last executing test programs:

16.991794122s ago: executing program 3 (id=256):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/rcu_normal', 0xc0a82, 0x146)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYRESDEC=0x0], &(0x7f0000001700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000140)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x2}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r4, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e", 0x19)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000080)={{0x3, 0x1}})

12.019810086s ago: executing program 3 (id=265):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000000)=0x2, 0x4)
recvmmsg(r0, 0x0, 0x0, 0x40012122, 0x0)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9vVNUeAPBzb/seLQ94LY8FLzFxEkk0apqWlVoSSymUFioGhRg3w7QdoDrtkHZqXLCoOxJXJi6MC6KJu65IF27xT3DjEtckunBjQkKsmZk7be/tTDrWTivk80nonXt+z3znnjl3cTlxonJ7bik3t5QrLOTKMzeXTuc+KZeW54sh3icH3T/t6UScxP7gXDl34b3rp0P4Yfanx+vr6+uhqjs0NbTl9e+/3Z3ZemyIM3Wq7TZvba98GEI4sW1cVV0hhA++DyEKIZxN0kaTY28I4Vio512/+/mN3B6N5sGj4pn806l7a8OnJlfvr7V+71EIX5f+//qt+V9e6hr++dU96h4AAAAAAAAAAAAAAAAAgGfc+NUr194dHAoPo9C9Gm1/Xnc8ObZ6PnZ9z7zY1nifJKX/7vsGAAAAAAAAAAAAAAAAAACAf5LN5/9z0fEmz/+PJceRFvXX3+78GOmciXeujJ0fHEr2f4+25b+RJP16tiv0N9n3Pbv/+9lM/eb7v2/vZ7ca42v02xeieCB1HscDAyF8m2z8fjI6HJfKS5XXbpaXF2b3bBjPrHT867v3p6KTbOjfbvxHM+13fv///237NlXPb+zdV+y5lo5/V8ty330WtRX/c5l6+xF/di8d/+5aWu/WAiP1CaAa/y+6d47/WKb9TsX/WAghF1XHmkvNANU1TDW91XqFtHT8/1VLS02dyQfZ6vp/kon/+Uz7BzX/r2R/iGgqHf9/19J6UiU2r//+eOfr/0Km/YOIf3X8K37/25KO/6F6YneqSO2TbHf+H8+036n4X4uTcR6LUt+A1aie3ur/qyMtHf+ebfmb939xW+u/i5n6+3X/1+i3cf/XmP5fier3fzSXjn9vy3LtXv8TmXqdnv9Haus/disd/8O1tPTaua/2t934T2ba71T8a6uSnkb8N+eTPw7V07+x/mtLOv7/qSfGW0us1P7W1n/Rzuv/S5n2D2L9Vx3/StzZXp8X6fgfaVmuGv8f2/j9v5yp1/n4hzBorb9r6fgfbVmudv337Bz/qUy9Tsf/5U42DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAMGE2OfSGKB1LncTwwEMK55PxkOBxNF2bz06XyzMdLIYwl6blwPLpVKk8XSvm5hfJsMV8olcozIZxP8k+EnmipVK7k5wt3Lmy01RvdLhYWK9PFQiWEMJ6kvxCONtqanqvMF+6EEC5u5P03Li/euV1YyM/OLb41ODg4GCY2xtAfFT+tFBcq9d7ruSFMbtTti7YMrpZ9aWMsR6KPysuLC4VSLf3yljql8kyhtKXOVJL3ZeiPKovLCzOFSjFfKt9q9HeQRpLj2MTV969eHtqWfyOqH0f3d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EUPh9/8KoTQXT+LQwi5KHkRJf9SHjwqnsk/nbq3NnxqcvX+2uNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSP0oDQRQH4DdjoaXHsFp2O9sVRbRwRfAEegwPo0fxEt7BIkXaFCGQzELYP7BNUn1f82B+zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0OnJ0Q=")
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x46b1, 0x39de)
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYRES16=0x0], 0x1, 0x1a1, &(0x7f0000000440)="$eJzs28uu0lAUxvFv94KINxQviXHgkIkUMEFNHOijEKiEWJSIE4iJ+h4OdObDSYwzR2LoBaUSRbS7OYf/b3L26tq302TDSgEBOFqPdFtGRpV1cKtaf90wZW8JgCWr9O+3FYDj4379m96muI0AsGz5WJpK+vTl1UBuJSsLbmSNdd7P8tVf64flW+mml+ZNVWfz9cUHPVwmzYFMbef4Wja/Obcz31Q9yTvndUEXdUl1XdYVNdL8MBkvmev/UAkBAHA8jFr5eOuCoyfjKGxvYj+OO6p5SgqDtWZ3k6/E+bub+EwctwbPo2Fx/wSAgzhqffw5zp9/N3f+vfT8Azj5ZvPF034UhS8sNZLnA05xq6+2r3j/b2a9sXmj/tAwSj6nPXC4LytbzZ4n/abP570mfF/aDfetL+qp2CVc7dW5pBckANYELyfTYDZf3BlP+qNwFD7rdXu9B+379zpBXPgH2+U/gFPkx5t+2TsBAAAAAAAAAAAAAACHuqprZW8BAAAAgCUF/kBNeie+WQwAAAAAAAAAAAAAAAAAQAG+BwAA//8UAww+")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$dir(0xffffffffffffff9c, 0x0, 0x8880, 0x85)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f0000000140)=0x12)
write$FUSE_STATFS(r2, &(0x7f0000003c40)={0x60, 0x0, 0x0, {{0x1, 0x6, 0x4, 0x4, 0x100000000, 0xb, 0x7, 0x4}}}, 0x60)

