH/AQAAYBi5+38ct9j/AAAAMIzc/T+JW8bZ//e7aeIH9f/H3v/v/SHy/n/9/0b/r//X/+/R/3v//xT9v/5/zc+v/9f/M29p7//P3f/TuGWc/Q8AAADt5e7/Wdxi/wMAAMAwcvf/PG6x/wEAAGAYuft/Ebc02f/6/5N//7/+X/+fdtD/X7bR/+v/d0z/r/+fov9fcf9/Lq7+X/+v/2fC0vr/3P2/jFua7H8AAADoIHf/r+IW+x8AAACGkbv/13GL/Q8AAADDyN3/m7ilyf7X/+v/9f+t+n/v/9f/75z+X/8/Rf+/4v7f+/+r/88/d/p//T93tbT+P3f/b+OWJvsfAAAAOsjd/7u4xf4HAACAYeTuvzlusf8BAABgGLn7fx+3NNn/x9X/539z+n/9v/5f/5/0//r/jf5f/z9D/6//X/Pze/+//p95S+v/c/ffErc02f8AAADQQe7+P8Qt9j8AAAAMI3f/H+MW+x8AAACGkbv/1rilyf73/n/9/5D9/xX6f/2//n8pTrD/3/9bfUn0/+fp/y+k/9f/6//1/0xbWv+fu/9PcUuT/Q8AAAAd5O7/c9xi/wMAAMAwcvf/JW6x/wEAAGAYufv/Grc02f/6f/3/3e//z9TXvdj+3/v/9f/6/8UY9/3/l+v/9f+X3P9fd/35D+v/1/n8+n/9P/OW1v/n7v9b3NJk/wMAAEAHufv/HrfY/wAAADCM3P3/iFvsfwAAABhG7v5/xi1N9r/+X/8/5Pv/9f/6f/3/Yozb/3v/v/7f+//1//p//T9zltb/5+7/V9zSZP8DAABAB7n7/x232P8AAAAwjNz9t8Ut9j8AAAAMI3f/f+KWJvtf/6//1//r//X/+v9t0v/r/6fo//X/a35+/b/+n3lL6/9z9/8vAAD//4a5JeY=")
llistxattr(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0)

2m36.729105774s ago: executing program 4 (id=8277):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$kcm(0x11, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newtfilter={0x5c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0x4}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x9, 0x1, 0x8001}, {0xa, 0x101, 0x817, 0x5, 0xa, 0x1, 0x2}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20041090}, 0x8000)
close(0xffffffffffffffff)

2m33.197763593s ago: executing program 4 (id=8288):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000340), 0x111, 0xa}}, 0x20)
close(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x4040844)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r5)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x38e72a2a, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6341, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x6}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70b925, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {}, {0xb, 0xb}, {0x0, 0xd}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x7, 0xb, 0x1, 0xfffffffc, 0xffff, 0x5, 0x1, 0x4000}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20018041}, 0xc804)
ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2m30.998618207s ago: executing program 4 (id=8300):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
epoll_create1(0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x5, 0x6, 0x4, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0xfffffffc}, 0x50)
memfd_create(&(0x7f0000000040)='];\x00\x00\x00\x00\x96\t\xb27\x87Ge@{\xb7\xff]\ah\xd9\xb7\x13W\xb14\xfe\xe7FW\x96\x7f\xe8\xce(Ep\x93\xc9\xdd-\xfc\xf6\xdc\xec9H\x85\xa0\xf2p\x19\xa6\xd3z\x9c\xf0\x16Ax\x18<\x05\b\xa5\x19FN{U\x8b\xb0M5^\x7f+\xc9]E\x1a\x02x\xdc8\xa5|@<\x12\xcc@\xd6\x00\xb9\xf0', 0x0)
userfaultfd(0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec309d59191b00867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)

2m30.691397203s ago: executing program 4 (id=8303):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2m30.447819533s ago: executing program 4 (id=8305):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x6, &(0x7f0000001ac0)={&(0x7f0000000240)={0x14, 0x26, 0x1, 0x70bd2b, 0x25dfdbfc, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)
shutdown(r2, 0x1)
splice(r2, 0x0, r1, 0x0, 0x2, 0x0)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000a80))
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000400)="cfb6fa2bd9ad382c3c9941b20ebda3ce1eed39a0f1b49a8104c81d2562962954a0ac4f2301952d3c12de5d3a499f0ff6ca7b0fd3cce40acbdd3812e2728591df23c5b804c2052c4f438befd3cb5ad0100f42fa128c4da18420fbe4cf23802a51ff9c5de544ddc8df410511d23aa7dab55a0756a68756f40b9825444a051069c7919c24e6f75606c81c0453aee7", 0x8d, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000200))
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x20, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}}, 0x0)
connect$qrtr(r0, &(0x7f0000000100)={0x2a, 0x4}, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, 0x8}, 0x10)

2m15.334473903s ago: executing program 35 (id=8305):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x6, &(0x7f0000001ac0)={&(0x7f0000000240)={0x14, 0x26, 0x1, 0x70bd2b, 0x25dfdbfc, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)
shutdown(r2, 0x1)
splice(r2, 0x0, r1, 0x0, 0x2, 0x0)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000a80))
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000400)="cfb6fa2bd9ad382c3c9941b20ebda3ce1eed39a0f1b49a8104c81d2562962954a0ac4f2301952d3c12de5d3a499f0ff6ca7b0fd3cce40acbdd3812e2728591df23c5b804c2052c4f438befd3cb5ad0100f42fa128c4da18420fbe4cf23802a51ff9c5de544ddc8df410511d23aa7dab55a0756a68756f40b9825444a051069c7919c24e6f75606c81c0453aee7", 0x8d, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000200))
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x20, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}}, 0x0)
connect$qrtr(r0, &(0x7f0000000100)={0x2a, 0x4}, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, 0x8}, 0x10)

9.258019555s ago: executing program 6 (id=8891):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={<r1=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, 0x0, 0x0)
poll(0x0, 0x0, 0x4)
epoll_create(0x76f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
creat(0x0, 0x12a)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xb, 0x8010, 0xffffffffffffffff, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={0x0}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), r1, 0x2}}, 0x18)

8.66386342s ago: executing program 6 (id=8895):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c00020008"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x428a4}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x8000)
sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000110001002bbd7000fbdbdf2500000000", @ANYRES32=r2], 0x20}, 0x1, 0x200000000000000, 0x0, 0x4}, 0x40cc040)

8.434784107s ago: executing program 7 (id=8896):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000000d0a010300000000000000000a0000010900020073797a31000000000900010073797a31"], 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
recvmsg(r2, &(0x7f0000002240)={0x0, 0x0, 0x0}, 0x0)

8.019167344s ago: executing program 7 (id=8897):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
syz_usb_connect(0x0, 0x3f, &(0x7f0000000600)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0)
r0 = socket(0x8, 0x3, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x6, @loopback, 0xc00}, 0x1c)

8.017542636s ago: executing program 0 (id=8898):
add_key$user(&(0x7f0000000200), &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000340)=']', 0x1, 0xfffffffffffffffa)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='veth0_macvtap\x00', 0x10)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xbc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000300), 0x20502, 0x0)
read$FUSE(r3, 0x0, 0xfffffc4f)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, 0x0)
close_range(r2, r2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000240)={0x578, 0x30, 0xf0, 0x640, 0x0, 0x1f, 0x32, 0x0, {0xfffffffe}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x200}, {}, 0x0, 0x40, 0x0, 0x6, 0x0, 0x5, 0x0, 0x9, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(r4, &(0x7f0000000600)={0x11, 0x10, 0xfa00, {0x0}}, 0x18)
r5 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0xc0686611, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x14)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x19)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, 0x0, 0x101, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)

6.194018373s ago: executing program 8 (id=8899):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=@getae={0x40, 0x1f, 0x1, 0x70bd27, 0x25dfdbff, {{@in=@loopback, 0x4d4, 0x2, 0xff}, @in=@rand_addr=0x64010102, 0x6, 0x3500}}, 0x40}}, 0x0)

5.806845649s ago: executing program 7 (id=8900):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3000000040000701feffffff00000000047c0000", @ANYRES32=r0, @ANYBLOB="040008"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r3 = socket(0x1, 0x803, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r4], 0x50}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x2c, 0xb, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x74}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r8=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r8}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

5.632932329s ago: executing program 0 (id=8901):
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
socket(0x8000000010, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x804)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x128}, 0x24004004)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1900000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000240), &(0x7f00000006c0)=r3}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r8, r5, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x95, &(0x7f0000000500)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x87, 0x64, 0xfffe, 0x9, 0x2, 0x0, @broadcast, @multicast2}, @echo={0x8, 0x0, 0x0, 0x0, 0x4, "1d6363466e742b9cc7c2e6b89dbfe00b2b04100683257b3ad516186d9494aa92f175954b2d569d43ed808d2057ab82281aa4919c347c15e2e5acaa332b65d4cf086a6361728242d7e1793a102f95141c3b32b37055f6b25cbc39ad22da5efff0e9a0774bdb56533bdc733a"}}}}}, 0x0)

5.549306927s ago: executing program 6 (id=8902):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
epoll_create1(0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80002, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1a, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r4)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@ipv4_newrule={0x50, 0x20, 0x1, 0xffffffff, 0x0, {0x2, 0x0, 0x20}, [@FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x5}, @FRA_SRC={0x8, 0x2, @private=0xa010101}, @FRA_FLOW={0x8, 0xb, 0x2}, @FRA_SRC={0x8, 0x2, @remote}, @FRA_FLOW={0x8, 0xb, 0x1}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x7}]}, 0x50}, 0x1, 0x0, 0x0, 0x40008c4}, 0x8000)
r6 = fsopen(&(0x7f0000000040)='hpfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000280)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\bb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xd7\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)

4.583549153s ago: executing program 7 (id=8904):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r1, &(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x9)
pipe2$watch_queue(&(0x7f0000000480), 0x80)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
r3 = syz_open_dev$vbi(&(0x7f00000000c0), 0x0, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000100)={0x5, 0x4, 0x3, {0x5, @pix_mp={0x3ff, 0x6, 0x39fc6cb2, 0x9, 0x6, [{0x2, 0x5}, {0x1ff, 0x5}, {0x1, 0xfffffc01}, {0x10, 0x9}, {0xffffffff, 0x3}, {0x2, 0x9}, {0x7, 0x1509}, {0x2, 0xd}], 0x9, 0x2, 0x7, 0x2, 0x3}}, 0x8})
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r5, 0xc018643a, &(0x7f0000000140)={0x4000000})
ioctl$DRM_IOCTL_WAIT_VBLANK(r5, 0xc018643a, &(0x7f0000000000)={0x4000000, 0xd, 0x1})
pread64(r5, &(0x7f0000000180)=""/244, 0x20, 0x100000000)
fsmount(r4, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="2b637075736574209cc3c6790d0f063d77bafaf6e3e650f2bc1d84784ca19fee8339f821cce0c11a242b453630cbf96d6416b6d4a9a59438842245be3c33c10dd9998ae2e4ba9ee2b28e3d0267094765d1a8cfe26f9c5d7339f104863bc7d811c5010de935631284d99d6419d5cb27f1e2b9cb5f5c8fedb65a7bb624f34264f711238d0d689d99f97d71ba607e5d885e571e0623f619f8e2d4d34b35f4ecc9088339a24c77f1327b1161772906222641cef08af3abe907cecc55e250a92e893a27c8a178afbf0c2c560f0c0d47f62eec18fdf64eb0f9fdff609f1f7ee667ff55191bf20544b7c31b9f6ce856f3e0a3398daf95b3d8958b9a782f09ddc2dc148ba4b7c9e76958bb86b4352ae3ac6f5348"], 0x8)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_clone(0x8a140600, &(0x7f00000001c0)="07b5e42d30226aba87697ce3ff665d7cb4bdf0381b74230609ad5a0c5b8a9d5c2f3277994317083b76b0aedef0afef4267cf265f61c257cdf6b2b4f80e41dc603103f166f30d40ea85dfe1e8e66067ed6f2943db878e74532cf26a3f8c", 0x5d, &(0x7f0000000240), &(0x7f0000000340), &(0x7f0000000380)="646a21c1314836dab1375dc5370b85967842427f74c7fdda0fb7ef9233f6099289037fa8ede14a0147999b5b523275ef4abe7ff27941f54759b8ecf4d9f02b8e7d4d9dfadc80893ce8f09ba0bcc31b1ba7191c0c1c71e4bb4b162e670308b4d33e0f02aa5e24636f9c2d0db8a006018c1225f05d35d6e969f5fabf0a8c6ba2ea8675fa596d5d008285bc2bc52fea5fdafb52bfa310ecb3056c7f32881c0305e3ea74da8d")
sendmsg$nl_xfrm(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001100)={0x0}}, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000300), 0x6, 0x70202)
socket$nl_route(0x10, 0x3, 0x0)

4.534464631s ago: executing program 0 (id=8905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x86}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xb, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

4.106441541s ago: executing program 0 (id=8906):
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="b69374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0x3)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'sit0\x00', <r4=>0x0})
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
r5 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2, 0x3b9}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x47f6, 0x0, 0x2, 0x0, 0x0)

3.942455206s ago: executing program 1 (id=8908):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="0000020008"], 0xe)

3.31001015s ago: executing program 6 (id=8909):
openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_clone(0x80000400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r2)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x9a1df956f724bfd0, 0x0, 0x0)
ptrace(0x8, r2)
ptrace(0x4207, r2)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0)
madvise(&(0x7f00001b4000/0x4000)=nil, 0x4000, 0x4)
ioctl$UFFDIO_MOVE(r3, 0xc028aa05, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x0, 0x50, 0x0, 0xb, 0x5, 0x8, 0x1fffd, 0x4}, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
openat$kvm(0xffffffffffffff9c, 0x0, 0x20042, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='net/psched\x00')
pipe2$watch_queue(0x0, 0x80)
sendfile(0xffffffffffffffff, r5, 0x0, 0x7ffffffd)
syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')

3.290450472s ago: executing program 1 (id=8910):
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x64)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x24, &(0x7f0000000200)=0x7, 0x4)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)

3.094064932s ago: executing program 8 (id=8911):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x4040844)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x38e72a2a, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6341, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x6}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70b925, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {}, {0xb, 0xb}, {0x0, 0xd}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x7, 0xb, 0x1, 0xfffffffc, 0xffff, 0x5, 0x1, 0x4000}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20018041}, 0xc804)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2.367145556s ago: executing program 1 (id=8912):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x428a4}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x8000)
sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000110001002bbd7000fbdbdf2500000000", @ANYRES32=r2], 0x20}, 0x1, 0x200000000000000, 0x0, 0x4}, 0x40cc040)

1.98743448s ago: executing program 8 (id=8913):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x18, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x4, 0x8, &(0x7f00000002c0)="b80a0005", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.909929953s ago: executing program 7 (id=8914):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3000000040000701feffffff00000000047c000004004280140001800600", @ANYRES32=r0, @ANYBLOB="040008"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r3 = socket(0x1, 0x803, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r4], 0x50}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x2c, 0xb, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x74}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r8=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r8}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1.830920216s ago: executing program 8 (id=8915):
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
socket(0x8000000010, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x804)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x128}, 0x24004004)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1900000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000240), &(0x7f00000006c0)=r3}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r8, r5, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x95, &(0x7f0000000500)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x87, 0x64, 0xfffe, 0x9, 0x2, 0x0, @broadcast, @multicast2}, @echo={0x8, 0x0, 0x0, 0x0, 0x4, "1d6363466e742b9cc7c2e6b89dbfe00b2b04100683257b3ad516186d9494aa92f175954b2d569d43ed808d2057ab82281aa4919c347c15e2e5acaa332b65d4cf086a6361728242d7e1793a102f95141c3b32b37055f6b25cbc39ad22da5efff0e9a0774bdb56533bdc733a"}}}}}, 0x0)

1.756830309s ago: executing program 0 (id=8916):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x86}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xb, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

1.459584713s ago: executing program 0 (id=8917):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000280)={0x1c, &(0x7f00000002c0)={0x40, 0x17, 0x6, "5fd6aad003bb"}, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000500)={0x34, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)

1.107452986s ago: executing program 6 (id=8918):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0x4}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000000d0a010300000000000000000a0000010900020073797a31000000000900010073797a31"], 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
recvmsg(r2, &(0x7f0000002240)={0x0, 0x0, 0x0}, 0x0)

1.099398725s ago: executing program 6 (id=8919):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
epoll_create1(0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80002, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1a, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r4)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@ipv4_newrule={0x50, 0x20, 0x1, 0xffffffff, 0x0, {0x2, 0x0, 0x20}, [@FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x5}, @FRA_SRC={0x8, 0x2, @private=0xa010101}, @FRA_FLOW={0x8, 0xb, 0x2}, @FRA_SRC={0x8, 0x2, @remote}, @FRA_FLOW={0x8, 0xb, 0x1}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x7}]}, 0x50}, 0x1, 0x0, 0x0, 0x40008c4}, 0x8000)
r6 = fsopen(&(0x7f0000000040)='hpfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000280)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\bb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xd7\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)

1.055896812s ago: executing program 1 (id=8920):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x40)

994.866125ms ago: executing program 1 (id=8921):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688474c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

994.078623ms ago: executing program 8 (id=8922):
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x64)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x24, &(0x7f0000000200)=0x7, 0x4)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)

192.432176ms ago: executing program 7 (id=8923):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x4040844)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x38e72a2a, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6341, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x6}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70b925, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {}, {0xb, 0xb}, {0x0, 0xd}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x7, 0xb, 0x1, 0xfffffffc, 0xffff, 0x5, 0x1, 0x4000}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20018041}, 0xc804)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

74.677199ms ago: executing program 8 (id=8924):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r1, &(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x9)
pipe2$watch_queue(&(0x7f0000000480), 0x80)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
r3 = syz_open_dev$vbi(&(0x7f00000000c0), 0x0, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000100)={0x5, 0x4, 0x3, {0x5, @pix_mp={0x3ff, 0x6, 0x39fc6cb2, 0x9, 0x6, [{0x2, 0x5}, {0x1ff, 0x5}, {0x1, 0xfffffc01}, {0x10, 0x9}, {0xffffffff, 0x3}, {0x2, 0x9}, {0x7, 0x1509}, {0x2, 0xd}], 0x9, 0x2, 0x7, 0x2, 0x3}}, 0x8})
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r5, 0xc018643a, &(0x7f0000000140)={0x4000000})
ioctl$DRM_IOCTL_WAIT_VBLANK(r5, 0xc018643a, &(0x7f0000000000)={0x4000000, 0xd, 0x1})
pread64(r5, &(0x7f0000000180)=""/244, 0x20, 0x100000000)
fsmount(r4, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="2b637075736574209cc3c6790d0f063d77bafaf6e3e650f2bc1d84784ca19fee8339f821cce0c11a242b453630cbf96d6416b6d4a9a59438842245be3c33c10dd9998ae2e4ba9ee2b28e3d0267094765d1a8cfe26f9c5d7339f104863bc7d811c5010de935631284d99d6419d5cb27f1e2b9cb5f5c8fedb65a7bb624f34264f711238d0d689d99f97d71ba607e5d885e571e0623f619f8e2d4d34b35f4ecc9088339a24c77f1327b1161772906222641cef08af3abe907cecc55e250a92e893a27c8a178afbf0c2c560f0c0d47f62eec18fdf64eb0f9fdff609f1f7ee667ff55191bf20544b7c31b9f6ce856f3e0a3398daf95b3d8958b9a782f09ddc2dc148ba4b7c9e76958bb86b4352ae3ac6f5348"], 0x8)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_clone(0x8a140600, &(0x7f00000001c0)="07b5e42d30226aba87697ce3ff665d7cb4bdf0381b74230609ad5a0c5b8a9d5c2f3277994317083b76b0aedef0afef4267cf265f61c257cdf6b2b4f80e41dc603103f166f30d40ea85dfe1e8e66067ed6f2943db878e74532cf26a3f8c", 0x5d, &(0x7f0000000240), &(0x7f0000000340), &(0x7f0000000380)="646a21c1314836dab1375dc5370b85967842427f74c7fdda0fb7ef9233f6099289037fa8ede14a0147999b5b523275ef4abe7ff27941f54759b8ecf4d9f02b8e7d4d9dfadc80893ce8f09ba0bcc31b1ba7191c0c1c71e4bb4b162e670308b4d33e0f02aa5e24636f9c2d0db8a006018c1225f05d35d6e969f5fabf0a8c6ba2ea8675fa596d5d008285bc2bc52fea5fdafb52bfa310ecb3056c7f32881c0305e3ea74da8d")
sendmsg$nl_xfrm(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001100)={0x0}}, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000300), 0x6, 0x70202)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 1 (id=8925):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)}], 0x1)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', 0x40010, &(0x7f0000000340)=ANY=[@ANYBLOB='fd', @ANYRESHEX, @ANYBLOB, @ANYRESDEC, @ANYRESDEC=0xee00, @ANYBLOB=',max_read=0x0000000000000800,fsname=GPL\x00,hash,hash,appraise_type=imas'], 0x0, 0x0, &(0x7f0000000400))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x65, 0xa, 0x0, 0x0, 0x4000, 0x61, 0x11, 0x64}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

kernel console output (not intermixed with test programs):