10.239405024s ago: executing program 3 (id=267):
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4}, &(0x7f0000000080)=<r0=>0x0)
timer_delete(r0)
syz_clone3(&(0x7f0000000280)={0x290084000, &(0x7f0000000040), 0x0, 0x0, {0x41}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, 0x0, 0x0)
dup2(r1, r1)
syz_pidfd_open(0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r3 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
bind$netlink(r6, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r6, &(0x7f0000000600)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r7, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = socket(0x1, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x44}}, 0x0)

8.372180005s ago: executing program 3 (id=270):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, &(0x7f0000000080))
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0xa000000)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r4 = accept4$alg(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}], 0x1, 0x2004001)
io_setup(0xff, &(0x7f0000000380)=<r5=>0x0)
io_submit(r5, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r4, &(0x7f0000000340), 0x41}])
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000c80)='./file0\x00', 0x1004491, &(0x7f0000000f00)=ANY=[], 0xfe, 0x875, &(0x7f0000001000)="$eJzs3V1sHNW9APD/GDt2HJGL7r3KjaIQJglXSnSDWTtgri8P3L3rsTNg71q766tEFYIIHBrFAQRCQFSV5gXaqh/qUx8pfUS88NRWlVqpD22fKpWHvvQBCYmXVrRqpapVVdXVzuzGduy18+EkLf39Vt4zPnPOmf+ZHe/xrH1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIpDZdqYwnMZfXF0+n/dWmm435TdeMRESa9tr74bpki+1GJJ2vGBmJ/WXW/n9fXb2v83QkDpbfHYzORmIkLu3Zd8+j/zY40Ku/RcA36nCf/JU0HVr7fRLxhU5QF84uLy+9dAsCuY2+/P3uwsg1V/nTSud5NqvnrUY+X53N0rzVSKcmJysPnppppTP5XNY602pn82mtmVVf+5+VlWO14+n41NTJNBs701isz05X57K0m/nIAxOVymT6+NhCVm22GvUHHx9r1U7lc3N5fbYoM1F5NTplHukciE/k7bSdVefTdDiWl05uF+q588tL4+tyhtcdOAfvv+fjVz76/fmlzgHZr5Gke2BOjI9PTIxPPjz18COV8gCIuJJRGaxcJSYqE2WVGIiISmXwlhy03Fl7Nskb7B4xG1ZErPzLDrxzw80bGOkuzEUe9ViM05FGGgPFc/H42u5IYyhqMR3NaMR8J+8XQ6vru4+u3vj/nw/+5mdbbXft+N8b5fdfWVe+2x6JQ2XGoX7j/4YoduAx2K/V+ntlNGvzXo7X41JciLOxHMuxFC9dXWvX1TU2eVxLmZt+DJfpwM62OhtZ1COPViSRx3xUi5y0yGlEGlMxGZNRiafiVMxEK9KYiTzmIotWnIlWtCMrjqhaNCOLarSjEc1I41jU4nikMR5TMRUnI40sxuJMNGIx6jEb01EtWjm3Unrjqrj2ff7p7z3384/f7izHuThfvDjjW3Qk6Yzlez6M+N0Wha4M5r3hfkPG5uP/QJQlBroH+G0Zk7hNRq7zVd2Jt23YESvF+f/ghvyROxINAAAAcCskxafvSUQMxb3F0kw+l32mt3rozkYHAAAA7ITiP+0OdpLiVP/eSDrn/5VNSn4QMXzbwwMAAAB2QFLMsUsiYjTuK5d606U2+xAAAAAA+AdU/P3/UCcZjXijyHD+DwAAAJ8yX+x3jf2PdhXX2B2N1sJw8oPfRrM5lFxeOH1/crHaKVe9eFdZr5v8/5UW2zMHkr3dRopkcvDSniQiBmvZwaR39cu/dOcSfFI8H1i9AGG/a/0n2wQQWwdQfBdficNlmcPPlumzvTXlVkZn8rlsrNaYe3Q86X440n7l+fOvRdH9L9Xn9yZx7vzy0tgzLywXLVy83Hm+fLF7efikVyu6107YIpaV3myKezfv8VAxEaO73dFyu5W1/e9eTXZg6/4na7f5ZhwpyxwZLdPR9f0f6WxzfOzR8ahW9w60s9PtV1bW9L4bxXgRRdHz4V5vk2t6FQa6URwtyxw9drRMNoliYl0Uz2+MYmI1isvXuC/2rd8X/aN4+/Abp//w40aSndwuipM3GQXAnXKuuOrP6ii0uxiF/lxeVf3b3ynXrR13d/dqXs+73LnV3zJ69deMdYOxYXRPb2R0fzOOlWWOlb9PDB7YZFypbPKO/uL5F3/SfUd/6N1vfuvJQz99/6px/TqieDeOl2W6Sfzrj/qMsZ0+f/WqUfWdTo13+m63NTeRvJrEUNK998ylB85fPPvc0nNLz09MnJysPFSpPDwRQ8WvCt1ks0g37FQA/tlsd4+d9z93pWi/u/AkD21zVp0M9v6lYCyeiRdiOZ6NE8Vsg4i4b/NWR9f8G8KJDWetyfqz9jV3eDmxzbnlatmJq8sOH02iT9mTa/bYf3yjSP54i14QALgNjmwzDidxT3nZn1fv7ta4UmKl+PD3riQ5sfa8+7MRcaDfmNsZy4+XN87tnR1Hv7Lj6+L8VTf979uxUwDgUy5rfpKMtt9Kms184anxqanxavtUljYbtSfSZj49m6V5vZ01a6eq9dksXWg22o1a74+W01krbS0uLDSa7XSm0UwXGq38dHHn97R76/dWNl+tt/Naa2Euq7aytNaot6u1djqdt2rpUETkrVNZs6jcWshq+Uxeq7bzRj1tNRabtWwsTVtZli4s/t9cWTCfzurtfCbPhtK8ni408/lq83JEzC3OZ+l01qo184V2o2yw3FYnzpm9zfmi2bHY8AeFX9+BXQ4Ad9zLr1+6cHZ5eemlG1v45bUUvtN9BADWM0oDAAAAAAAAAAAAAMDfv43T9Tq51zURcChuePrgy8PRWdh9o9U7C0+WHeldV/impjNuXBjc6Qa3Xviv93auFxvbGerl3L3dvM/d617TXd19u7NdHug7/fSvm9bqRH/d23r6sccuXLocEUVOMri6ezud2n/qwyx6vduinc1/Ujab6vrW3ohd3/16mfO/fQongzt82HzQ7WDvp7pf4YH1OSvJFj/4t+XtBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACuy98CAAD//0pDPbQ=")

7.975996985s ago: executing program 2 (id=271):
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
r3 = timerfd_create(0x0, 0x800)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_STATION(r5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x40002084)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x79d, 0x0, 0x0, 0x0, 0x100})

6.753893288s ago: executing program 2 (id=273):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040), 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac141400000000000000000002000100"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

6.31395761s ago: executing program 3 (id=274):
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0xa964c761d5ec79d1, 0x31, 0xffffffffffffffff, 0xcee90000)
syz_open_dev$loop(&(0x7f0000000140), 0x8, 0x8a242)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000580)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000380), r1, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x4e23, @empty}}}, 0x90)
memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\'5\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\x02\x00\x00\x00G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>sz\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\x05\x00\x9c\xabf\x1daCS2\x02\xb0\xef\xa8\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\xafON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\x19\xdd(5\xea0\x01,D\xf2\xa3\x85Q\x1f@\xdej\x88\xc8\x17\xc4<Y\xde\xf6v\x8f\x92\xd0XH\x12\x04\xf3\xd0-T\xcat\xf7\x85\xaa\x8fXT\xa1\xeb\xfd\xaf9\xca;\x85\x8b^\x8b\xa4\x89\xc7\x9c\x12\x91\xf9i\x02Q1D\xc2\xf5\x1c\x94\x1a\xcf\x80W\x84\x96,\x8fG\xacy?\xea$\xb2Ia\xce\x94\xf2Cm\x86\xb1qh8\xde\xe4\xe3\x80\xabM\xe9\x14|\xc1\xbb\xc14Lq\x1f\xf4\x88\xe7V\xe0\xa1Hb\xd94v&H\xd5j\x02~-\xed\r\xfc\xb4\r\x00\xe9\xe3\x92U\xe7\x8f\xcc\xe4HJ18R\xee\xc5\x85*\xcf\xcbh}&\xe2\xc5[\xbbY\xca\x17-\x04\x95\xa3\xc5(\x9c\xdaZ\x0f', 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x34, 0x24, 0x1, 0x80000000, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}]}, 0x34}}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
writev(r3, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe7e7}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x20004015)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xe0)

6.093765046s ago: executing program 1 (id=276):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mount(&(0x7f0000000240), &(0x7f0000000040)='.\x00', 0x0, 0x2400, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
lseek(r1, 0x4, 0x1)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$nfs4(0x0, &(0x7f00000019c0)='.\x00', &(0x7f0000001a00), 0x10080, &(0x7f0000001a80)=ANY=[@ANYBLOB='noa'])
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r4=>0x0})
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0x10}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bind$can_j1939(r3, &(0x7f00000000c0)={0x1d, r4}, 0x18)
setsockopt$SO_J1939_ERRQUEUE(r3, 0x6b, 0x4, &(0x7f00000001c0)=0x1, 0x4)
sendmmsg(r3, 0x0, 0x0, 0x44)
r5 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CAPI_MANUFACTURER_CMD(r5, 0xc0104320, &(0x7f0000001040)={0xa, 0x0})
ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000080)={0x9, 0x34324142, 0x1, @discrete={0xab, 0x5}})

5.081079843s ago: executing program 2 (id=277):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
r3 = timerfd_create(0x0, 0x800)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_STATION(r4, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x40002084)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x79d, 0x0, 0x0, 0x0, 0x100})