 detected capacity change from 0 to 256
[ 1394.559921][T27809] : entered promiscuous mode
[ 1394.657699][T27825] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1394.737962][T27825] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1394.774749][T27825] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1394.812640][T27825] exFAT-fs (loop4): failed to load alloc-bitmap
[ 1394.840566][T27825] exFAT-fs (loop4): failed to recognize exfat type
[ 1395.616446][T27839] netlink: 96 bytes leftover after parsing attributes in process `syz.5.7569'.
[ 1399.114981][T27876] netlink: 96 bytes leftover after parsing attributes in process `syz.5.7580'.
[ 1400.371454][T24610] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[ 1400.658761][T24610] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 39, changing to 4
[ 1400.676698][T24610] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1400.688222][T24610] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1400.717154][T24610] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1400.756280][T24610] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1400.776482][T24610] usb 5-1: Product: syz
[ 1400.788468][T24610] usb 5-1: Manufacturer: syz
[ 1400.817494][T24610] usb 5-1: SerialNumber: syz
[ 1401.214281][T24610] usb 5-1: config 0 descriptor??
[ 1401.268632][T24610] usb 5-1: selecting invalid altsetting 0
[ 1401.441341][T24580] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1401.574693][T27903] usb 5-1: cannot submit urb 0, error -2: endpoint not enabled
[ 1401.592405][T27927] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1401.611405][T24580] usb 3-1: Using ep0 maxpacket: 32
[ 1401.629263][T24580] usb 3-1: config 9 has an invalid interface number: 37 but max is 0
[ 1401.638439][T24580] usb 3-1: config 9 has no interface number 0
[ 1401.641305][T27927] syzkaller0: entered promiscuous mode
[ 1401.665600][T24580] usb 3-1: config 9 interface 37 has no altsetting 0
[ 1401.684697][T27928] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1401.697870][T27927] syzkaller0: entered allmulticast mode
[ 1401.762438][T27928] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1401.775537][T24610] usb 5-1: USB disconnect, device number 18
[ 1401.805663][T27927] tipc: Resetting bearer <eth:syzkaller0>
[ 1401.821366][T27926] tipc: Resetting bearer <eth:syzkaller0>
[ 1401.917958][T27926] tipc: Disabling bearer <eth:syzkaller0>
[ 1401.962732][T24580] usb 3-1: New USB device found, idVendor=0734, idProduct=043b, bcdDevice=d8.00
[ 1401.974812][T24580] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1401.990907][T24580] usb 3-1: Product: syz
[ 1402.000945][T24580] usb 3-1: Manufacturer: 틙䎞읖䅓丯椇࿄齶诉횷騃䘰핱謄ﶨ费䁅翐缳఻쑉齮梓ଟ純鏠搜䷤⾣夂叇쯴塀댱쑀䫷錶ﯽ錔腮䪖떜怸ᾭ桔䅹闢렐聒몙텞ᒢȉ或篣턄湊诌귇
[ 1402.051882][T24580] usb 3-1: SerialNumber: syz
[ 1402.526384][T27935] netlink: 'syz.5.7600': attribute type 29 has an invalid length.
[ 1402.539289][T27935] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7600'.
[ 1402.674104][T27935] netlink: 'syz.5.7600': attribute type 2 has an invalid length.
[ 1402.746121][T27942] trusted_key: encrypted_key: master key parameter '' is invalid
[ 1403.123893][T27949] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1403.139956][T27949] tipc: Resetting bearer <eth:syzkaller0>
[ 1403.173858][T27948] tipc: Disabling bearer <eth:syzkaller0>
[ 1403.739311][T24580] gspca_main: spca506-2.14.0 probing 0734:043b
[ 1404.695948][T24580] usb 3-1: USB disconnect, device number 17
[ 1404.835017][T27971] syzkaller0: entered promiscuous mode
[ 1404.858943][T27971] syzkaller0: entered allmulticast mode
[ 1404.885677][T27971] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1404.957959][T27970] tipc: Resetting bearer <eth:syzkaller0>
[ 1405.168409][T27970] tipc: Disabling bearer <eth:syzkaller0>
[ 1409.610572][T28026] syzkaller0: entered promiscuous mode
[ 1409.640859][T28026] syzkaller0: entered allmulticast mode
[ 1409.783031][T28026] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1409.954809][T22519] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1411.964414][T28024] tipc: Resetting bearer <eth:syzkaller0>
[ 1412.079060][T28024] tipc: Disabling bearer <eth:syzkaller0>
[ 1412.080951][T28040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7633'.
[ 1412.094397][T28040] openvswitch: netlink: Key type 796 is out of range max 32
[ 1412.110501][T28040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7633'.
[ 1412.131158][T22519] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1412.139758][T22519] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1412.177678][T22519] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1412.192304][T22519] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1412.200422][T22519] usb 6-1: Manufacturer: syz
[ 1412.221519][T22519] usb 6-1: config 0 descriptor??
[ 1412.276042][T28040] hsr_slave_1 (unregistering): left promiscuous mode
[ 1412.522510][T22519] rc_core: IR keymap rc-hauppauge not found
[ 1412.528737][T22519] Registered IR keymap rc-empty
[ 1412.537491][T22519] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[ 1412.551316][T22519] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input10
[ 1412.699879][T22519] usb 6-1: USB disconnect, device number 13
[ 1413.513019][T28064] xt_hashlimit: max too large, truncated to 1048576
[ 1415.130383][T16264] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1415.493131][T16264] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1415.501885][T16264] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1415.514073][T16264] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1415.524749][T16264] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1415.538075][T16264] usb 3-1: Manufacturer: syz
[ 1415.538554][T28100] netlink: 252 bytes leftover after parsing attributes in process `syz.1.7651'.
[ 1415.611678][T28100] $H�: left promiscuous mode
[ 1415.617739][T28100] bond_slave_0: left promiscuous mode
[ 1415.626786][T28100] bond_slave_1: left promiscuous mode
[ 1415.687610][T28100] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1415.722378][T16264] usb 3-1: config 0 descriptor??
[ 1416.125617][T28104] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7652'.
[ 1416.193947][T28106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1416.211418][T28106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1416.385165][T28104] openvswitch: netlink: Key type 796 is out of range max 32
[ 1416.453819][T28108] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7652'.
[ 1416.511347][T16264] rc_core: IR keymap rc-hauppauge not found
[ 1416.518294][T16264] Registered IR keymap rc-empty
[ 1416.530328][T16264] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1416.565548][T16264] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input11
[ 1416.825506][T28108] hsr_slave_1 (unregistering): left promiscuous mode
[ 1416.859339][T16264] usb 3-1: USB disconnect, device number 18
[ 1417.047895][T28120] ubi31: attaching mtd0
[ 1417.133222][T28120] ubi31: scanning is finished
[ 1417.160688][T28120] ubi31: empty MTD device detected
[ 1418.089369][T28133] xt_hashlimit: max too large, truncated to 1048576
[ 1418.539261][T28120] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1418.767705][T28120] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1418.916492][T28120] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1419.066683][T28120] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1419.302982][T28120] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1419.394163][T28120] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1419.426799][T28146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7664'.
[ 1419.520985][T28120] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2419066967
[ 1419.549251][T28120] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1419.893756][T28134] ubi31: background thread "ubi_bgt31d" started, PID 28134
[ 1421.030686][T28170] netlink: 'syz.5.7672': attribute type 1 has an invalid length.
[ 1421.129187][T28170] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1421.199253][T28180] syzkaller0: entered promiscuous mode
[ 1421.288548][T28180] syzkaller0: entered allmulticast mode
[ 1421.300014][T28183] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1422.801450][T28211] netlink: 'syz.5.7686': attribute type 1 has an invalid length.
[ 1422.903333][T28211] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1423.176528][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.187515][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.251340][T28223] syzkaller0: entered promiscuous mode
[ 1423.258152][T28223] syzkaller0: entered allmulticast mode
[ 1424.320573][T28242] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1424.436122][T28246] ieee802154 phy0 wpan0: encryption failed: -22
[ 1424.855491][T28251] netlink: 'syz.1.7700': attribute type 1 has an invalid length.
[ 1424.951850][T28251] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1425.352458][T28271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7706'.
[ 1425.688450][T28279] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7710'.
[ 1425.699403][T28279] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7710'.
[ 1427.464747][T28305] trusted_key: encrypted_key: insufficient parameters specified
[ 1427.528258][T28303] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7716'.
[ 1428.571478][T28316] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7721'.
[ 1428.975341][T28323] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7724'.
[ 1429.546669][T28341] netlink: 'syz.2.7727': attribute type 29 has an invalid length.
[ 1429.554828][T28341] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7727'.
[ 1429.571626][T28341] netlink: 'syz.2.7727': attribute type 2 has an invalid length.
[ 1429.700665][T28343] netlink: 'syz.0.7728': attribute type 1 has an invalid length.
[ 1429.759383][T28343] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1429.767272][T28345] netlink: 'syz.1.7729': attribute type 1 has an invalid length.
[ 1429.836172][T28343] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7728'.
[ 1429.870617][T28343] bond3: entered promiscuous mode
[ 1430.205792][T28343] bond3 (unregistering): Released all slaves
[ 1430.674582][T28361] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7736'.
[ 1430.893511][T28371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7740'.
[ 1431.056521][T28378] blktrace: Concurrent blktraces are not allowed on sg0
[ 1431.344200][T28399] veth1_to_bond: entered allmulticast mode
[ 1431.371432][T28399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7746'.
[ 1431.525541][T28407] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7749'.
[ 1435.117698][T28397] veth1_to_bond: left allmulticast mode
[ 1435.925861][T28474] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7766'.
[ 1437.069011][T28491] netlink: 96 bytes leftover after parsing attributes in process `syz.1.7770'.
[ 1437.102913][T28489] kvm: emulating exchange as write
[ 1438.050460][T28510] gretap0: entered promiscuous mode
[ 1438.072955][T28510] vlan0: entered promiscuous mode
[ 1438.102220][T28512] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7779'.
[ 1438.417259][T28516] syzkaller0: entered promiscuous mode
[ 1438.430928][T28516] syzkaller0: entered allmulticast mode
[ 1439.854451][T28544] vlan0: entered promiscuous mode
[ 1440.082875][T28551] debugfs: '1��^!�l�1�*�$pOc�ɔ��r$�G����t:�u�' already exists in 'ieee80211'
[ 1440.696271][T28554] xt_CT: No such helper "pptp"
[ 1441.485053][T28584] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7804'.
[ 1441.568714][T28588] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7806'.
[ 1441.602005][T28588] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7806'.
[ 1441.649229][T28590] debugfs: '1��^!�l�1�*�$pOc�ɔ��r$�G����t:�u�' already exists in 'ieee80211'
[ 1442.008361][T28604] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7815'.
[ 1442.181788][T28610] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7817'.
[ 1442.263667][T28612] syzkaller0: entered promiscuous mode
[ 1442.302855][T28612] syzkaller0: entered allmulticast mode
[ 1442.346024][T28620] trusted_key: encrypted_key: master key parameter 'tru' is invalid
[ 1442.890241][T28636] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7828'.
[ 1442.891700][T28634] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7827'.
[ 1442.992533][T28642] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7830'.
[ 1443.080224][T28645] trusted_key: encrypted_key: master key parameter 'truste' is invalid
[ 1443.540555][T28669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7842'.
[ 1443.570360][T28670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7843'.
[ 1444.740911][ T5918] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1445.000928][ T5918] usb 2-1: Using ep0 maxpacket: 32
[ 1445.009599][ T5918] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[ 1445.019731][ T5918] usb 2-1: config 0 has no interface number 0
[ 1445.033185][ T5918] usb 2-1: config 0 interface 196 has no altsetting 0
[ 1445.054299][ T5918] usb 2-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[ 1445.063946][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1445.073998][ T5918] usb 2-1: Product: syz
[ 1445.085009][ T5918] usb 2-1: Manufacturer: syz
[ 1445.095375][ T5918] usb 2-1: SerialNumber: syz
[ 1445.114813][ T5918] usb 2-1: config 0 descriptor??
[ 1445.332152][T28710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1445.374727][T28710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1445.416550][ T5918] ipheth 2-1:0.196: Unable to find endpoints
[ 1445.434366][ T5918] usb 2-1: USB disconnect, device number 20
[ 1446.514360][T28755] syzkaller0: entered promiscuous mode
[ 1446.519894][T28755] syzkaller0: entered allmulticast mode
[ 1446.535753][T28759] syzkaller1: entered promiscuous mode
[ 1446.559350][T28759] syzkaller1: entered allmulticast mode
[ 1447.088700][T28776] xt_hashlimit: max too large, truncated to 1048576
[ 1448.413881][T28799] blktrace: Concurrent blktraces are not allowed on sg0
[ 1448.700530][T28813] __nla_validate_parse: 1 callbacks suppressed
[ 1448.700546][T28813] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7897'.
[ 1450.224044][T28834] tipc: New replicast peer: 172.20.20.63
[ 1450.230861][T28834] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1450.262710][T28836] netlink: 'syz.1.7907': attribute type 1 has an invalid length.
[ 1450.305621][T28836] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1450.337763][T28836] bond1: (slave dummy0): making interface the new active one
[ 1450.396298][T28836] bond1: (slave dummy0): Enslaving as an active interface with an up link
[ 1450.857206][T28838] bond1 (unregistering): (slave dummy0): Releasing active interface
[ 1450.898068][T28838] bond1 (unregistering): Released all slaves
[ 1451.350957][T23368] tipc: Node number set to 2924055562
[ 1451.523106][T28859] netlink: 252 bytes leftover after parsing attributes in process `syz.0.7913'.
[ 1451.615639][T28859] $H�: left promiscuous mode
[ 1451.621631][T28859] 8021q: adding VLAN 0 to HW filter on device $H�
[ 1451.637146][T28859] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1453.016522][T28883] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7926'.
[ 1453.044309][T28883] openvswitch: netlink: Key type 796 is out of range max 32
[ 1453.074581][T28883] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7926'.
[ 1453.156806][T28883] hsr_slave_1 (unregistering): left promiscuous mode
[ 1454.869831][T28909] syzkaller0: entered promiscuous mode
[ 1454.882858][T28909] syzkaller0: entered allmulticast mode
[ 1455.112003][T28919] sysfs: cannot create duplicate filename '/class/ieee80211/1��^!�l�1�*�$pOc�ɔ��r$�G����t:�u�'
[ 1455.123276][T28919] CPU: 0 UID: 0 PID: 28919 Comm: syz.1.7939 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1455.123307][T28919] Tainted: [L]=SOFTLOCKUP
[ 1455.123314][T28919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1455.123326][T28919] Call Trace:
[ 1455.123334][T28919]  <TASK>
[ 1455.123343][T28919]  dump_stack_lvl+0x189/0x250
[ 1455.123376][T28919]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1455.123398][T28919]  ? __pfx__printk+0x10/0x10
[ 1455.123426][T28919]  ? __rcu_read_unlock+0x84/0xe0
[ 1455.123444][T28919]  ? kernfs_path_from_node+0x2f/0x290
[ 1455.123464][T28919]  ? kernfs_path_from_node+0x250/0x290
[ 1455.123481][T28919]  ? kernfs_path_from_node+0x2f/0x290
[ 1455.123504][T28919]  sysfs_warn_dup+0x8e/0xa0
[ 1455.123523][T28919]  sysfs_do_create_link_sd+0xc0/0x110
[ 1455.123546][T28919]  device_add_class_symlinks+0x1cf/0x240
[ 1455.123574][T28919]  device_add+0x475/0xb80
[ 1455.123602][T28919]  wiphy_register+0x1d2e/0x2d20
[ 1455.123643][T28919]  ? __pfx_wiphy_register+0x10/0x10
[ 1455.123669][T28919]  ? minstrel_ht_alloc+0x6e0/0x7e0
[ 1455.123697][T28919]  ? ieee80211_init_rate_ctrl_alg+0x55d/0x5d0
[ 1455.123729][T28919]  ieee80211_register_hw+0x34a7/0x4110
[ 1455.123764][T28919]  ? ieee80211_register_hw+0x13f1/0x4110
[ 1455.123794][T28919]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1455.123811][T28919]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1455.123848][T28919]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1455.123874][T28919]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1455.123907][T28919]  ? __hrtimer_setup+0x181/0x200
[ 1455.123930][T28919]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1455.123952][T28919]  mac80211_hwsim_new_radio+0x2f76/0x5320
[ 1455.124009][T28919]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1455.124033][T28919]  ? __kmalloc_node_track_caller_noprof+0x594/0x820
[ 1455.124054][T28919]  ? kstrndup+0xbf/0x160
[ 1455.124084][T28919]  hwsim_new_radio_nl+0xf5b/0x1bd0
[ 1455.124116][T28919]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1455.124157][T28919]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1455.124189][T28919]  ? rcu_is_watching+0x15/0xb0
[ 1455.124212][T28919]  ? __nla_parse+0x40/0x60
[ 1455.124233][T28919]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1455.124265][T28919]  genl_family_rcv_msg_doit+0x215/0x300
[ 1455.124297][T28919]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1455.124335][T28919]  ? bpf_lsm_capable+0x9/0x20
[ 1455.124356][T28919]  ? security_capable+0x7e/0x2e0
[ 1455.124382][T28919]  genl_rcv_msg+0x60e/0x790
[ 1455.124413][T28919]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1455.124437][T28919]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1455.124477][T28919]  netlink_rcv_skb+0x208/0x470
[ 1455.124499][T28919]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1455.124525][T28919]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1455.124566][T28919]  ? down_read+0x274/0x2e0
[ 1455.124583][T28919]  ? genl_rcv+0xd/0x40
[ 1455.124608][T28919]  genl_rcv+0x28/0x40
[ 1455.124629][T28919]  netlink_unicast+0x82f/0x9e0
[ 1455.124658][T28919]  ? __pfx_netlink_unicast+0x10/0x10
[ 1455.124678][T28919]  ? netlink_sendmsg+0x642/0xb30
[ 1455.124697][T28919]  ? skb_put+0x11b/0x210
[ 1455.124718][T28919]  netlink_sendmsg+0x805/0xb30
[ 1455.124737][T28919]  ? aa_sk_perm+0x15f/0x920
[ 1455.124764][T28919]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1455.124787][T28919]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1455.124818][T28919]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1455.124838][T28919]  sock_sendmsg_nosec+0x18f/0x1d0
[ 1455.124873][T28919]  ____sys_sendmsg+0x577/0x880
[ 1455.124903][T28919]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1455.124932][T28919]  ? import_iovec+0x74/0xa0
[ 1455.124952][T28919]  ___sys_sendmsg+0x21f/0x2a0
[ 1455.124974][T28919]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1455.125001][T28919]  ? futex_wake+0x4b2/0x560
[ 1455.125052][T28919]  ? __fget_files+0x2a/0x420
[ 1455.125074][T28919]  ? __fget_files+0x3a0/0x420
[ 1455.125107][T28919]  __x64_sys_sendmsg+0x19b/0x260
[ 1455.125130][T28919]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1455.125168][T28919]  ? do_syscall_64+0xbe/0xf80
[ 1455.125190][T28919]  do_syscall_64+0xfa/0xf80
[ 1455.125208][T28919]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1455.125226][T28919]  ? clear_bhb_loop+0x60/0xb0
[ 1455.125247][T28919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1455.125278][T28919] RIP: 0033:0x7f974938f749
[ 1455.125301][T28919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1455.125317][T28919] RSP: 002b:00007f97475ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1455.125337][T28919] RAX: ffffffffffffffda RBX: 00007f97495e6180 RCX: 00007f974938f749
[ 1455.125350][T28919] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 000000000000000b
[ 1455.125361][T28919] RBP: 00007f9749413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1455.125373][T28919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1455.125383][T28919] R13: 00007f97495e6218 R14: 00007f97495e6180 R15: 00007fff12d25948
[ 1455.125417][T28919]  </TASK>
[ 1455.801533][T28924] netlink: 60 bytes leftover after parsing attributes in process `syz.2.7940'.
[ 1455.848591][T28924] loop2: detected capacity change from 0 to 512
[ 1455.857916][T28924] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1455.975792][T28924] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.7940: Allocating blocks 41-42 which overlap fs metadata
[ 1456.025945][T28924] Quota error (device loop2): write_blk: dquota write failed
[ 1456.050884][T28924] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[ 1456.173258][T28924] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1456.191492][T28924] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.7940: Failed to acquire dquot type 1