4.875819769s ago: executing program 1 (id=278):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7100, 0x1, 0x0)
execve(0x0, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c)
execve(0x0, &(0x7f0000001080)={[&(0x7f0000000180)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']}, 0x0)
r4 = semget(0x1, 0x2, 0x210)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
fstat(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file1\x00', 0x1000c1d, &(0x7f000000a580)=ANY=[@ANYRES32=r7, @ANYRESHEX, @ANYBLOB="9cf45332f216e72f1916be622afc444f62ea0b68c42a77b352fe0afddfb1cc8ff9c0f9e899ea9ae7c30f5a192b0b16000080dfa20a2768950b186e295805038569d0c9f57f41da86410da421701f524e99d5bea9716fa0990dd3611859be346c36edb30828401d5122a1bad83ae10d49e288b3950ae045ad2a04ddc191fcc6abf55e98491049b415163b7e3a99c0a4544190c2011be3a25a85ceab73485f64f25ad6d435b24f2f400d9bef712f399339d02bfd26bf20324b098b673189cd82a5cbf5c5a53fbda881d47d43e25919884a8cd525436c46d28d7c4173aabcc00da4ac21514eb67e0eb9849548fe217ab6bb03ac5d203f8427c8402b016b5b9e83d16cb759a42b6a7f7115433776b3eb8091edf8030f522ae488d96280e59d5b0ddc36f441dfff7700000000000000000000000000000000000000000000000000000000000000000000002c14da6155698f83a9e5d32830f3dc68cfff8cf5b7e936b51590ec6fc503b6ca46a5aa1b35163c0081ae2491391194d483d35de250e75d7d6ae7901b6c9663ddcbecd4bc17a043808b280000000000000000000000000000c8f455465cbebc162473fbee10d24b1e5aded77bc959e4d72cb67a00491fd4696da9de540e0d9ecefa00648305f1ea375309bb41460389068a12930587eef76c7e0359b64a2153d2c1e1a07b0125808f1805beb49929003354aab5fe9f966009e4f90fc66cc885c9406c532a40ec0b76a3757cf11d9e907a44cbc32dbb10", @ANYRES16, @ANYRESOCT, @ANYRES32=r6, @ANYRESDEC=0x0, @ANYRES32], 0xff, 0x1fd, &(0x7f000000a380)="$eJzsmb+LE0EUx78zu5c9DxFsLGwsPPBEb39F5ZorThArQThFLYO3d0T3LpKscDkQ7rCxsRQRbP0HLCxS29nZaqGCYGFKwUIYmR/ZnfzYGDFiwPeBTL7z5s178ybJK7IgCOK/5dPHbx8eX1y5dhbAYSzCM/YvTuHDLf/3z+6febJ66fnLdy9e7xx50BmMNw9ACFQmzc+Afaw5yErWF+XwtN92HRynjb4BBl/LH0KhJwkYbhmfO5ZuHDIiTfzbjXRjs54moRwiOcRyqNq5XADdA4aNvDYhmLXeajMVrNlq792tpYWYE708Q0u/K8bdnzrfGseqmcvzyc/r5qOHB3Ju7gYhuL5LABE4IqOrYFg3egUefN8vrsSq/7hbxHf66v+z2qYu2Hf9NZCWo8tTT+HgXxc4q0J4M3GMCQQbtMifcG451u28Gd71+S+ex5tOHIaSjqMaF4Dcctn4vF1I0ysTp8C+DlNYel1+5K6iPzEXOGX1Jxdu3j+CbPte0GrvLde3a1vJVrITx9UL4bkwPB8Hm3UPYaDa0Zj+N6/604IVf67Et8Iq2K1lWTPaBbJmlM9jPVodd/1V46vaw1X/41g6qWPIS1Zle6NzMPPi6l2qJaf08ARBEARBEARBEARBEARBEL/E/jPyBBj0IxD1oEqUEF9V3j8DAAD//2JCZGU=")
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000140)={{0x1, 0x0, 0x0, 0x0, r7, 0x8a, 0x3}, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