[ 1456.226127][T28924] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1456.357481][T28924] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.7940: corrupted inode contents
[ 1456.400598][T28924] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #12: comm syz.2.7940: mark_inode_dirty error
[ 1456.443030][T28924] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.7940: corrupted inode contents
[ 1456.479669][T28924] EXT4-fs error (device loop2): __ext4_ext_dirty:211: inode #12: comm syz.2.7940: mark_inode_dirty error
[ 1456.518806][T28924] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.7940: corrupted inode contents
[ 1456.567163][T28924] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[ 1456.646957][T28924] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.7940: corrupted inode contents
[ 1456.687673][T28924] EXT4-fs error (device loop2): ext4_truncate:4635: inode #12: comm syz.2.7940: mark_inode_dirty error
[ 1456.720640][T28924] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[ 1456.769608][T28924] EXT4-fs (loop2): 1 truncate cleaned up
[ 1456.809732][T28924] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1456.830500][T28924] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1457.194623][T28950] syzkaller0: entered promiscuous mode
[ 1457.200135][T28950] syzkaller0: entered allmulticast mode
[ 1458.120055][T28965] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7956'.
[ 1458.120082][T28965] openvswitch: netlink: Key type 796 is out of range max 32
[ 1458.196805][T28968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7956'.
[ 1459.355391][T28960] loop2: detected capacity change from 0 to 40427
[ 1459.418361][T28985] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7962'.
[ 1459.438498][T28960] F2FS-fs (loop2): invalid crc value
[ 1459.579002][T28960] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1459.605314][T28960] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1460.165694][T22860] bio_check_eod: 1373 callbacks suppressed
[ 1460.165713][T22860] syz-executor: attempt to access beyond end of device
[ 1460.165713][T22860] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1460.213891][T22860] CPU: 1 UID: 0 PID: 22860 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1460.213921][T22860] Tainted: [L]=SOFTLOCKUP
[ 1460.213928][T22860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1460.213939][T22860] Call Trace:
[ 1460.213947][T22860]  <TASK>
[ 1460.213955][T22860]  dump_stack_lvl+0x189/0x250
[ 1460.213986][T22860]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1460.214004][T22860]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 1460.214029][T22860]  ? __pfx_queue_work_on+0x10/0x10
[ 1460.214047][T22860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1460.214071][T22860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1460.214109][T22860]  f2fs_handle_critical_error+0x37c/0x540
[ 1460.214138][T22860]  f2fs_write_end_io+0x886/0xb60
[ 1460.214180][T22860]  __submit_merged_bio+0x256/0x660
[ 1460.214208][T22860]  __submit_merged_write_cond+0x269/0x530
[ 1460.214238][T22860]  f2fs_write_data_pages+0x2756/0x3290
[ 1460.214301][T22860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1460.214320][T22860]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1460.214400][T22860]  ? __page_cache_release+0x8a6/0xbb0
[ 1460.214432][T22860]  ? __lock_acquire+0x6b6/0x2cf0
[ 1460.214469][T22860]  ? __lock_acquire+0x6b6/0x2cf0
[ 1460.214499][T22860]  ? do_raw_spin_lock+0x121/0x290
[ 1460.214536][T22860]  ? do_raw_spin_unlock+0x122/0x240
[ 1460.214560][T22860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1460.214583][T22860]  do_writepages+0x32e/0x550
[ 1460.214618][T22860]  ? do_raw_spin_unlock+0x122/0x240
[ 1460.214647][T22860]  filemap_fdatawrite+0x199/0x240
[ 1460.214670][T22860]  ? __pfx_filemap_fdatawrite+0x10/0x10
[ 1460.214750][T22860]  ? do_raw_spin_unlock+0x122/0x240
[ 1460.214779][T22860]  f2fs_sync_dirty_inodes+0x30f/0x810
[ 1460.214820][T22860]  f2fs_write_checkpoint+0x935/0x2430
[ 1460.214881][T22860]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 1460.214974][T22860]  kill_f2fs_super+0x2d2/0x6c0
[ 1460.215005][T22860]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1460.215050][T22860]  ? shrinker_free+0x2ce/0x3e0
[ 1460.215074][T22860]  deactivate_locked_super+0xbc/0x130
[ 1460.215102][T22860]  cleanup_mnt+0x425/0x4c0
[ 1460.215127][T22860]  ? lockdep_hardirqs_on+0x98/0x140
[ 1460.215149][T22860]  task_work_run+0x1d4/0x260
[ 1460.215175][T22860]  ? __pfx_task_work_run+0x10/0x10
[ 1460.215205][T22860]  ? exit_to_user_mode_loop+0x55/0x4f0
[ 1460.215230][T22860]  exit_to_user_mode_loop+0xff/0x4f0
[ 1460.215247][T22860]  ? rcu_is_watching+0x15/0xb0
[ 1460.215274][T22860]  do_syscall_64+0x2e3/0xf80
[ 1460.215294][T22860]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1460.215311][T22860]  ? clear_bhb_loop+0x60/0xb0
[ 1460.215333][T22860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1460.215349][T22860] RIP: 0033:0x7f3cf4d90a77
[ 1460.215366][T22860] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1460.215381][T22860] RSP: 002b:00007ffcb24a5558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1460.215401][T22860] RAX: 0000000000000000 RBX: 00007f3cf4e13d7d RCX: 00007f3cf4d90a77
[ 1460.215413][T22860] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb24a5610
[ 1460.215431][T22860] RBP: 00007ffcb24a5610 R08: 0000000000000000 R09: 0000000000000000
[ 1460.215441][T22860] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb24a66a0
[ 1460.215452][T22860] R13: 00007f3cf4e13d7d R14: 00000000001646fa R15: 00007ffcb24a66e0
[ 1460.215489][T22860]  </TASK>
[ 1460.215497][T22860] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 1461.029496][T29007] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7972'.
[ 1461.061540][T29007] openvswitch: netlink: Key type 796 is out of range max 32
[ 1461.153874][T29016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7972'.
[ 1461.312824][T29022] loop4: detected capacity change from 0 to 1024
[ 1461.369952][T29022] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1461.446089][T24335] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1461.561765][T29028] syzkaller0: entered promiscuous mode
[ 1461.567442][T29028] syzkaller0: entered allmulticast mode
[ 1461.609232][T29020] loop2: detected capacity change from 0 to 32768
[ 1461.622306][T29020] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.7974 (29020)
[ 1461.671343][T29020] BTRFS info (device loop2): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[ 1461.745068][T29020] BTRFS info (device loop2): using blake2b (blake2b-256-lib) checksum algorithm
[ 1461.915423][T29054] syzkaller0: entered promiscuous mode
[ 1461.922443][T29054] syzkaller0: entered allmulticast mode
[ 1462.067850][T29020] BTRFS info (device loop2): enabling ssd optimizations
[ 1462.076863][T29020] BTRFS info (device loop2): turning on async discard
[ 1462.084165][T29020] BTRFS info (device loop2): enabling free space tree
[ 1462.093970][T29020] BTRFS info (device loop2): use lzo compression, level 1
[ 1462.283100][T29065] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7986'.
[ 1462.485381][T29069] syzkaller0: entered promiscuous mode
[ 1462.651686][T29069] syzkaller0: entered allmulticast mode
[ 1462.689534][T29020] BTRFS: error (device loop2) in rollback_verity:461: errno=-4 unknown (failed to drop verity items in rollback 258)
[ 1462.837345][T29020] BTRFS info (device loop2 state E): forced readonly
[ 1462.868015][T29020] BTRFS error (device loop2 state E): failed to rollback verity items: -4
[ 1462.891746][T29020] fs-verity (loop2, inode 258): btrfs_end_enable_verity() failed with err -4
[ 1462.981935][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1463.004093][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1463.017582][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1463.171390][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1463.181658][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1463.798609][T22860] BTRFS info (device loop2 state E): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[ 1464.175190][T29076] chnl_net:caif_netlink_parms(): no params data found
[ 1464.325397][T29096] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7994'.
[ 1464.520163][T29076] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1464.530152][T29076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1464.551563][T29076] bridge_slave_0: entered allmulticast mode
[ 1464.561425][T29076] bridge_slave_0: entered promiscuous mode
[ 1464.583308][T29076] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1464.592473][T29076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1464.600012][T29076] bridge_slave_1: entered allmulticast mode
[ 1464.623489][T29076] bridge_slave_1: entered promiscuous mode
[ 1464.717399][T29076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1464.747974][T29076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1464.881970][T29076] team0: Port device team_slave_0 added
[ 1464.925453][T29076] team0: Port device team_slave_1 added
[ 1465.333626][ T5841] Bluetooth: hci4: command tx timeout
[ 1465.542491][T29076] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1465.549512][T29076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1465.583321][T29076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1465.596868][T29076] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1465.604376][T29076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1465.662425][T29076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1465.914309][T29076] hsr_slave_0: entered promiscuous mode
[ 1465.923906][T29076] hsr_slave_1: entered promiscuous mode
[ 1465.943411][T29126] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1465.956498][T29133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8007'.
[ 1467.259793][T29076] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1467.292531][T29076] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1467.352610][T29076] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1467.387439][T29131] loop4: detected capacity change from 0 to 32768
[ 1467.421906][T29150] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8012'.
[ 1467.435916][ T5841] Bluetooth: hci4: command tx timeout
[ 1467.508408][T29143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8011'.
[ 1467.562267][T29076] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1467.813749][T29076] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1467.858883][T29076] 8021q: adding VLAN 0 to HW filter on device team0
[ 1467.886133][T29163] netlink: 'syz.2.8015': attribute type 1 has an invalid length.
[ 1467.895470][T19151] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1467.902689][T19151] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1467.998664][T29163] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1468.046566][T29165] macvlan0: entered promiscuous mode
[ 1468.054797][T29165] macvlan0: entered allmulticast mode
[ 1468.082159][T29165] bond1: entered allmulticast mode
[ 1468.099265][T29165] bond1: entered promiscuous mode
[ 1468.118398][T29165] 8021q: adding VLAN 0 to HW filter on device macvlan0
[ 1468.148514][T29165] team0: Port device macvlan0 added
[ 1468.262753][T29167] bond1: (slave ip6gretap1): making interface the new active one
[ 1468.270492][T29167] ip6gretap1: entered promiscuous mode
[ 1468.279644][T29167] ip6gretap1: entered allmulticast mode
[ 1468.386676][T29167] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 1468.406892][T19151] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1468.414123][T19151] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1468.507649][T29161] loop4: detected capacity change from 0 to 32768
[ 1468.546787][T29161] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.8013 (29161)
[ 1468.634384][T29161] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1468.742314][T29161] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[ 1468.907426][T29191] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8018'.
[ 1468.967166][T29161] BTRFS info (device loop4): turning off barriers
[ 1468.973910][T29161] BTRFS info (device loop4): enabling free space tree
[ 1468.980698][T29161] BTRFS info (device loop4): use zstd compression, level 3
[ 1469.045422][T29076] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1469.495039][ T5841] Bluetooth: hci4: command tx timeout
[ 1469.886609][T24335] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1470.099502][T29217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8024'.
[ 1470.331964][T29220] blktrace: Concurrent blktraces are not allowed on sg0
[ 1471.085530][T29076] veth0_vlan: entered promiscuous mode
[ 1471.201648][T29076] veth1_vlan: entered promiscuous mode
[ 1471.234316][T29076] veth0_macvtap: entered promiscuous mode
[ 1471.246484][T29076] veth1_macvtap: entered promiscuous mode
[ 1471.269169][T29076] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1471.312877][T29076] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1471.574512][ T5841] Bluetooth: hci4: command tx timeout
[ 1472.251898][T29234] xt_CT: No such helper "pptp"
[ 1472.414508][T15746] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1472.470718][T15746] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1472.547835][T29240] loop2: detected capacity change from 0 to 512
[ 1472.553284][T15746] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1472.555063][T29240] EXT4-fs: Ignoring removed orlov option
[ 1472.598390][T15746] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1472.704930][T29253] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8031'.
[ 1472.743117][T29240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1472.827534][T29240] ext4 filesystem being mounted at /409/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1473.031817][T29259] EXT4-fs (loop2): shut down requested (1)
[ 1473.177973][T22860] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1473.221564][T29203] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[ 1473.254716][T22908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1473.273239][T22908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1473.362367][T29203] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[ 1473.834764][ T1130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1473.932510][ T1130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1474.203680][T23368] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[ 1474.254555][T29278] tipc: Started in network mode
[ 1474.259916][T29278] tipc: Node identity be82db23bbab, cluster identity 4711
[ 1474.281041][T29278] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1474.363078][T23368] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1474.382618][T23368] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1474.471786][T29278] tipc: Resetting bearer <eth:syzkaller0>
[ 1474.482186][T23368] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1474.964788][T23368] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1474.973035][T23368] usb 3-1: Manufacturer: syz
[ 1474.980383][T23368] usb 3-1: config 0 descriptor??
[ 1475.010106][T29277] tipc: Disabling bearer <eth:syzkaller0>
[ 1475.082372][T23368] rc_core: IR keymap rc-hauppauge not found
[ 1475.097874][T29285] syzkaller0: entered promiscuous mode
[ 1475.110074][T23368] Registered IR keymap rc-empty
[ 1475.115649][T29285] syzkaller0: entered allmulticast mode
[ 1475.122648][T23368] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1475.141067][T23368] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input12
[ 1475.263904][T29288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1475.282171][T29288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1475.352598][T29293] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8042'.
[ 1475.453314][T22850] usb 3-1: USB disconnect, device number 19
[ 1475.509995][T29301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8044'.
[ 1476.522718][T29314] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8050'.
[ 1477.127736][T29323] syzkaller0: entered promiscuous mode
[ 1477.145290][T29323] syzkaller0: entered allmulticast mode
[ 1477.219739][T29310] loop4: detected capacity change from 0 to 32768
[ 1477.234326][T29310] XFS (loop4): invalid log iosize: -1 [not 12-30]
[ 1477.402742][T29330] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8055'.
[ 1477.531591][T29336] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8060'.
[ 1478.791354][T22850] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1479.753789][T22850] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1479.784987][T22850] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1480.346813][T22850] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1480.372068][T22850] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1480.398732][T22850] usb 7-1: Manufacturer: syz
[ 1480.499513][T22850] usb 7-1: config 0 descriptor??
[ 1480.651109][T22850] rc_core: IR keymap rc-hauppauge not found
[ 1480.662294][T22850] Registered IR keymap rc-empty
[ 1480.679853][T22850] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[ 1480.723256][T22850] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input13
[ 1480.792576][T22850] usb 7-1: USB disconnect, device number 2
[ 1481.064287][T29380] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8072'.
[ 1481.891998][T29390] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8075'.
[ 1483.347803][T29430] loop2: detected capacity change from 0 to 512
[ 1483.357399][T29430] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1483.365135][T29430] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1483.389883][T29430] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.8084: bad orphan inode 131083
[ 1483.404079][T29430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1483.435524][T29430] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[ 1483.463709][T29430] overlayfs: upper fs needs to support d_type.
[ 1483.473227][T29430] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[ 1483.528903][T29430] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.8084: path /: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1483.581209][T22860] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz-executor: path /422/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1484.299335][T22860] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1484.476060][T22904] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.615938][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.621745][T22904] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.622401][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.775059][T19170] tipc: Resetting bearer <ib:wg1>
[ 1484.795551][T22904] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.879224][T22904] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.972549][T29459] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8095'.
[ 1484.993565][T29459] openvswitch: netlink: Key type 796 is out of range max 32
[ 1485.094732][T29459] vlan2: entered promiscuous mode
[ 1485.100333][T29463] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8095'.
[ 1485.109596][T29459] vlan2: entered allmulticast mode
[ 1485.116363][T29459] hsr_slave_1: entered allmulticast mode
[ 1485.125852][T29462] netlink: 'syz.1.8094': attribute type 29 has an invalid length.
[ 1485.133859][T29462] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8094'.
[ 1485.209425][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1485.221274][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1485.230164][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1485.240673][T29462] netlink: 'syz.1.8094': attribute type 2 has an invalid length.
[ 1485.314475][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1485.339551][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1485.532577][T22904] bridge_slave_1: left allmulticast mode
[ 1485.544730][T22904] bridge_slave_1: left promiscuous mode
[ 1485.562582][T22904] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1485.571524][T24580] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1485.587993][T22904] 
: left allmulticast mode
[ 1485.595914][T22904] 
: left promiscuous mode
[ 1485.612707][T22904] bridge0: port 1(
) entered disabled state
[ 1485.646500][T29475] netlink: 244 bytes leftover after parsing attributes in process `syz.6.8100'.
[ 1485.735470][T24580] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1485.748540][T24580] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1485.779096][T24580] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1485.799836][T24580] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1485.826854][T24580] usb 5-1: Manufacturer: syz
[ 1485.832920][T22904] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1485.842026][T22904] ip6gretap1 (unregistering): left allmulticast mode
[ 1485.869221][T24580] usb 5-1: config 0 descriptor??
[ 1485.992683][T24580] rc_core: IR keymap rc-hauppauge not found
[ 1485.999037][T24580] Registered IR keymap rc-empty
[ 1486.009470][T24580] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1486.070511][T24580] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input14
[ 1486.192098][T29480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1486.202410][T29480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1486.974962][T22904] $H� (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1486.987313][T22904] bond_slave_0: left promiscuous mode