4.772219212s ago: executing program 0 (id=279):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x8})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x508, &(0x7f0000000600)="$eJzs3e9rVWUcAPDvufvlz6ZkVBa4qNAMN3UrNBLSehNEUGoihTnc/JHzR26BCpZSlvgiXwlBBJYRoRAjoRdS4X/Qi14ZEkLRC20I/aCwYHHu7p1Xd7epmzvk+Xzg6HOes/F87/lyznOf57lnN4DcaoqI/RFRHxHrI6KxVJ+UtnhqYEt/rre1d3O6JdHfv/JSUjx+vLV3c1T8Tmpq+k8hYlJErPg5ifkHh7bbvWfv1vaurs5dpf2Wnm07W7r37F2wZVv7ps5Nndtbl7a1ti1ZuLR1ybi91nOPXG5Y/dKKDQfbLr6VvPzw52m800rHKl/HeGmKpsFzcpUk4pnxbiwjNRFRW3EeU0nt8D9/V+eRbyYiLka37Os3vyhU5HB9NEZNDCTv38ZXfmuMo+1ZxwgAjL/+/v7+a/cBgNtdos8HgJwpj/uPt/ZuLm8TNfew9tREtcRw+pZHcaH2eGltt3cw/7WllaBJURcRU35PonJZL7lmze9mrDkf0RSXN/164rF30i1u0Tosw9t/ICLuqXb9J8X8ziiu4g/Nf01EzBpj2z/9neZ/w/zKOvmfWGPJ/91jbPuzfWn+1/1VWSf/+TH7hawjIEvfHco6ArL0fV/WEZClF1dmHQFZev7xrCMgSx9eyjoCziyPiCXVxn+FuL/4f/XxX0NETB9j2+9fTMd/na9X1g0d/xUujLEZRtC3POLJimc7eivyXzKjprQ3vTgfUJds3NLVuTAi7oiIeVHXkO4vGqGNI8lXz1arP702zf8/a8rzf+mWtl+eCyzFcaG24erf62jv8bn0cdJ3IGJ2bbX8J4Pzv8kw87+zr7ONX75ddbha/dSzaf7bPhg5/9xK/R9HzK16/V95cikZ+fmsluL9oKV8Vxjqy8uHV1erX/Z2mv/TC+Q/O+n1P2Xk/Bfv/4PP63XfeBtzVl6o+lZh8Xtp/tecuJn7f32yqhhgfalud3tPz65FEfXJc0PrF994zLer8vkon680//MerN7/D6zvVL//10XEfdfZ5sl17+6sVn/qk+L8/3nXf3bS/HeMcv0nV13/N15o+/PYQ9Xa3tee5v+1k6Nf/23FYOaVarz/G931JijrOAEAAAAAAAAYH4Xic9xJoXmwXCg0Nw/8De9ZMaXQtaO759GNO97Y3hGl50HrCuVPejVWfB50UbF8ZX/xNfutETEzIg41TC7uN2/Y0dWR9YsHgJyZFvHjDwufPjZ1mP4/da4h6ygBgPGU9v/nH7jz07T8h34eAHIh7f9f3f3R0dD/A0Bu6P8BIH/0/wCQP/p/AMgf/T8A5E+5/58558zZJCL2PzG5uEXFd2fUZRohcKsVsg4AyExN1gEAmanNOgAgM8b4QDLK8UnDHaj6za7A/8Hce8+cDfP/kEvm/yG/zP9Dfpn/h/wyxgfM/0P+dO/Zu7W9q6tzl4KCgsJgIes7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACP5LwAA//8/ji0R")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000380)={{0x6, @null, 0xa}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030017000b63d25a80648c2594f93324fc60100c034002000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_procfs(r0, &(0x7f0000000280)='net/raw\x00')
lseek(r4, 0x7ff, 0x0)

3.400021559s ago: executing program 0 (id=280):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r4 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write$FUSE_NOTIFY_STORE(r4, &(0x7f0000000180)=ANY=[], 0xe)
sendfile(r4, r4, &(0x7f0000001000), 0xffff)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_USERDATA={0x4}]}], {0x14}}, 0x5c}}, 0x0)

3.281139462s ago: executing program 1 (id=281):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
prlimit64(r0, 0xf, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x7, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00, 0x50000000}, [@exit, @map_fd, @jmp]}, &(0x7f0000000300)='syzkaller\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x41100, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
creat(&(0x7f0000000280)='./file1\x00', 0x143)
r4 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/igmp6\x00')
pread64(r4, &(0x7f0000019400)=""/102344, 0xfffffcbb, 0x1c2a)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

3.280901912s ago: executing program 2 (id=282):
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
r3 = timerfd_create(0x0, 0x800)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_STATION(r5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x40002084)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x79d, 0x0, 0x0, 0x0, 0x100})

3.277028462s ago: executing program 3 (id=283):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000df2bfd404b0c0001cad7010203010902240001000000000904450002c9cee400090508"], 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)}], 0x1, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x4, &(0x7f0000000080)=ANY=[])
r1 = fsopen(&(0x7f0000000100)='vfat\x00', 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x7ff, 0x1000}, {0x2, 0x9}, {0x0, 0x4, 0x1000}, {0x4, 0x4, 0x1800}, {0x7, 0x201, 0x800}], 0x5, &(0x7f0000000080)={0x0, 0x989680})
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='utf8', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0xfffffffffffffd7d, 0x20040011)
rseq(&(0x7f0000001080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000840)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f000000540b4550182195f5"], 0x0}, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
read(r4, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xe}, 0x1c)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)

1.838393701s ago: executing program 0 (id=284):
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r5, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r6)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r7, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)

1.754679403s ago: executing program 2 (id=285):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040), 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac141400000000000000000002000100"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

1.740710013s ago: executing program 1 (id=286):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000022c0)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {}, {0x8, 0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf7513c36066f8950}, 0x20000010)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000600), 0x56)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x3, {0x0, 0x0, 0x0, r13, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x0, 0x3, {0x5, 0x2, 0x6}}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000880)
sendmsg$kcm(r2, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r10, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f00000004c0)="f058050000007f8f", 0x300}], 0x2}, 0x5)

1.601310607s ago: executing program 0 (id=287):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
socket(0x2, 0x3, 0xff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0x800280c, &(0x7f0000000380)={0x0, 0xc8a2, 0xc000, 0x2, 0xb5})
openat$kvm(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)