[ 1486.993335][T22904] bond_slave_0: left allmulticast mode
[ 1487.001319][T22904] $H� (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1487.010679][T22904] bond_slave_1: left promiscuous mode
[ 1487.018034][T22904] bond_slave_1: left allmulticast mode
[ 1487.025839][T22904] $H� (unregistering): Released all slaves
[ 1487.189090][T22904] bond0 (unregistering): Released all slaves
[ 1487.345277][T22904] bond1 (unregistering): left allmulticast mode
[ 1487.352039][T22904] bond1 (unregistering): left promiscuous mode
[ 1487.377718][T22904] team0: Port device macvlan0 removed
[ 1487.388388][T22904] bond1 (unregistering): Released all slaves
[ 1487.405721][T29487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8101'.
[ 1487.419866][T22850] usb 5-1: USB disconnect, device number 19
[ 1487.421088][ T5838] Bluetooth: hci5: command tx timeout
[ 1487.557667][T22904] : left promiscuous mode
[ 1487.846932][T22904] tipc: Disabling bearer <ib:wg1>
[ 1487.865147][T22904] tipc: Disabling bearer <udp:syz2>
[ 1487.890835][T22904] tipc: Left network mode
[ 1487.959039][T29507] netlink: 'syz.6.8107': attribute type 1 has an invalid length.
[ 1488.329235][T29466] chnl_net:caif_netlink_parms(): no params data found
[ 1488.586254][T22904] hsr_slave_0: left promiscuous mode
[ 1488.625008][T22904] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1488.651835][T22904] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1488.672428][T22904] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1488.731396][T22904] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1488.918113][T22904] veth1_macvtap: left promiscuous mode
[ 1488.924900][T22904] veth0_macvtap: left promiscuous mode
[ 1489.008576][T29526] netlink: 244 bytes leftover after parsing attributes in process `syz.1.8113'.
[ 1489.520936][ T5838] Bluetooth: hci5: command tx timeout
[ 1489.956763][T29541] netlink: 'syz.0.8118': attribute type 1 has an invalid length.
[ 1490.059725][T22904] team0 (unregistering): Port device team_slave_1 removed
[ 1490.117210][T22904] team0 (unregistering): Port device team_slave_0 removed
[ 1491.098204][T29466] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1491.123129][T29466] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1491.133121][T29466] bridge_slave_0: entered allmulticast mode
[ 1491.165635][T29466] bridge_slave_0: entered promiscuous mode
[ 1491.188235][T29561] ubi: mtd0 is already attached to ubi31
[ 1491.217393][T29466] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1491.291783][T29466] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1491.310038][T29466] bridge_slave_1: entered allmulticast mode
[ 1491.351121][T29466] bridge_slave_1: entered promiscuous mode
[ 1491.482898][T29466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1491.524390][T29565] netlink: 252 bytes leftover after parsing attributes in process `syz.0.8124'.
[ 1491.563012][T29466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1491.582441][ T5838] Bluetooth: hci5: command tx timeout
[ 1492.591375][T29566] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1493.024788][T29466] team0: Port device team_slave_0 added
[ 1493.042733][T29466] team0: Port device team_slave_1 added
[ 1493.104254][T29466] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1493.111867][T29466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1493.163240][T29466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1493.278567][T29466] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1493.296658][T29466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1493.326231][T29558] loop4: detected capacity change from 0 to 32768
[ 1493.579798][T29466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1493.724524][ T5838] Bluetooth: hci5: command tx timeout
[ 1493.790046][T29558] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[ 1493.868265][T29558] OCFS2: ERROR (device loop4): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 73: bits per cluster 32
[ 1493.886729][T29558] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1493.903549][T29558] OCFS2: File system is now read-only.
[ 1493.914354][T29558] (syz.4.8123,29558,1):ocfs2_read_locked_inode:599 ERROR: status = -30
[ 1493.946042][T29558] (syz.4.8123,29558,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[ 1493.970039][T29558] (syz.4.8123,29558,1):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=8, slot=0
[ 1494.076240][T29558] (syz.4.8123,29558,1):ocfs2_init_local_system_inodes:505 ERROR: status = -30
[ 1494.153717][T29558] (syz.4.8123,29558,0):ocfs2_mount_volume:1758 ERROR: status = -30
[ 1494.319467][T29466] hsr_slave_0: entered promiscuous mode
[ 1494.329383][T29466] hsr_slave_1: entered promiscuous mode
[ 1494.338453][T29558] (syz.4.8123,29558,0):ocfs2_fill_super:1177 ERROR: status = -30
[ 1494.373407][T29466] debugfs: 'hsr0' already exists in 'hsr'
[ 1494.379171][T29466] Cannot create hsr debugfs directory
[ 1494.868646][T29586] netlink: 244 bytes leftover after parsing attributes in process `syz.6.8131'.
[ 1495.092994][T29588] blktrace: Concurrent blktraces are not allowed on sg0
[ 1495.176304][T29466] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1495.224716][T29466] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1495.262299][T29466] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1495.288175][T29466] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1496.221364][T29466] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1496.319338][T29466] 8021q: adding VLAN 0 to HW filter on device team0
[ 1496.547022][  T162] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1496.554716][  T162] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1496.831198][  T162] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1496.838439][  T162] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1496.900159][T29614] netlink: 252 bytes leftover after parsing attributes in process `syz.4.8137'.
[ 1497.043353][T29614] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1497.050594][T29614] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1497.239673][T29614] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1499.214492][T29635] blktrace: Concurrent blktraces are not allowed on sg0
[ 1499.482259][T29466] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1499.742287][T22519] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1499.924201][T22519] usb 7-1: Using ep0 maxpacket: 32
[ 1499.938026][T22519] usb 7-1: config 0 has an invalid interface number: 196 but max is 0
[ 1499.952310][T22519] usb 7-1: config 0 has no interface number 0
[ 1499.994945][T22519] usb 7-1: config 0 interface 196 has no altsetting 0
[ 1500.028269][T22519] usb 7-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[ 1500.048850][T22519] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1500.077978][T22519] usb 7-1: Product: syz
[ 1500.094230][T22519] usb 7-1: Manufacturer: syz
[ 1500.123948][T29653] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8147'.
[ 1500.124623][T22519] usb 7-1: SerialNumber: syz
[ 1500.156049][T22519] usb 7-1: config 0 descriptor??
[ 1500.187570][T29466] veth0_vlan: entered promiscuous mode
[ 1500.206275][T29466] veth1_vlan: entered promiscuous mode
[ 1500.281376][T29466] veth0_macvtap: entered promiscuous mode
[ 1500.309845][T29466] veth1_macvtap: entered promiscuous mode
[ 1500.572095][T29639] team_slave_0: entered promiscuous mode
[ 1500.578395][T29639] team_slave_1: entered promiscuous mode
[ 1500.586469][T29639] vlan2: entered promiscuous mode
[ 1500.592234][T29639] team0: entered promiscuous mode
[ 1501.137555][T29466] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1501.155424][T22519] ipheth 7-1:0.196: Unable to find endpoints
[ 1501.167880][T22519] usb 7-1: USB disconnect, device number 3
[ 1501.322121][T29466] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1501.369591][T19157] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1501.383763][T29669] blktrace: Concurrent blktraces are not allowed on sg0
[ 1501.400201][T19157] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1501.421548][T19157] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1501.446298][T19157] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1501.707876][T29355] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1501.723729][T29355] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1501.781419][T29680] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8157'.
[ 1501.788497][T29355] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1501.807191][T29355] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1501.869762][T29682] netlink: 'syz.6.8158': attribute type 1 has an invalid length.
[ 1502.333775][T29695] debugfs: '1��^!�l�1�*�$pOc�ɔ��r$�G����t:�u�' already exists in 'ieee80211'
[ 1503.388610][T29703] blktrace: Concurrent blktraces are not allowed on sg0
[ 1503.574586][T29678] loop4: detected capacity change from 0 to 32768
[ 1503.594193][T29678] (syz.4.8156,29678,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1503.641379][T29678] (syz.4.8156,29678,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1503.667930][T29712] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8165'.
[ 1503.750409][T29678] JBD2: Ignoring recovery information on journal
[ 1503.936415][T29678] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1503.947595][T29721] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8168'.
[ 1505.305883][T29753] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8183'.
[ 1505.346254][T29756] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8185'.
[ 1505.359314][T24335] ocfs2: Unmounting device (7,4) on (node local)
[ 1505.558946][T29764] xt_hashlimit: max too large, truncated to 1048576
[ 1505.687608][T29770] bridge0: entered allmulticast mode
[ 1506.039964][T29785] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8196'.
[ 1506.241330][T16264] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1506.411446][T16264] usb 5-1: Using ep0 maxpacket: 32
[ 1506.422952][T16264] usb 5-1: config 0 has an invalid interface number: 196 but max is 0
[ 1506.449110][T16264] usb 5-1: config 0 has no interface number 0
[ 1506.476572][T16264] usb 5-1: config 0 interface 196 has no altsetting 0
[ 1506.502920][T16264] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[ 1506.536209][T16264] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1506.561354][T16264] usb 5-1: Product: syz
[ 1506.581332][T16264] usb 5-1: Manufacturer: syz
[ 1506.599513][T16264] usb 5-1: SerialNumber: syz
[ 1506.642911][T16264] usb 5-1: config 0 descriptor??
[ 1506.906090][T29781] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1506.983844][T29781] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1507.076358][T29781] team_slave_0: entered promiscuous mode
[ 1507.082688][T29781] team_slave_1: entered promiscuous mode
[ 1507.101336][T29781] vlan2: entered promiscuous mode
[ 1507.130969][T29781] team0: entered promiscuous mode
[ 1507.312773][T29800] tun0: tun_chr_ioctl cmd 1074025677
[ 1507.318245][T29800] tun0: linktype set to 270
[ 1507.328400][T16264] ipheth 5-1:0.196: Unable to find endpoints
[ 1507.366808][T16264] usb 5-1: USB disconnect, device number 20
[ 1507.963968][T29814] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8209'.
[ 1510.439011][T29833] loop4: detected capacity change from 0 to 32768
[ 1510.454107][T29833] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.8218 (29833)
[ 1510.495958][T29833] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1510.517882][T29833] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[ 1510.767235][T29833] BTRFS info (device loop4): enabling ssd optimizations
[ 1510.811281][T29833] BTRFS info (device loop4): turning on async discard
[ 1510.831260][T29833] BTRFS info (device loop4): enabling free space tree
[ 1511.046731][T24335] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1511.060881][T29886] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8233'.
[ 1511.083144][T29887] xt_hashlimit: max too large, truncated to 1048576
[ 1511.790678][T29902] syzkaller1: entered promiscuous mode
[ 1511.803329][T29902] syzkaller1: entered allmulticast mode
[ 1512.253844][T29910] tipc: New replicast peer: 172.20.20.63
[ 1512.259751][T29910] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1514.426846][T29942] syzkaller1: entered promiscuous mode
[ 1514.440955][T29942] syzkaller1: entered allmulticast mode
[ 1514.676291][T29937] loop4: detected capacity change from 0 to 32768
[ 1515.158896][T29959] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1515.660496][T29970] syzkaller1: entered promiscuous mode
[ 1515.688067][T29970] syzkaller1: entered allmulticast mode
[ 1516.661071][T29993] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1516.681298][T29975] loop4: detected capacity change from 0 to 32768
[ 1520.334752][T30029] tipc: New replicast peer: 172.20.20.63
[ 1520.341108][T30029] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1521.067236][T30057] netlink: 'syz.0.8291': attribute type 2 has an invalid length.
[ 1521.274179][   T42] team0: Port device geneve1 removed
[ 1522.142975][   T42] $H� (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1522.152473][   T42] bond_slave_0: left promiscuous mode
[ 1522.159577][   T42] $H� (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1522.169266][   T42] bond_slave_1: left promiscuous mode
[ 1522.178590][   T42] $H� (unregistering): (slave dummy0): Releasing backup interface
[ 1522.192426][   T42] dummy0: left promiscuous mode
[ 1522.197743][   T42] $H� (unregistering): Released all slaves
[ 1522.217839][T30041] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1522.227049][T30044] syzkaller0: entered promiscuous mode
[ 1522.242097][T30044] syzkaller0: entered allmulticast mode
[ 1522.268795][T30052] netlink: 'syz.0.8291': attribute type 29 has an invalid length.
[ 1522.323075][T30052] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8291'.
[ 1522.386077][T30056] tipc: Resetting bearer <eth:syzkaller0>
[ 1522.412361][T30035] tipc: Resetting bearer <eth:syzkaller0>
[ 1522.449242][T30035] tipc: Disabling bearer <eth:syzkaller0>
[ 1522.505617][T23368] tipc: Node number set to 86629155
[ 1522.522900][T30068] syzkaller1: entered promiscuous mode
[ 1522.528871][T30068] syzkaller1: entered allmulticast mode
[ 1522.538164][T30075] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1522.903299][   T42] hsr_slave_0: left promiscuous mode
[ 1522.935916][   T42] hsr_slave_1: left promiscuous mode
[ 1522.958366][   T42] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1523.180976][T30093] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8301'.
[ 1523.222318][   T42] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1523.427652][   T42] pim6reg (unregistering): left allmulticast mode
[ 1524.519332][T30122] netlink: 'syz.0.8308': attribute type 2 has an invalid length.
[ 1524.985519][   T42] team0 (unregistering): Port device team_slave_1 removed
[ 1525.076200][   T42] team0 (unregistering): Port device team_slave_0 removed
[ 1525.771262][T30118] netlink: 'syz.0.8308': attribute type 29 has an invalid length.
[ 1525.779084][T30118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8308'.
[ 1525.828880][T30137] netlink: 60 bytes leftover after parsing attributes in process `syz.7.8311'.
[ 1525.844324][T30124] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1526.270060][T30149] fuse: Bad value for 'fd'
[ 1526.311781][T30148] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8317'.
[ 1526.422444][T30157] netlink: 216 bytes leftover after parsing attributes in process `syz.7.8320'.
[ 1526.428072][   T42] IPVS: stop unused estimator thread 0...
[ 1526.454742][T30157] netlink: 24 bytes leftover after parsing attributes in process `syz.7.8320'.
[ 1526.471314][T30157] netlink: 16 bytes leftover after parsing attributes in process `syz.7.8320'.
[ 1527.284869][T30168] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1527.401238][T30167] tipc: Disabling bearer <eth:syzkaller0>
[ 1527.576356][T30181] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8329'.
[ 1527.646577][T30182] netlink: 'syz.7.8328': attribute type 29 has an invalid length.
[ 1527.656593][T30182] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8328'.
[ 1528.199839][T30188] netlink: 'syz.7.8328': attribute type 2 has an invalid length.
[ 1528.671002][T30188] : entered promiscuous mode
[ 1529.694044][T30215] netlink: 'syz.0.8338': attribute type 1 has an invalid length.
[ 1529.745680][T30215] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1532.587950][T30248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8348'.
[ 1532.693008][T30255] netlink: 'syz.7.8351': attribute type 1 has an invalid length.
[ 1532.727374][T30255] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1532.788645][T30258] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1534.677244][T30286] vlan2: entered promiscuous mode
[ 1534.683772][T30286] vlan2: entered allmulticast mode
[ 1534.689929][T30286] hsr_slave_1: entered allmulticast mode
[ 1535.122930][T30286] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8361'.
[ 1536.624763][T30316] orangefs_mount: mount request failed with -4
[ 1536.773548][T30325] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8372'.
[ 1537.518195][T30318] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input15
[ 1537.930951][T30350] netlink: 252 bytes leftover after parsing attributes in process `syz.7.8374'.
[ 1538.046464][T30350] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1538.915020][ T5841] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1538.926769][ T5841] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1538.942806][ T5841] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1538.950674][ T5841] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1538.959232][ T5841] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1539.160146][T30375] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8383'.
[ 1539.904599][T30372] chnl_net:caif_netlink_parms(): no params data found
[ 1540.356418][T30372] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1540.370259][T30372] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.398237][T30372] bridge_slave_0: entered allmulticast mode
[ 1540.437605][T30372] bridge_slave_0: entered promiscuous mode
[ 1540.476891][T30372] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.489495][T30372] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.502872][T30372] bridge_slave_1: entered allmulticast mode
[ 1540.522919][T30372] bridge_slave_1: entered promiscuous mode
[ 1540.763828][T30372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1540.806419][T30372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1540.881868][T16264] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1540.952296][T30372] team0: Port device team_slave_0 added
[ 1540.965466][T30372] team0: Port device team_slave_1 added
[ 1541.011548][ T5838] Bluetooth: hci6: command tx timeout
[ 1541.043348][T16264] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1541.054447][T16264] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1541.065243][T16264] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1541.077322][T16264] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1541.087461][T16264] usb 7-1: SerialNumber: syz
[ 1541.172747][T30372] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1541.193819][T30372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1541.254368][T30372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1541.267812][T30372] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1541.275181][T30372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1541.311374][T30372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1541.772159][T16264] usb 7-1: 0:2 : does not exist
[ 1541.902048][T16264] usb 7-1: USB disconnect, device number 4
[ 1542.257174][T16277] IPVS: starting estimator thread 0...
[ 1542.444133][T30420] IPVS: using max 27 ests per chain, 64800 per kthread
[ 1542.659008][T30372] hsr_slave_0: entered promiscuous mode
[ 1542.840238][T30372] hsr_slave_1: entered promiscuous mode
[ 1542.990272][T30372] debugfs: 'hsr0' already exists in 'hsr'
[ 1543.006305][T30372] Cannot create hsr debugfs directory
[ 1543.091813][ T5838] Bluetooth: hci6: command tx timeout
[ 1543.796633][T30372] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1543.882107][T30372] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1544.454172][T30372] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1544.497414][T30372] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1545.184288][ T5838] Bluetooth: hci6: command tx timeout
[ 1545.198907][T30461] xt_hashlimit: max too large, truncated to 1048576
[ 1545.516341][T30372] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1545.560663][T30372] 8021q: adding VLAN 0 to HW filter on device team0
[ 1545.578005][T15718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1545.585298][T15718] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1545.756171][  T162] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1545.763334][  T162] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1546.062091][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.083312][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.376543][T30372] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1546.696134][T30499] 8021q: VLANs not supported on vcan0
[ 1546.840515][T30372] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1547.271818][ T5838] Bluetooth: hci6: command tx timeout