1.275957146s ago: executing program 0 (id=288):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x8})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x508, &(0x7f0000000600)="$eJzs3e9rVWUcAPDvufvlz6ZkVBa4qNAMN3UrNBLSehNEUGoihTnc/JHzR26BCpZSlvgiXwlBBJYRoRAjoRdS4X/Qi14ZEkLRC20I/aCwYHHu7p1Xd7epmzvk+Xzg6HOes/F87/lyznOf57lnN4DcaoqI/RFRHxHrI6KxVJ+UtnhqYEt/rre1d3O6JdHfv/JSUjx+vLV3c1T8Tmpq+k8hYlJErPg5ifkHh7bbvWfv1vaurs5dpf2Wnm07W7r37F2wZVv7ps5Nndtbl7a1ti1ZuLR1ybi91nOPXG5Y/dKKDQfbLr6VvPzw52m800rHKl/HeGmKpsFzcpUk4pnxbiwjNRFRW3EeU0nt8D9/V+eRbyYiLka37Os3vyhU5HB9NEZNDCTv38ZXfmuMo+1ZxwgAjL/+/v7+a/cBgNtdos8HgJwpj/uPt/ZuLm8TNfew9tREtcRw+pZHcaH2eGltt3cw/7WllaBJURcRU35PonJZL7lmze9mrDkf0RSXN/164rF30i1u0Tosw9t/ICLuqXb9J8X8ziiu4g/Nf01EzBpj2z/9neZ/w/zKOvmfWGPJ/91jbPuzfWn+1/1VWSf/+TH7hawjIEvfHco6ArL0fV/WEZClF1dmHQFZev7xrCMgSx9eyjoCziyPiCXVxn+FuL/4f/XxX0NETB9j2+9fTMd/na9X1g0d/xUujLEZRtC3POLJimc7eivyXzKjprQ3vTgfUJds3NLVuTAi7oiIeVHXkO4vGqGNI8lXz1arP702zf8/a8rzf+mWtl+eCyzFcaG24erf62jv8bn0cdJ3IGJ2bbX8J4Pzv8kw87+zr7ONX75ddbha/dSzaf7bPhg5/9xK/R9HzK16/V95cikZ+fmsluL9oKV8Vxjqy8uHV1erX/Z2mv/TC+Q/O+n1P2Xk/Bfv/4PP63XfeBtzVl6o+lZh8Xtp/tecuJn7f32yqhhgfalud3tPz65FEfXJc0PrF994zLer8vkon680//MerN7/D6zvVL//10XEfdfZ5sl17+6sVn/qk+L8/3nXf3bS/HeMcv0nV13/N15o+/PYQ9Xa3tee5v+1k6Nf/23FYOaVarz/G931JijrOAEAAAAAAAAYH4Xic9xJoXmwXCg0Nw/8De9ZMaXQtaO759GNO97Y3hGl50HrCuVPejVWfB50UbF8ZX/xNfutETEzIg41TC7uN2/Y0dWR9YsHgJyZFvHjDwufPjZ1mP4/da4h6ygBgPGU9v/nH7jz07T8h34eAHIh7f9f3f3R0dD/A0Bu6P8BIH/0/wCQP/p/AMgf/T8A5E+5/58558zZJCL2PzG5uEXFd2fUZRohcKsVsg4AyExN1gEAmanNOgAgM8b4QDLK8UnDHaj6za7A/8Hce8+cDfP/kEvm/yG/zP9Dfpn/h/wyxgfM/0P+dO/Zu7W9q6tzl4KCgsJgIes7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACP5LwAA//8/ji0R")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000380)={{0x6, @null, 0xa}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
socket$kcm(0x10, 0x3, 0x10)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_procfs(r0, &(0x7f0000000280)='net/raw\x00')
lseek(r4, 0x7ff, 0x0)

1.207581458s ago: executing program 1 (id=289):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x8})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x508, &(0x7f0000000600)="$eJzs3e9rVWUcAPDvufvlz6ZkVBa4qNAMN3UrNBLSehNEUGoihTnc/JHzR26BCpZSlvgiXwlBBJYRoRAjoRdS4X/Qi14ZEkLRC20I/aCwYHHu7p1Xd7epmzvk+Xzg6HOes/F87/lyznOf57lnN4DcaoqI/RFRHxHrI6KxVJ+UtnhqYEt/rre1d3O6JdHfv/JSUjx+vLV3c1T8Tmpq+k8hYlJErPg5ifkHh7bbvWfv1vaurs5dpf2Wnm07W7r37F2wZVv7ps5Nndtbl7a1ti1ZuLR1ybi91nOPXG5Y/dKKDQfbLr6VvPzw52m800rHKl/HeGmKpsFzcpUk4pnxbiwjNRFRW3EeU0nt8D9/V+eRbyYiLka37Os3vyhU5HB9NEZNDCTv38ZXfmuMo+1ZxwgAjL/+/v7+a/cBgNtdos8HgJwpj/uPt/ZuLm8TNfew9tREtcRw+pZHcaH2eGltt3cw/7WllaBJURcRU35PonJZL7lmze9mrDkf0RSXN/164rF30i1u0Tosw9t/ICLuqXb9J8X8ziiu4g/Nf01EzBpj2z/9neZ/w/zKOvmfWGPJ/91jbPuzfWn+1/1VWSf/+TH7hawjIEvfHco6ArL0fV/WEZClF1dmHQFZev7xrCMgSx9eyjoCziyPiCXVxn+FuL/4f/XxX0NETB9j2+9fTMd/na9X1g0d/xUujLEZRtC3POLJimc7eivyXzKjprQ3vTgfUJds3NLVuTAi7oiIeVHXkO4vGqGNI8lXz1arP702zf8/a8rzf+mWtl+eCyzFcaG24erf62jv8bn0cdJ3IGJ2bbX8J4Pzv8kw87+zr7ONX75ddbha/dSzaf7bPhg5/9xK/R9HzK16/V95cikZ+fmsluL9oKV8Vxjqy8uHV1erX/Z2mv/TC+Q/O+n1P2Xk/Bfv/4PP63XfeBtzVl6o+lZh8Xtp/tecuJn7f32yqhhgfalud3tPz65FEfXJc0PrF994zLer8vkon680//MerN7/D6zvVL//10XEfdfZ5sl17+6sVn/qk+L8/3nXf3bS/HeMcv0nV13/N15o+/PYQ9Xa3tee5v+1k6Nf/23FYOaVarz/G931JijrOAEAAAAAAAAYH4Xic9xJoXmwXCg0Nw/8De9ZMaXQtaO759GNO97Y3hGl50HrCuVPejVWfB50UbF8ZX/xNfutETEzIg41TC7uN2/Y0dWR9YsHgJyZFvHjDwufPjZ1mP4/da4h6ygBgPGU9v/nH7jz07T8h34eAHIh7f9f3f3R0dD/A0Bu6P8BIH/0/wCQP/p/AMgf/T8A5E+5/58558zZJCL2PzG5uEXFd2fUZRohcKsVsg4AyExN1gEAmanNOgAgM8b4QDLK8UnDHaj6za7A/8Hce8+cDfP/kEvm/yG/zP9Dfpn/h/wyxgfM/0P+dO/Zu7W9q6tzl4KCgsJgIes7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACP5LwAA//8/ji0R")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000380)={{0x6, @null, 0xa}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030017000b63d25a80648c2594f93324fc60100c034002000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_procfs(r0, &(0x7f0000000280)='net/raw\x00')
lseek(r4, 0x7ff, 0x0)