[ 1548.376025][T30531] syzkaller0: entered promiscuous mode
[ 1548.402350][T30531] syzkaller0: entered allmulticast mode
[ 1548.650615][T30537] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8431'.
[ 1548.737667][T30372] veth0_vlan: entered promiscuous mode
[ 1548.773731][T30372] veth1_vlan: entered promiscuous mode
[ 1548.815597][T30372] veth0_macvtap: entered promiscuous mode
[ 1548.826961][T30372] veth1_macvtap: entered promiscuous mode
[ 1548.878912][T30372] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1548.891826][T30372] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1548.947484][T15746] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1548.976387][T15746] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.531813][T30547] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1549.548942][T15746] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.648967][ T5995] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.956201][T30443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1549.968310][T30443] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1550.491493][ T6012] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1550.616301][ T6012] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1552.277991][T30584] syzkaller0: entered promiscuous mode
[ 1552.410921][T30584] syzkaller0: entered allmulticast mode
[ 1552.435495][T30574] tipc: Started in network mode
[ 1552.441317][T30574] tipc: Node identity ac1414aa, cluster identity 4711
[ 1552.450619][T30574] tipc: New replicast peer: 172.20.20.63
[ 1552.458705][T30574] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1552.651844][T30602] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8444'.
[ 1552.871474][T30610] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8445'.
[ 1557.152781][ T5918] tipc: Node number set to 2886997162
[ 1558.581880][T30655] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1558.620024][T30656] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8456'.
[ 1559.793219][T30679] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8464'.
[ 1559.977351][T30676] 
: renamed from bridge_slave_0 (while UP)
[ 1562.615663][T30709] tipc: Started in network mode
[ 1562.621566][T30709] tipc: Node identity ac1414aa, cluster identity 4711
[ 1562.628513][T30709] tipc: New replicast peer: 172.20.20.63
[ 1562.742936][T30709] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1562.816167][T30712] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8475'.
[ 1563.299670][T30721] netlink: 212408 bytes leftover after parsing attributes in process `syz.8.8478'.
[ 1563.860312][ T5918] tipc: Node number set to 2886997162
[ 1564.132861][T30731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8482'.
[ 1564.272227][T30735] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8481'.
[ 1564.651555][T24580] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[ 1564.833320][T24580] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1564.846437][T24580] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 1564.880821][T24580] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1564.907314][T24580] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1564.936548][T30751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8488'.
[ 1564.960125][T30752] 
: renamed from bridge_slave_0 (while UP)
[ 1564.979067][T30737] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1565.002746][T30737] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1565.309219][T24580] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1565.688422][T30763] binder: 30757:30763 ioctl c0306201 200000000040 returned -14
[ 1566.123107][T24580] usb 7-1: USB disconnect, device number 5
[ 1566.641239][T30767] hsr_slave_1 (unregistering): left promiscuous mode
[ 1566.958291][T30773] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8494'.
[ 1568.652273][T30793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8501'.
[ 1569.922264][T30797] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8502'.
[ 1569.940470][T30781] trusted_key: syz.6.8498 sent an empty control message without MSG_MORE.
[ 1570.707664][T30807] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8504'.
[ 1571.106704][T30819] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8509'.
[ 1572.445694][T22850] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1572.660517][T30834] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8515'.
[ 1572.696132][T22850] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1572.706417][T22850] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1572.921540][T22850] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1572.933260][T22850] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1572.946908][T22850] usb 8-1: Manufacturer: syz
[ 1573.477139][T22850] usb 8-1: config 0 descriptor??
[ 1573.783341][T30846] syz.1.8519 (30846): drop_caches: 2
[ 1573.785943][T30851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1574.100442][T30851] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1574.338127][T22850] rc_core: IR keymap rc-hauppauge not found
[ 1574.356210][T22850] Registered IR keymap rc-empty
[ 1574.382091][T22850] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0
[ 1574.593198][T22850] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input16
[ 1574.905825][T23368] usb 8-1: USB disconnect, device number 2
[ 1575.943700][T22850] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1575.971954][T30879] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8530'.
[ 1576.137580][T22850] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1576.168092][T22850] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1576.199788][T22850] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[ 1576.221390][T22850] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1576.978549][T22850] usb 2-1: Product: syz
[ 1576.997415][T22850] usb 2-1: Manufacturer: syz
[ 1577.004776][T22850] usb 2-1: SerialNumber: syz
[ 1577.028921][T22850] usb 2-1: config 0 descriptor??
[ 1577.252540][T22850] usb 2-1: USB disconnect, device number 21
[ 1578.111122][T24610] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1578.292438][T24610] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1578.321346][T24610] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1578.395216][T24610] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1578.406284][T24610] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1578.446831][T24610] usb 2-1: Manufacturer: syz
[ 1578.472057][T24610] usb 2-1: config 0 descriptor??
[ 1578.732801][T24610] rc_core: IR keymap rc-hauppauge not found
[ 1578.756209][T24610] Registered IR keymap rc-empty
[ 1578.756765][T30922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1578.772961][T30922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1578.795284][T24610] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1578.841478][T24610] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input17
[ 1579.033323][T24610] usb 2-1: USB disconnect, device number 22
[ 1581.945190][T24580] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1582.074433][T16277] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1582.163097][T24580] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1582.173464][T24580] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1582.183909][T24580] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1582.200136][T24580] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 1582.214632][T24580] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 1582.227825][T24580] usb 9-1: Product: syz
[ 1582.232723][T24580] usb 9-1: Manufacturer: syz
[ 1582.237762][T24580] usb 9-1: SerialNumber: syz
[ 1582.245246][T16277] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1582.255684][T16277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1582.269164][T16277] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1582.284975][T16277] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1582.293817][T16277] usb 2-1: Manufacturer: syz
[ 1582.307601][T16277] usb 2-1: config 0 descriptor??
[ 1582.441302][T16277] rc_core: IR keymap rc-hauppauge not found
[ 1582.447718][T16277] Registered IR keymap rc-empty
[ 1582.575437][T16277] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1582.607260][T16277] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input18
[ 1582.623274][T24580] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1582.641686][T30965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1582.650478][T30965] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1582.763549][T16277] usb 2-1: USB disconnect, device number 23
[ 1582.820904][T30969] netlink: 'syz.0.8558': attribute type 3 has an invalid length.
[ 1582.838912][T24580] usb 9-1: USB disconnect, device number 2
[ 1582.853153][T24580] usblp0: removed
[ 1582.871084][T30969] netlink: 'syz.0.8558': attribute type 3 has an invalid length.
[ 1583.205313][T30973] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8559'.
[ 1583.616653][T30980] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8562'.
[ 1584.175681][T30979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8561'.
[ 1584.242680][T30979] openvswitch: netlink: Key type 796 is out of range max 32
[ 1584.386975][T30979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8561'.
[ 1584.654014][T30994] comedi comedi3: comedi_config --init_data is deprecated
[ 1585.277090][T31012] netlink: 'syz.8.8573': attribute type 29 has an invalid length.
[ 1585.285687][T31012] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8573'.
[ 1585.301779][T31012] netlink: 'syz.8.8573': attribute type 2 has an invalid length.
[ 1585.322076][T31012] : entered promiscuous mode
[ 1588.016676][T31033] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1588.028341][T31033] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1588.037439][T31033] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1588.048572][T31033] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1588.059463][T31033] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1588.447760][T31040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8583'.
[ 1588.457725][T31040] openvswitch: netlink: Key type 796 is out of range max 32
[ 1588.597569][T31049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8583'.
[ 1588.741918][T31047] sysfs: cannot create duplicate filename '/class/ieee80211/1��^!�l�1�*�$pOc�ɔ��r$�G����t:�u�'
[ 1588.775811][T31028] loop8: detected capacity change from 0 to 32768
[ 1588.798410][T31047] CPU: 1 UID: 0 PID: 31047 Comm: syz.7.8584 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1588.798440][T31047] Tainted: [L]=SOFTLOCKUP
[ 1588.798446][T31047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1588.798456][T31047] Call Trace:
[ 1588.798465][T31047]  <TASK>
[ 1588.798475][T31047]  dump_stack_lvl+0x189/0x250
[ 1588.798505][T31047]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1588.798525][T31047]  ? __pfx__printk+0x10/0x10
[ 1588.798553][T31047]  ? kernfs_path_from_node+0x2f/0x290
[ 1588.798569][T31047]  ? kernfs_path_from_node+0x250/0x290
[ 1588.798584][T31047]  ? kernfs_path_from_node+0x2f/0x290
[ 1588.798605][T31047]  sysfs_warn_dup+0x8e/0xa0
[ 1588.798623][T31047]  sysfs_do_create_link_sd+0xc0/0x110
[ 1588.798644][T31047]  device_add_class_symlinks+0x1cf/0x240
[ 1588.798675][T31047]  device_add+0x475/0xb80
[ 1588.798701][T31047]  wiphy_register+0x1d2e/0x2d20
[ 1588.798738][T31047]  ? __pfx_wiphy_register+0x10/0x10
[ 1588.798762][T31047]  ? minstrel_ht_alloc+0x6e0/0x7e0
[ 1588.798788][T31047]  ? ieee80211_init_rate_ctrl_alg+0x55d/0x5d0
[ 1588.798819][T31047]  ieee80211_register_hw+0x34a7/0x4110
[ 1588.798863][T31047]  ? ieee80211_register_hw+0x13f1/0x4110
[ 1588.798893][T31047]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1588.798911][T31047]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1588.798943][T31047]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1588.798969][T31047]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1588.798997][T31047]  ? __hrtimer_setup+0x181/0x200
[ 1588.799016][T31047]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1588.799036][T31047]  mac80211_hwsim_new_radio+0x2f76/0x5320
[ 1588.799091][T31047]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1588.799114][T31047]  ? __kmalloc_node_track_caller_noprof+0x594/0x820
[ 1588.799135][T31047]  ? kstrndup+0xbf/0x160
[ 1588.799166][T31047]  hwsim_new_radio_nl+0xf5b/0x1bd0
[ 1588.799198][T31047]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1588.799239][T31047]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1588.799271][T31047]  ? rcu_is_watching+0x15/0xb0
[ 1588.799298][T31047]  ? __nla_parse+0x40/0x60
[ 1588.799319][T31047]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1588.799354][T31047]  genl_family_rcv_msg_doit+0x215/0x300
[ 1588.799387][T31047]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1588.799427][T31047]  ? bpf_lsm_capable+0x9/0x20
[ 1588.799447][T31047]  ? security_capable+0x7e/0x2e0
[ 1588.799473][T31047]  genl_rcv_msg+0x60e/0x790
[ 1588.799502][T31047]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1588.799523][T31047]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1588.799563][T31047]  netlink_rcv_skb+0x208/0x470
[ 1588.799585][T31047]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1588.799610][T31047]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1588.799648][T31047]  ? down_read+0x274/0x2e0
[ 1588.799665][T31047]  ? genl_rcv+0xd/0x40
[ 1588.799688][T31047]  genl_rcv+0x28/0x40
[ 1588.799708][T31047]  netlink_unicast+0x82f/0x9e0
[ 1588.799736][T31047]  ? __pfx_netlink_unicast+0x10/0x10
[ 1588.799756][T31047]  ? netlink_sendmsg+0x642/0xb30
[ 1588.799774][T31047]  ? skb_put+0x11b/0x210
[ 1588.799796][T31047]  netlink_sendmsg+0x805/0xb30
[ 1588.799815][T31047]  ? aa_sk_perm+0x15f/0x920
[ 1588.799842][T31047]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1588.799873][T31047]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1588.799904][T31047]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1588.799923][T31047]  sock_sendmsg_nosec+0x18f/0x1d0
[ 1588.799950][T31047]  ____sys_sendmsg+0x577/0x880
[ 1588.799978][T31047]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1588.800008][T31047]  ? import_iovec+0x74/0xa0
[ 1588.800031][T31047]  ___sys_sendmsg+0x21f/0x2a0
[ 1588.800053][T31047]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1588.800080][T31047]  ? futex_wake+0x4b2/0x560
[ 1588.800131][T31047]  ? __fget_files+0x2a/0x420
[ 1588.800152][T31047]  ? __fget_files+0x3a0/0x420
[ 1588.800186][T31047]  __x64_sys_sendmsg+0x19b/0x260
[ 1588.800208][T31047]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1588.800243][T31047]  ? do_syscall_64+0xbe/0xf80
[ 1588.800264][T31047]  do_syscall_64+0xfa/0xf80
[ 1588.800281][T31047]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1588.800298][T31047]  ? clear_bhb_loop+0x60/0xb0
[ 1588.800319][T31047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1588.800335][T31047] RIP: 0033:0x7f54dd58f749
[ 1588.800351][T31047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1588.800364][T31047] RSP: 002b:00007f54de49e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1588.800382][T31047] RAX: ffffffffffffffda RBX: 00007f54dd7e6090 RCX: 00007f54dd58f749
[ 1588.800396][T31047] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 000000000000000b
[ 1588.800407][T31047] RBP: 00007f54dd613f91 R08: 0000000000000000 R09: 0000000000000000
[ 1588.800419][T31047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1588.800429][T31047] R13: 00007f54dd7e6128 R14: 00007f54dd7e6090 R15: 00007fff7f244a48
[ 1588.800463][T31047]  </TASK>
[ 1589.275219][T31033] Bluetooth: hci4: command 0x0406 tx timeout
[ 1589.792651][T22492] syz_tun (unregistering): left allmulticast mode
[ 1589.818811][T31030] chnl_net:caif_netlink_parms(): no params data found
[ 1590.091554][T31057] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8586'.
[ 1590.132439][ T5838] Bluetooth: hci7: command tx timeout
[ 1590.148653][T31066] loop8: detected capacity change from 0 to 512
[ 1590.674563][T31066] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1590.751851][T30629] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1590.752599][T31066] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4215: comm syz.8.8586: Allocating blocks 41-42 which overlap fs metadata
[ 1590.941508][T31066] Quota error (device loop8): write_blk: dquota write failed
[ 1590.953593][T31066] Quota error (device loop8): find_free_dqentry: Can't write quota data block 5
[ 1590.964358][T31066] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[ 1590.993593][T31066] EXT4-fs error (device loop8): ext4_acquire_dquot:6986: comm syz.8.8586: Failed to acquire dquot type 1
[ 1591.060322][T31066] EXT4-fs error (device loop8): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1591.087348][T31066] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.8586: corrupted inode contents
[ 1591.132941][T31066] EXT4-fs error (device loop8): ext4_dirty_inode:6502: inode #12: comm syz.8.8586: mark_inode_dirty error
[ 1591.166724][T31066] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.8586: corrupted inode contents
[ 1591.191619][T31066] EXT4-fs error (device loop8): __ext4_ext_dirty:211: inode #12: comm syz.8.8586: mark_inode_dirty error
[ 1591.221601][T31066] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.8586: corrupted inode contents
[ 1591.251439][T31066] EXT4-fs error (device loop8) in ext4_orphan_del:303: Corrupt filesystem
[ 1591.255802][T30629] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.262055][T23368] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1591.291526][T31066] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.8586: corrupted inode contents
[ 1591.365202][T31066] EXT4-fs error (device loop8): ext4_truncate:4635: inode #12: comm syz.8.8586: mark_inode_dirty error
[ 1591.378794][T31066] EXT4-fs error (device loop8) in ext4_process_orphan:345: Corrupt filesystem
[ 1591.396974][T31066] EXT4-fs (loop8): 1 truncate cleaned up
[ 1591.404940][T31066] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1591.425925][T31066] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1591.478889][T31030] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1591.486860][T31030] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1591.494669][T31030] bridge_slave_0: entered allmulticast mode
[ 1591.503734][T31030] bridge_slave_0: entered promiscuous mode
[ 1591.541189][T23368] usb 8-1: Using ep0 maxpacket: 8
[ 1591.560890][T23368] usb 8-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1591.589851][T23368] usb 8-1: config 6 interface 0 altsetting 0 has an endpoint descriptor with address 0xEC, changing to 0x8C
[ 1591.610397][T30629] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.620915][T23368] usb 8-1: config 6 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[ 1591.634029][T23368] usb 8-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[ 1591.643399][T23368] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1591.664656][T23368] usb 8-1: Product: syz
[ 1591.678370][T31030] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1591.685742][T23368] usb 8-1: Manufacturer: syz
[ 1591.690331][T23368] usb 8-1: SerialNumber: syz
[ 1591.706134][T31030] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1591.723759][T23368] hso 8-1:6.0: Can't find BULK IN endpoint
[ 1591.733796][T31030] bridge_slave_1: entered allmulticast mode
[ 1591.753033][T31030] bridge_slave_1: entered promiscuous mode
[ 1591.842969][T30629] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.920599][T31030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1591.940885][T22519] usb 8-1: USB disconnect, device number 3
[ 1591.957411][T31030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1592.211267][ T5838] Bluetooth: hci7: command tx timeout
[ 1593.289405][T31030] team0: Port device team_slave_0 added
[ 1593.323880][T31030] team0: Port device team_slave_1 added
[ 1593.404543][T31103] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8598'.
[ 1593.483554][T31030] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1593.493865][T31030] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1593.524346][T31030] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1593.918476][T31104] debugfs: '1��^!�l�1�*�$pOc�ɔ��r$�G����t:�u�' already exists in 'ieee80211'
[ 1594.094022][T31102] loop8: detected capacity change from 0 to 32768
[ 1594.121689][T31102] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.8599 (31102)
[ 1594.304291][ T5838] Bluetooth: hci7: command tx timeout
[ 1594.580389][T31102] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1594.596146][T31030] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1594.598219][T31102] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[ 1594.633994][   T30] audit: type=1800 audit(2000000541.159:5211): pid=31105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.8596" name="bus" dev="ramfs" ino=103132 res=0 errno=0
[ 1594.711237][T31030] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1594.785333][T31030] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1594.793639][T31102] BTRFS info (device loop8): enabling ssd optimizations
[ 1594.858975][T31102] BTRFS info (device loop8): turning on async discard
[ 1594.884356][T31102] BTRFS info (device loop8): enabling free space tree
[ 1594.996847][T31030] hsr_slave_0: entered promiscuous mode
[ 1595.014878][T31030] hsr_slave_1: entered promiscuous mode
[ 1595.034740][T31030] debugfs: 'hsr0' already exists in 'hsr'
[ 1595.040513][T31030] Cannot create hsr debugfs directory
[ 1595.099633][T30372] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1595.464003][T22850] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1595.527965][T31144] ubi: mtd0 is already attached to ubi31
[ 1595.631223][T22850] usb 8-1: Using ep0 maxpacket: 32
[ 1595.641542][T22850] usb 8-1: config 0 has an invalid interface number: 196 but max is 0
[ 1595.650064][T22850] usb 8-1: config 0 has no interface number 0
[ 1595.659235][T22850] usb 8-1: config 0 interface 196 has no altsetting 0
[ 1595.680554][T22850] usb 8-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[ 1595.693870][T22850] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1595.711149][T22850] usb 8-1: Product: syz
[ 1595.734474][T22850] usb 8-1: Manufacturer: syz
[ 1595.739085][T22850] usb 8-1: SerialNumber: syz
[ 1595.773082][T22850] usb 8-1: config 0 descriptor??
[ 1595.994132][T31140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1596.006349][T31140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1596.371506][ T5838] Bluetooth: hci7: command tx timeout
[ 1597.337855][   T30] audit: type=1800 audit(2000000543.869:5212): pid=31161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.8615" name="bus" dev="ramfs" ino=104029 res=0 errno=0
[ 1597.609171][T30629] $H� (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1597.772079][T30629] $H� (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1597.783726][T30629] $H� (unregistering): Released all slaves
[ 1598.082889][T30629] bond0 (unregistering): Released all slaves
[ 1598.141662][T31140] team_slave_0: entered promiscuous mode
[ 1598.147543][T31140] team_slave_1: entered promiscuous mode
[ 1598.155701][T31140] vlan2: entered promiscuous mode
[ 1598.161014][T31140] team0: entered promiscuous mode
[ 1598.192974][T31151] debugfs: '1��^!�l�1�*�$pOc�ɔ��r$�G����t:�u�' already exists in 'ieee80211'
[ 1598.265353][T30629] : left promiscuous mode
[ 1598.274709][T22850] ipheth 8-1:0.196: Unable to find endpoints
[ 1598.318054][T22850] usb 8-1: USB disconnect, device number 4
[ 1598.409702][T30629] tipc: Disabling bearer <eth:ipvlan0>
[ 1598.547043][T30629] tipc: Disabling bearer <udp:syz2>
[ 1598.572730][T30629] tipc: Left network mode
[ 1599.053562][T31184] netlink: 'syz.8.8626': attribute type 1 has an invalid length.
[ 1599.113710][T31184] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1599.194359][T31184] macvlan2: entered promiscuous mode
[ 1599.204078][T31184] macvlan2: entered allmulticast mode
[ 1599.209865][T31184] bond1: entered allmulticast mode
[ 1599.231346][T31184] bond1: entered promiscuous mode
[ 1599.237362][T31184] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1599.323448][T31184] team0: Port device macvlan2 added
[ 1599.869287][T31190] ip6gretap1: entered promiscuous mode
[ 1599.889118][T31190] ip6gretap1: entered allmulticast mode
[ 1600.028674][T31190] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 1600.773303][   T30] audit: type=1800 audit(2000000547.309:5213): pid=31197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.8627" name="bus" dev="ramfs" ino=104459 res=0 errno=0
[ 1601.661901][T30629] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1601.708841][T30629] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1601.722869][T30629] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1601.741242][T30629] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1601.820307][T30629] veth1_macvtap: left promiscuous mode
[ 1601.856703][T30629] veth0_macvtap: left promiscuous mode
[ 1601.869298][T30629] veth1_vlan: left promiscuous mode
[ 1601.897331][T30629] veth0_vlan: left promiscuous mode
[ 1601.944890][T31229] netlink: 'syz.8.8638': attribute type 2 has an invalid length.
[ 1602.193212][T31234] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8641'.
[ 1603.160121][T31243] netlink: 'syz.0.8643': attribute type 1 has an invalid length.
[ 1603.597228][T30629] team0 (unregistering): Port device team_slave_1 removed
[ 1603.655989][T30629] team0 (unregistering): Port device team_slave_0 removed
[ 1604.341440][T31228] netlink: 'syz.8.8638': attribute type 29 has an invalid length.
[ 1604.349348][T31228] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8638'.
[ 1604.379227][T31234] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1604.392090][T31243] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[ 1604.663356][T31260] comedi comedi3: comedi_config --init_data is deprecated
[ 1605.308995][T30629] IPVS: stop unused estimator thread 0...
[ 1605.516205][T31278] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8654'.
[ 1605.517076][T31030] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1605.588083][T31030] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1605.645157][T31030] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1605.716899][T31030] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1605.923732][T31295] netlink: 'syz.7.8658': attribute type 1 has an invalid length.
[ 1606.049920][T31295] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1606.128843][T31297] macvlan2: entered promiscuous mode
[ 1606.163702][T31297] macvlan2: entered allmulticast mode
[ 1606.171661][T31297] bond2: entered allmulticast mode
[ 1606.177291][T31297] bond2: entered promiscuous mode
[ 1606.191234][T31297] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1606.264801][T31297] team0: Port device macvlan2 added
[ 1606.334058][T31295] ip6gretap1: entered promiscuous mode
[ 1606.350962][T31295] ip6gretap1: entered allmulticast mode
[ 1606.369457][T31295] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 1606.528541][T31030] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1606.577202][T31030] 8021q: adding VLAN 0 to HW filter on device team0
[ 1606.594500][T31305] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8661'.
[ 1606.608339][T31305] openvswitch: netlink: Key type 796 is out of range max 32
[ 1606.620541][T30629] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1606.627686][T30629] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1606.644145][T30629] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1606.651315][T30629] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1606.729766][T31308] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8661'.
[ 1606.743982][T31030] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1606.755088][T31030] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1607.286913][T31030] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1607.439977][T31030] veth0_vlan: entered promiscuous mode
[ 1607.472913][T31030] veth1_vlan: entered promiscuous mode
[ 1607.494610][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.504339][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1607.607765][T31030] veth0_macvtap: entered promiscuous mode
[ 1607.626888][T31030] veth1_macvtap: entered promiscuous mode
[ 1608.100274][T31030] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1608.303025][T31030] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1608.366680][T15720] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1608.504219][T15720] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1608.525186][T15720] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1608.534635][T15720] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1609.143233][T31349] ubi: mtd0 is already attached to ubi31
[ 1610.168203][T31358] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8676'.
[ 1610.198105][T31359] netlink: 212408 bytes leftover after parsing attributes in process `syz.7.8675'.
[ 1610.215159][T31358] openvswitch: netlink: Key type 796 is out of range max 32
[ 1610.261445][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1610.282252][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1610.319943][T31362] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8676'.
[ 1610.537919][  T176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1610.625914][T31370] xt_hashlimit: max too large, truncated to 1048576
[ 1611.081237][  T176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1611.487756][T31379] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8682'.
[ 1611.516117][T31381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8681'.
[ 1611.526051][T31379] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8682'.
[ 1613.039005][T31394] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8686'.
[ 1613.053424][T31394] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1613.061098][T31394] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1613.322287][T31033] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1613.336666][T31033] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1613.346216][T31033] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1613.364833][T31033] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1613.377966][T31033] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1613.533412][T31385] loop8: detected capacity change from 0 to 32768
[ 1613.633616][T31385] (syz.8.8683,31385,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1613.708402][T31385] (syz.8.8683,31385,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1614.108112][T31385] JBD2: Ignoring recovery information on journal
[ 1614.241221][T31385] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[ 1614.477049][T31396] chnl_net:caif_netlink_parms(): no params data found
[ 1614.669641][ T5995] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1614.988246][T30372] ocfs2: Unmounting device (7,8) on (node local)
[ 1615.056685][ T5995] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1615.167253][T31396] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1615.191553][T31396] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1615.212612][T31396] bridge_slave_0: entered allmulticast mode
[ 1615.247247][T31396] bridge_slave_0: entered promiscuous mode
[ 1615.433106][ T5838] Bluetooth: hci0: command tx timeout
[ 1615.779666][ T5995] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1615.839552][T31396] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1615.872046][T31431] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8694'.
[ 1615.885053][T31431] openvswitch: netlink: Key type 1052 is out of range max 32
[ 1615.911566][T31396] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1615.931794][T31396] bridge_slave_1: entered allmulticast mode
[ 1615.991581][T31396] bridge_slave_1: entered promiscuous mode
[ 1616.010390][T31438] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8694'.
[ 1616.165290][ T5995] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1616.204769][   T30] audit: type=1326 audit(2000000562.739:5214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31443 comm="syz.6.8698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47cb38f749 code=0x7ffc0000
[ 1616.238209][   T30] audit: type=1326 audit(2000000562.739:5215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31443 comm="syz.6.8698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47cb38f749 code=0x7ffc0000
[ 1616.262520][   T30] audit: type=1326 audit(2000000562.769:5216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31443 comm="syz.6.8698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f47cb38f749 code=0x7ffc0000
[ 1616.288838][   T30] audit: type=1326 audit(2000000562.769:5217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31443 comm="syz.6.8698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47cb38f749 code=0x7ffc0000
[ 1616.312892][   T30] audit: type=1326 audit(2000000562.769:5218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31443 comm="syz.6.8698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47cb38f749 code=0x7ffc0000
[ 1616.343203][T31396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1616.344977][T22816] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1616.414427][T31448] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8699'.
[ 1616.660279][T22816] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[ 1616.661969][T31396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1616.687583][T22816] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1616.851588][T22816] usb 2-1: Product: syz
[ 1616.855882][T22816] usb 2-1: Manufacturer: syz
[ 1616.862346][T22816] usb 2-1: SerialNumber: syz
[ 1616.893094][T22816] usb 2-1: config 0 descriptor??
[ 1617.463242][T22816] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[ 1617.481360][T22816] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1617.501709][ T5838] Bluetooth: hci0: command tx timeout
[ 1617.513818][T22816] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[ 1617.541395][T22816] usb 2-1: media controller created
[ 1617.542342][T31396] team0: Port device team_slave_0 added
[ 1617.656559][T31396] team0: Port device team_slave_1 added
[ 1617.727523][T22816] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1618.220377][T22816] DVB: Unable to find symbol mt352_attach()
[ 1618.264937][ T5995] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1618.296925][ T5995] ip6gretap1 (unregistering): left allmulticast mode
[ 1618.308993][T22816] DVB: Unable to find symbol nxt6000_attach()
[ 1618.340772][T22816] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[ 1618.443183][T22816] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input19
[ 1618.571048][T22816] dvb-usb: schedule remote query interval to 1000 msecs.
[ 1618.578156][T22816] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[ 1618.628797][T22816] dvb-usb: bulk message failed: -22 (7/0)
[ 1618.722779][T22816] dvb-usb: bulk message failed: -22 (7/0)
[ 1618.736128][T22816] usb 2-1: USB disconnect, device number 24
[ 1618.929626][T22816] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[ 1619.524961][ T5995] $H� (unregistering): Released all slaves
[ 1619.612117][ T5838] Bluetooth: hci0: command tx timeout
[ 1620.380700][ T5995] bond1 (unregistering): left allmulticast mode
[ 1620.387695][ T5995] bond1 (unregistering): left promiscuous mode
[ 1620.435964][ T5995] team0: Port device macvlan3 removed
[ 1620.456142][ T5995] bond1 (unregistering): Released all slaves
[ 1620.745256][ T5995] bond0 (unregistering): Released all slaves
[ 1620.931764][ T5995] bond2 (unregistering): left allmulticast mode
[ 1620.938272][ T5995] bond2 (unregistering): left promiscuous mode
[ 1620.965646][ T5995] team0: Port device macvlan4 removed
[ 1620.982014][ T5995] bond2 (unregistering): Released all slaves
[ 1621.198786][ T5995] bond3 (unregistering): Released all slaves
[ 1621.217120][T31396] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1621.225138][T31396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1621.251692][T31396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1621.266424][T31396] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1621.284754][T31396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1621.324590][T31396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1621.359802][T31479] syzkaller1: entered promiscuous mode
[ 1621.366211][T31479] syzkaller1: entered allmulticast mode
[ 1621.373895][ T5995] : left promiscuous mode
[ 1621.510120][ T5995] tipc: Disabling bearer <udp:syz2>
[ 1621.521308][ T5995] tipc: Left network mode
[ 1621.591341][T31484] vivid-000: =================  START STATUS  =================
[ 1621.599452][T31484] vivid-000: Radio HW Seek Mode: Bounded
[ 1621.645063][T31396] hsr_slave_0: entered promiscuous mode
[ 1621.650874][ T5838] Bluetooth: hci0: command tx timeout
[ 1621.666612][T31484] vivid-000: Radio Programmable HW Seek: false
[ 1621.679016][T31396] hsr_slave_1: entered promiscuous mode
[ 1621.753365][T31484] vivid-000: RDS Rx I/O Mode: Block I/O
[ 1622.059592][T31396] debugfs: 'hsr0' already exists in 'hsr'
[ 1622.069557][T31396] Cannot create hsr debugfs directory
[ 1622.110419][T31484] vivid-000: Generate RBDS Instead of RDS: false
[ 1622.332109][T31484] vivid-000: RDS Reception: true
[ 1622.337326][T31484] vivid-000: RDS Program Type: 0 inactive
[ 1622.344633][T31484] vivid-000: RDS PS Name:  inactive
[ 1622.350105][T31484] vivid-000: RDS Radio Text:  inactive
[ 1622.356960][T31484] vivid-000: RDS Traffic Announcement: false inactive
[ 1622.454512][T31484] vivid-000: RDS Traffic Program: false inactive
[ 1622.463023][T31484] vivid-000: RDS Music: false inactive
[ 1622.469021][T31484] vivid-000: ==================  END STATUS  ==================
[ 1622.984631][ T5995] hsr_slave_0: left promiscuous mode
[ 1623.041335][ T5995] veth1_macvtap: left promiscuous mode
[ 1623.233826][ T5995] veth0_macvtap: left promiscuous mode
[ 1623.252915][ T5995] veth1_vlan: left promiscuous mode
[ 1623.267854][ T5995] veth0_vlan: left promiscuous mode
[ 1623.834402][T31508] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8716'.
[ 1623.966346][T31511] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8718'.
[ 1625.025032][T31505] loop8: detected capacity change from 0 to 32768
[ 1625.360579][T31505] (syz.8.8715,31505,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1625.423193][T31505] (syz.8.8715,31505,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1625.476864][T31505] JBD2: Ignoring recovery information on journal
[ 1625.595437][T31505] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[ 1626.467446][T30372] ocfs2: Unmounting device (7,8) on (node local)
[ 1627.369777][T31511] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1627.384696][T31534] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[ 1627.405938][T31534] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[ 1627.416013][T31534] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1627.685658][T31552] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8728'.
[ 1627.739327][T31555] ALSA: mixer_oss: invalid OSS volume '�����Y��{��������U����D��D�'
[ 1627.768852][T31550] comedi comedi3: comedi_config --init_data is deprecated
[ 1627.777795][T31555] ALSA: mixer_oss: invalid OSS volume 'ߧ�4c�T���󯆩"�m!l�T.�Π����'
[ 1627.960927][T31555] ALSA: mixer_oss: invalid OSS volume 'lg�'
[ 1627.975478][T31555] ALSA: mixer_oss: invalid OSS volume '�)n���k�Ki��,r��WY\�ZV����?J`G'
[ 1628.018186][T31555] ALSA: mixer_oss: invalid OSS volume 'k�O0���$��g��{�
pl{��y;_A�RW��'
[ 1629.008581][T31566] 
: renamed from bridge_slave_0 (while UP)
[ 1630.163227][T31396] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1630.198732][T31396] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1630.332967][T31396] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1630.914894][T31396] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1631.278210][T31396] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1631.281966][T31594] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8739'.
[ 1631.316989][T31396] 8021q: adding VLAN 0 to HW filter on device team0
[ 1631.336937][  T162] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1631.344198][  T162] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1631.390093][T14795] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1631.397564][T14795] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1632.471399][T31396] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1632.594169][T31627] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8749'.
[ 1632.674745][T31396] veth0_vlan: entered promiscuous mode
[ 1632.720317][T31396] veth1_vlan: entered promiscuous mode
[ 1632.834731][T31396] veth0_macvtap: entered promiscuous mode
[ 1632.854497][T31396] veth1_macvtap: entered promiscuous mode
[ 1632.884461][T31630] macvlan2: entered promiscuous mode
[ 1632.889912][T31630] macvlan2: entered allmulticast mode
[ 1632.897141][T31630] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[ 1632.907682][T31630] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[ 1632.923041][T31630] team0: Port device macvlan2 added
[ 1632.946037][T31396] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1633.014193][T31396] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1633.042258][T15720] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1633.112619][T28772] NFSD: Failed to start, no listeners configured.
[ 1633.196293][T15720] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1633.222537][T31618] loop8: detected capacity change from 0 to 32768
[ 1633.229166][T15720] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1633.243810][T31618] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.8746 (31618)
[ 1633.269888][T15720] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1633.358176][T31618] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1633.374650][T31618] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[ 1633.476961][ T5995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1633.491564][ T5995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1633.565966][T31618] BTRFS info (device loop8): enabling ssd optimizations
[ 1633.574525][T31618] BTRFS info (device loop8): turning on async discard
[ 1633.581488][T31618] BTRFS info (device loop8): enabling free space tree
[ 1633.595343][ T5995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1633.604311][ T5995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1633.726244][T30372] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1634.672299][T31667] pimreg: entered allmulticast mode
[ 1634.689949][T31670] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8759'.
[ 1638.622277][T31707] netlink: 32 bytes leftover after parsing attributes in process `syz.8.8771'.
[ 1638.632099][T31705] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8768'.