2.08379ms ago: executing program 0 (id=290):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
socket$inet_sctp(0x2, 0x1, 0x84)
mkdir(0x0, 0x18b)
mount$bpf(0x200000000000, 0x0, 0x0, 0x989046, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000080)={0x0, 0x37, "7afb0a2fbc27b64492bd6b3d06a57a90f2f242885d298a778bca4f3beb66a934ce4b4a6774ac4c2a4a6a1206e907a06aa6ef80e8e834cf"}, 0x0)
r2 = msgget$private(0x0, 0x1c0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001100)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
sched_setscheduler(r3, 0x2, &(0x7f0000003140))
msgsnd(r2, &(0x7f00000010c0)=ANY=[], 0x2a, 0x0)
msgsnd(r2, &(0x7f0000000100)=ANY=[@ANYRESOCT=r2], 0x2000, 0x0)
msgsnd(0x0, &(0x7f0000000140)=ANY=[], 0xdf9, 0x0)
r4 = msgget$private(0x0, 0x8)
msgctl$MSG_STAT(r4, 0xb, &(0x7f0000000000)=""/138)
msgctl$IPC_INFO(r4, 0x3, &(0x7f0000000180)=""/53)
msgctl$IPC_RMID(0x0, 0x0)

726.69µs ago: executing program 1 (id=291):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
r3 = timerfd_create(0x0, 0x800)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_STATION(r4, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x40002084)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x79d, 0x0, 0x0, 0x0, 0x100})