[ 1638.963552][T31705] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1639.054722][T31715] fuse: Unknown parameter 'grou00000000000000000000'
[ 1639.282241][T31721] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8776'.
[ 1639.563250][T31735] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8783'.
[ 1639.575340][T31735] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8783'.
[ 1640.315626][T31747] netlink: 'syz.8.8786': attribute type 9 has an invalid length.
[ 1640.460892][T31747] netlink: 'syz.8.8786': attribute type 11 has an invalid length.
[ 1640.469488][T31747] netlink: 'syz.8.8786': attribute type 12 has an invalid length.
[ 1640.500768][T31747] netlink: 210020 bytes leftover after parsing attributes in process `syz.8.8786'.
[ 1643.784538][T31787] comedi comedi3: comedi_config --init_data is deprecated
[ 1644.069500][T31789] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.8798'.
[ 1644.821546][T31800] netlink: 32 bytes leftover after parsing attributes in process `syz.6.8802'.
[ 1644.837657][T31800] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8802'.
[ 1646.818220][T31829] netlink: 'syz.8.8812': attribute type 9 has an invalid length.
[ 1646.889052][T31829] netlink: 'syz.8.8812': attribute type 11 has an invalid length.
[ 1646.898274][T31829] netlink: 'syz.8.8812': attribute type 12 has an invalid length.
[ 1646.908035][T31833] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8814'.
[ 1646.917335][T31829] netlink: 210020 bytes leftover after parsing attributes in process `syz.8.8812'.
[ 1646.926814][T31833] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8814'.
[ 1646.954939][T31833] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8814'.
[ 1647.075570][T31835] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1649.684585][T31863] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.8825'.
[ 1649.880668][T31868] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8826'.
[ 1649.904622][T31868] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8826'.
[ 1650.014199][T31869] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8826'.
[ 1651.451674][T31893] sp0: Synchronizing with TNC
[ 1652.125864][T31890] [U] �`
[ 1653.621009][T25099] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1653.792905][T25099] usb 7-1: config 0 has an invalid interface number: 182 but max is 1
[ 1653.802794][T31926] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8841'.
[ 1653.810824][T25099] usb 7-1: config 0 has no interface number 1
[ 1653.826239][T25099] usb 7-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=9c.af
[ 1653.841297][T31926] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8841'.
[ 1653.845639][T25099] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1653.877024][T31926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8841'.
[ 1653.887243][T25099] usb 7-1: config 0 descriptor??
[ 1656.516657][T31950] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8849'.
[ 1656.554243][T31950] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1656.584419][T31950] macvlan3: entered promiscuous mode
[ 1656.592144][T31950] macvlan3: entered allmulticast mode
[ 1656.653218][T31960] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1656.866122][T25099] usb 7-1: USB disconnect, device number 6
[ 1657.343140][T31968] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8854'.
[ 1658.931217][T31033] Bluetooth: hci0: command 0x0405 tx timeout
[ 1658.955191][T31987] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1659.247093][   T30] audit: type=1800 audit(2000000605.779:5219): pid=31980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.8859" name="bus" dev="ramfs" ino=108925 res=0 errno=0
[ 1659.542089][T31997] fuse: Bad value for 'user_id'
[ 1659.550572][T31997] fuse: Bad value for 'user_id'
[ 1659.876954][T32007] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8867'.
[ 1659.891044][T24580] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1660.121079][T24580] usb 2-1: Using ep0 maxpacket: 8
[ 1660.286028][T24580] usb 2-1: config index 0 descriptor too short (expected 30, got 18)
[ 1660.313869][T24580] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1660.565475][T24580] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1660.597196][T24580] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1660.619828][T24580] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.655684][T24580] usb 2-1: Product: syz
[ 1660.664576][T24580] usb 2-1: Manufacturer: syz
[ 1660.675972][T24580] usb 2-1: SerialNumber: syz
[ 1660.697964][T24580] usb 2-1: config 0 descriptor??
[ 1661.025031][T24580] usb 2-1: USB disconnect, device number 25
[ 1661.922443][T32034] fuse: Bad value for 'user_id'
[ 1662.060884][T32034] fuse: Bad value for 'user_id'
[ 1662.101008][T32038] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8878'.
[ 1662.114469][T32038] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8878'.
[ 1662.158308][T32038] netlink: 'syz.6.8878': attribute type 20 has an invalid length.
[ 1662.204193][T32038] netlink: 'syz.6.8878': attribute type 21 has an invalid length.
[ 1662.985511][T32053] netlink: 20 bytes leftover after parsing attributes in process `syz.8.8885'.
[ 1663.079395][T32057] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8885'.
[ 1664.040257][T32064] syz.1.8887 (32064): drop_caches: 2
[ 1665.653603][T32085] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1665.671696][T32086] bond1: (slave dummy0): Enslaving as an active interface with an up link
[ 1665.953659][ T5838] Bluetooth: hci6: command 0x0406 tx timeout
[ 1666.421843][T25099] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1666.698767][T25099] usb 8-1: Using ep0 maxpacket: 8
[ 1666.807978][T25099] usb 8-1: config 0 has no interfaces?
[ 1666.830625][T25099] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1666.891424][T25099] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1666.903940][T25099] usb 8-1: config 0 descriptor??
[ 1667.131935][T25099] usb 8-1: USB disconnect, device number 5
[ 1667.801715][T32093] bond1 (unregistering): (slave dummy0): Releasing backup interface
[ 1667.899275][T32115] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8900'.
[ 1667.928706][T32093] bond1 (unregistering): Released all slaves
[ 1668.054986][T32116] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8900'.
[ 1668.937924][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.996294][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1671.470987][T32163] netlink: 'syz.1.8912': attribute type 1 has an invalid length.
[ 1671.614303][T32163] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1671.674630][T32166] bond1: (slave dummy0): Enslaving as an active interface with an up link
[ 1671.894364][T32173] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8914'.
[ 1671.951384][T32173] openvswitch: netlink: Key 3 has unexpected len 2 expected 4
[ 1672.175985][T32179] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8914'.
[ 1672.487266][T32163] bond1 (unregistering): (slave dummy0): Releasing backup interface
[ 1672.501719][T32163] bond1 (unregistering): Released all slaves
[ 1673.630097][T32199] syzkaller0: entered promiscuous mode
[ 1673.657728][T32199] syzkaller0: entered allmulticast mode
[ 1674.691615][   T31] INFO: task syz.4.8305:30100 blocked for more than 143 seconds.
[ 1674.774543][   T31]       Tainted: G             L      syzkaller #0
[ 1674.814094][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1674.834912][   T31] task:syz.4.8305      state:D stack:27288 pid:30100 tgid:30099 ppid:24335  task_flags:0x400040 flags:0x00080002
[ 1674.859671][   T31] Call Trace:
[ 1674.866804][   T31]  <TASK>
[ 1674.872438][   T31]  __schedule+0x14bc/0x5000
[ 1674.881375][   T31]  ? __pfx___schedule+0x10/0x10
[ 1674.891771][   T31]  ? schedule+0x91/0x360
[ 1674.899521][   T31]  schedule+0x165/0x360
[ 1674.904702][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1674.910426][   T31]  __mutex_lock+0x7e6/0x1350
[ 1674.930537][   T31]  ? __mutex_lock+0x5bb/0x1350
[ 1674.936986][   T31]  ? nfsd_nl_listener_get_doit+0x10a/0x5e0
[ 1674.943334][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1674.948727][   T31]  ? __nlmsg_put+0xef/0x1b0
[ 1674.953398][   T31]  ? genlmsg_put+0x137/0x2e0
[ 1674.958107][   T31]  nfsd_nl_listener_get_doit+0x10a/0x5e0
[ 1674.977647][   T31]  ? genl_family_rcv_msg_attrs_parse+0x13b/0x2a0
[ 1674.987832][   T31]  genl_family_rcv_msg_doit+0x215/0x300
[ 1674.997145][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1675.004177][   T31]  ? trim_netdev_trace+0x2a3/0x3d0
[ 1675.009432][   T31]  genl_rcv_msg+0x60e/0x790
[ 1675.015848][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1675.025631][   T31]  ? __pfx_nfsd_nl_listener_get_doit+0x10/0x10
[ 1675.034432][   T31]  netlink_rcv_skb+0x208/0x470
[ 1675.039398][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1675.045285][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1675.050872][   T31]  ? down_read+0x274/0x2e0
[ 1675.055378][   T31]  ? genl_rcv+0xd/0x40
[ 1675.059574][   T31]  genl_rcv+0x28/0x40
[ 1675.064577][   T31]  netlink_unicast+0x82f/0x9e0
[ 1675.069582][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[ 1675.075140][   T31]  ? netlink_sendmsg+0x642/0xb30
[ 1675.080373][   T31]  ? skb_put+0x11b/0x210
[ 1675.084773][   T31]  netlink_sendmsg+0x805/0xb30
[ 1675.089636][   T31]  ? aa_sk_perm+0x15f/0x920
[ 1675.094319][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1675.100269][   T31]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1675.106949][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1675.112457][   T31]  sock_sendmsg_nosec+0x18f/0x1d0
[ 1675.117884][   T31]  ____sys_sendmsg+0x577/0x880
[ 1675.127161][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1675.134008][   T31]  ? import_iovec+0x74/0xa0
[ 1675.138615][   T31]  ___sys_sendmsg+0x21f/0x2a0
[ 1675.145977][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1675.152747][   T31]  ? futex_wait+0x285/0x360
[ 1675.157553][   T31]  ? __fget_files+0x2a/0x420
[ 1675.162865][   T31]  ? __fget_files+0x3a0/0x420
[ 1675.167802][   T31]  __x64_sys_sendmsg+0x19b/0x260
[ 1675.172894][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1675.179517][   T31]  ? do_syscall_64+0xbe/0xf80
[ 1675.184623][   T31]  do_syscall_64+0xfa/0xf80
[ 1675.189409][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1675.195753][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1675.200577][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1675.206666][   T31] RIP: 0033:0x7f1887b8f749
[ 1675.211682][   T31] RSP: 002b:00007f18889ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1675.220605][   T31] RAX: ffffffffffffffda RBX: 00007f1887de5fa0 RCX: 00007f1887b8f749
[ 1675.232424][   T31] RDX: 0000000020048000 RSI: 0000200000000040 RDI: 0000000000000006
[ 1675.246640][   T31] RBP: 00007f1887c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1675.258049][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1675.267591][   T31] R13: 00007f1887de6038 R14: 00007f1887de5fa0 R15: 00007ffcc5bb0dd8
[ 1675.276160][   T31]  </TASK>
[ 1675.287588][   T31] 
[ 1675.287588][   T31] Showing all locks held in the system:
[ 1675.295508][   T31] 1 lock held by khungtaskd/31:
[ 1675.315930][   T31]  #0: ffffffff8df41a60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1675.327189][   T31] 2 locks held by getty/5588:
[ 1675.353611][   T31]  #0: ffff888034a8b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1675.370338][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x449/0x1460
[ 1675.381792][   T31] 2 locks held by syz.5.7886/28772:
[ 1675.387017][   T31]  #0: ffffffff8f378370 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1675.395338][   T31]  #1: ffffffff8e237b48 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x2cb/0x960
[ 1675.405492][   T31] 2 locks held by syz.4.8305/30100:
[ 1675.411007][   T31]  #0: ffffffff8f378370 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1675.419405][   T31]  #1: ffffffff8e237b48 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_get_doit+0x10a/0x5e0
[ 1675.429797][   T31] 
[ 1675.437046][   T31] =============================================
[ 1675.437046][   T31] 
[ 1675.445577][   T31] NMI backtrace for cpu 1
[ 1675.445600][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1675.445623][   T31] Tainted: [L]=SOFTLOCKUP
[ 1675.445630][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1675.445640][   T31] Call Trace:
[ 1675.445648][   T31]  <TASK>
[ 1675.445657][   T31]  dump_stack_lvl+0x189/0x250
[ 1675.445685][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1675.445704][   T31]  ? __pfx__printk+0x10/0x10
[ 1675.445739][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1675.445765][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1675.445788][   T31]  ? __pfx__printk+0x10/0x10
[ 1675.445815][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1675.445834][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1675.445859][   T31]  sys_info+0x135/0x170
[ 1675.445877][   T31]  watchdog+0xf95/0xfe0
[ 1675.445905][   T31]  ? watchdog+0x20a/0xfe0
[ 1675.445934][   T31]  kthread+0x711/0x8a0
[ 1675.445958][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1675.445979][   T31]  ? __pfx_kthread+0x10/0x10
[ 1675.446002][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1675.446024][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[ 1675.446038][   T31]  ? __pfx_kthread+0x10/0x10
[ 1675.446060][   T31]  ret_from_fork+0x599/0xb30
[ 1675.446079][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1675.446105][   T31]  ? __switch_to_asm+0x39/0x70
[ 1675.446132][   T31]  ? __switch_to_asm+0x33/0x70
[ 1675.446151][   T31]  ? __pfx_kthread+0x10/0x10
[ 1675.446171][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1675.446207][   T31]  </TASK>
[ 1675.446214][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1675.611042][    C0] NMI backtrace for cpu 0
[ 1675.611061][    C0] CPU: 0 UID: 0 PID: 15718 Comm: kworker/u8:17 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1675.611084][    C0] Tainted: [L]=SOFTLOCKUP
[ 1675.611091][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1675.611102][    C0] Workqueue: events_unbound toggle_allocation_gate
[ 1675.611126][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70
[ 1675.611156][    C0] Code: 8b 3d 34 70 d9 0b 48 89 de 5b e9 a3 2d 5b 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 c0 7e 92 65 8b 15 38 0a bd 10 81 e2 00 01 ff 00
[ 1675.611170][    C0] RSP: 0018:ffffc90000007a88 EFLAGS: 00000286
[ 1675.611183][    C0] RAX: ffffffff89704259 RBX: ffff88806b5f1ac0 RCX: ffff888027143d00
[ 1675.611196][    C0] RDX: 0000000000000000 RSI: ffffc90014849190 RDI: ffff88806b5f1ac0
[ 1675.611207][    C0] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1675.611217][    C0] R10: dffffc0000000000 R11: fffff52000000f54 R12: 1ffff1100d6be35d
[ 1675.611229][    C0] R13: ffffc90014849190 R14: dffffc0000000000 R15: ffffc90014849190
[ 1675.611241][    C0] FS:  0000000000000000(0000) GS:ffff888125e34000(0000) knlGS:0000000000000000
[ 1675.611254][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1675.611265][    C0] CR2: 00007f15fa1b6ad8 CR3: 000000000dd3a000 CR4: 00000000003526f0
[ 1675.611280][    C0] Call Trace:
[ 1675.611287][    C0]  <IRQ>
[ 1675.611293][    C0]  pie_calculate_probability+0x29/0x7e0
[ 1675.611326][    C0]  fq_pie_timer+0x288/0x5b0
[ 1675.611342][    C0]  ? fq_pie_timer+0x4d/0x5b0
[ 1675.611359][    C0]  call_timer_fn+0x16e/0x590
[ 1675.611377][    C0]  ? __pfx_fq_pie_timer+0x10/0x10
[ 1675.611390][    C0]  ? call_timer_fn+0xbe/0x590
[ 1675.611408][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[ 1675.611430][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1675.611452][    C0]  ? lockdep_hardirqs_on+0x98/0x140
[ 1675.611466][    C0]  ? __pfx_fq_pie_timer+0x10/0x10
[ 1675.611482][    C0]  __run_timer_base+0x61a/0x860
[ 1675.611506][    C0]  ? __pfx___run_timer_base+0x10/0x10
[ 1675.611521][    C0]  ? seqcount_lockdep_reader_access+0x15e/0x1c0
[ 1675.611552][    C0]  run_timer_softirq+0xb7/0x180
[ 1675.611569][    C0]  handle_softirqs+0x27d/0x850
[ 1675.611588][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[ 1675.611607][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1675.611626][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[ 1675.611649][    C0]  __irq_exit_rcu+0xca/0x1f0
[ 1675.611665][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1675.611686][    C0]  irq_exit_rcu+0x9/0x30
[ 1675.611701][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1675.611725][    C0]  </IRQ>
[ 1675.611730][    C0]  <TASK>
[ 1675.611737][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1675.611754][    C0] RIP: 0010:smp_call_function_many_cond+0xccf/0x12b0
[ 1675.611778][    C0] Code: 45 8b 2c 24 44 89 ee 83 e6 01 31 ff e8 ea 96 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 95 92 0b 00 eb 38 f3 90 <42> 0f b6 04 2b 84 c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 79 92
[ 1675.611791][    C0] RSP: 0018:ffffc900035e7660 EFLAGS: 00000293
[ 1675.611803][    C0] RAX: ffffffff81b62367 RBX: 1ffff110170e8129 RCX: ffff888027143d00
[ 1675.611815][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1675.611825][    C0] RBP: ffffc900035e77e0 R08: ffffffff8f820777 R09: 1ffffffff1f040ee
[ 1675.611837][    C0] R10: dffffc0000000000 R11: fffffbfff1f040ef R12: ffff8880b8740948
[ 1675.611849][    C0] R13: dffffc0000000000 R14: ffff8880b863bb00 R15: 0000000000000001
[ 1675.611864][    C0]  ? smp_call_function_many_cond+0xce7/0x12b0
[ 1675.611894][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1675.611919][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1675.611943][    C0]  ? kmem_cache_alloc_bulk_noprof+0xaa/0x720
[ 1675.611961][    C0]  ? __pfx___text_poke+0x10/0x10
[ 1675.611978][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1675.611998][    C0]  ? trace_contention_end+0x39/0x100
[ 1675.612020][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1675.612038][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[ 1675.612062][    C0]  smp_text_poke_batch_finish+0x5f9/0x1130
[ 1675.612082][    C0]  ? arch_jump_label_transform_apply+0x17/0x30
[ 1675.612108][    C0]  ? __pfx___mutex_lock+0x10/0x10
[ 1675.612124][    C0]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1675.612151][    C0]  ? arch_jump_label_transform_queue+0x97/0x110
[ 1675.612178][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[ 1675.612200][    C0]  static_key_disable_cpuslocked+0xc5/0x1a0
[ 1675.612223][    C0]  static_key_disable+0x1a/0x20
[ 1675.612242][    C0]  toggle_allocation_gate+0x1a1/0x240
[ 1675.612261][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1675.612279][    C0]  ? process_one_work+0x868/0x15a0
[ 1675.612300][    C0]  ? process_one_work+0x868/0x15a0
[ 1675.612315][    C0]  ? process_one_work+0x868/0x15a0
[ 1675.612329][    C0]  process_one_work+0x93a/0x15a0
[ 1675.612356][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1675.612376][    C0]  ? assign_work+0x3c7/0x5b0
[ 1675.612393][    C0]  worker_thread+0x9b0/0xee0
[ 1675.612423][    C0]  kthread+0x711/0x8a0
[ 1675.612444][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1675.612460][    C0]  ? __pfx_kthread+0x10/0x10
[ 1675.612480][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1675.612501][    C0]  ? lockdep_hardirqs_on+0x98/0x140
[ 1675.612514][    C0]  ? __pfx_kthread+0x10/0x10
[ 1675.612534][    C0]  ret_from_fork+0x599/0xb30
[ 1675.612550][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1675.612570][    C0]  ? __switch_to_asm+0x39/0x70
[ 1675.612590][    C0]  ? __switch_to_asm+0x33/0x70
[ 1675.612608][    C0]  ? __pfx_kthread+0x10/0x10
[ 1675.612628][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1675.612655][    C0]  </TASK>
[ 1676.169445][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1676.176407][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1676.187082][   T31] Tainted: [L]=SOFTLOCKUP
[ 1676.191394][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1676.201443][   T31] Call Trace:
[ 1676.204715][   T31]  <TASK>
[ 1676.207638][   T31]  dump_stack_lvl+0x99/0x250
[ 1676.212234][   T31]  ? __asan_memcpy+0x40/0x70
[ 1676.216945][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1676.222168][   T31]  ? __pfx__printk+0x10/0x10
[ 1676.226851][   T31]  vpanic+0x237/0x6d0
[ 1676.230844][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1676.235370][   T31]  ? preempt_schedule_common+0x83/0xd0
[ 1676.240842][   T31]  panic+0xb9/0xc0
[ 1676.244572][   T31]  ? __pfx_panic+0x10/0x10
[ 1676.249343][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1676.254727][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1676.261036][   T31]  watchdog+0xfdf/0xfe0
[ 1676.265219][   T31]  ? watchdog+0x20a/0xfe0
[ 1676.269635][   T31]  kthread+0x711/0x8a0
[ 1676.273712][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1676.278402][   T31]  ? __pfx_kthread+0x10/0x10
[ 1676.283012][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1676.288212][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[ 1676.293398][   T31]  ? __pfx_kthread+0x10/0x10
[ 1676.297980][   T31]  ret_from_fork+0x599/0xb30
[ 1676.302571][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1676.307685][   T31]  ? __switch_to_asm+0x39/0x70
[ 1676.312449][   T31]  ? __switch_to_asm+0x33/0x70
[ 1676.317345][   T31]  ? __pfx_kthread+0x10/0x10
[ 1676.321995][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1676.326773][   T31]  </TASK>
[ 1676.329936][   T31] Kernel Offset: disabled
[ 1676.334245][   T31] Rebooting in 86400 seconds..