0s ago: executing program 2 (id=292):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r4 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write$FUSE_NOTIFY_STORE(r4, &(0x7f0000000180)=ANY=[], 0xe)
sendfile(r4, r4, &(0x7f0000001000), 0xffff)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_USERDATA={0x4}]}], {0x14}}, 0x5c}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.243' (ED25519) to the list of known hosts.
[   83.039861][ T5758] cgroup: Unknown subsys name 'net'
[   83.177557][ T5758] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   84.887854][ T5758] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.585251][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   86.595050][ T5783] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   86.603454][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   86.611505][ T5783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   86.618997][ T5783] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   86.628260][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   86.636215][ T5783] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   86.643688][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   86.651202][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.653363][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   86.667277][ T5783] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   86.676471][ T5783] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.683755][ T5784] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   86.708933][ T5784] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.717371][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   86.733872][ T5786] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   86.748360][ T5786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   86.753511][ T5788] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.763086][ T5788] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   86.774494][ T5788] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   86.781794][ T5786] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   86.789553][ T5786] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.797509][ T5786] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   86.807887][ T5083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   87.299965][ T5770] chnl_net:caif_netlink_parms(): no params data found
[   87.504637][ T5771] chnl_net:caif_netlink_parms(): no params data found
[   87.594745][ T5773] chnl_net:caif_netlink_parms(): no params data found
[   87.646712][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.656945][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.664575][ T5770] bridge_slave_0: entered allmulticast mode
[   87.672624][ T5770] bridge_slave_0: entered promiscuous mode
[   87.692559][ T5772] chnl_net:caif_netlink_parms(): no params data found
[   87.720957][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.728252][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.738768][ T5770] bridge_slave_1: entered allmulticast mode
[   87.746092][ T5770] bridge_slave_1: entered promiscuous mode
[   87.824929][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.870556][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.948022][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.956475][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.963826][ T5771] bridge_slave_0: entered allmulticast mode
[   87.971086][ T5771] bridge_slave_0: entered promiscuous mode
[   87.979893][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.987071][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.995247][ T5773] bridge_slave_0: entered allmulticast mode
[   88.002432][ T5773] bridge_slave_0: entered promiscuous mode
[   88.011209][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.018556][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.025815][ T5773] bridge_slave_1: entered allmulticast mode
[   88.033684][ T5773] bridge_slave_1: entered promiscuous mode
[   88.070839][ T5770] team0: Port device team_slave_0 added
[   88.077514][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.084899][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.092301][ T5771] bridge_slave_1: entered allmulticast mode
[   88.100111][ T5771] bridge_slave_1: entered promiscuous mode
[   88.117233][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.124753][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.134849][ T5772] bridge_slave_0: entered allmulticast mode
[   88.142687][ T5772] bridge_slave_0: entered promiscuous mode
[   88.151658][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.158899][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.166112][ T5772] bridge_slave_1: entered allmulticast mode
[   88.173714][ T5772] bridge_slave_1: entered promiscuous mode
[   88.182747][ T5770] team0: Port device team_slave_1 added
[   88.250152][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.257206][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.283551][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.309975][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.322326][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.353486][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.360718][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.386973][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.420425][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.432043][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.447068][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.481172][ T5773] team0: Port device team_slave_0 added
[   88.490483][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.520037][ T5773] team0: Port device team_slave_1 added
[   88.545433][ T5770] hsr_slave_0: entered promiscuous mode
[   88.552831][ T5770] hsr_slave_1: entered promiscuous mode
[   88.586678][ T5772] team0: Port device team_slave_0 added
[   88.633856][ T5772] team0: Port device team_slave_1 added
[   88.646404][ T5771] team0: Port device team_slave_0 added
[   88.665087][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.672268][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.698773][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.734829][ T5771] team0: Port device team_slave_1 added
[   88.758852][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.765855][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.792074][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.824199][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.832233][ T5786] Bluetooth: hci2: command tx timeout
[   88.834000][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.840668][ T5786] Bluetooth: hci0: command tx timeout
[   88.864447][ T5776] Bluetooth: hci1: command tx timeout
[   88.876589][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.908581][ T5083] Bluetooth: hci3: command tx timeout
[   88.924648][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.933093][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.963664][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.975645][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.982921][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.009582][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.022550][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.029639][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.055615][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.174679][ T5773] hsr_slave_0: entered promiscuous mode
[   89.181474][ T5773] hsr_slave_1: entered promiscuous mode
[   89.188119][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   89.196643][ T5773] Cannot create hsr debugfs directory
[   89.236898][ T5771] hsr_slave_0: entered promiscuous mode
[   89.243552][ T5771] hsr_slave_1: entered promiscuous mode
[   89.250042][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   89.257628][ T5771] Cannot create hsr debugfs directory
[   89.270809][ T5772] hsr_slave_0: entered promiscuous mode
[   89.277364][ T5772] hsr_slave_1: entered promiscuous mode
[   89.284026][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   89.291669][ T5772] Cannot create hsr debugfs directory
[   89.682185][ T5770] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.703392][ T5770] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   89.715580][ T5770] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.739369][ T5770] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.830680][ T5773] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   89.844570][ T5773] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   89.858124][ T5773] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   89.872916][ T5773] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   89.975023][ T5771] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.986594][ T5771] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.019677][ T5771] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.031099][ T5771] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.112289][ T5772] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   90.126128][ T5772] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   90.151910][ T5772] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   90.163980][ T5772] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   90.203714][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.243114][ T5770] 8021q: adding VLAN 0 to HW filter on device team0
[   90.275941][ T2928] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.283504][ T2928] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.303018][ T2928] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.310252][ T2928] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.384935][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.447197][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.473942][ T5773] 8021q: adding VLAN 0 to HW filter on device team0
[   90.513150][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.520389][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.538046][ T2928] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.545281][ T2928] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.594547][ T5771] 8021q: adding VLAN 0 to HW filter on device team0
[   90.629680][ T2928] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.636898][ T2928] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.667545][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.702340][ T2928] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.709579][ T2928] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.756706][ T5772] 8021q: adding VLAN 0 to HW filter on device team0
[   90.808142][ T5773] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   90.842396][ T2928] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.849669][ T2928] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.879141][ T3505] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.886351][ T3505] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.919850][ T5776] Bluetooth: hci1: command tx timeout
[   90.925354][ T5776] Bluetooth: hci0: command tx timeout
[   90.930773][ T5083] Bluetooth: hci2: command tx timeout
[   90.988558][ T5776] Bluetooth: hci3: command tx timeout
[   91.092119][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.252975][ T5770] veth0_vlan: entered promiscuous mode
[   91.275626][ T5770] veth1_vlan: entered promiscuous mode
[   91.346452][ T5770] veth0_macvtap: entered promiscuous mode
[   91.424042][ T5770] veth1_macvtap: entered promiscuous mode
[   91.472854][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.496838][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.514241][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.536462][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.555132][ T5770] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.564803][ T5770] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.574988][ T5770] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.584889][ T5770] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.622832][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.733661][ T5773] veth0_vlan: entered promiscuous mode
[   91.782751][ T5771] veth0_vlan: entered promiscuous mode
[   91.815160][ T5773] veth1_vlan: entered promiscuous mode
[   91.845297][ T5772] veth0_vlan: entered promiscuous mode
[   91.856642][ T5771] veth1_vlan: entered promiscuous mode
[   91.881882][ T5772] veth1_vlan: entered promiscuous mode
[   91.895149][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.908618][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.001909][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.033821][ T5772] veth0_macvtap: entered promiscuous mode
[   92.040274][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.063236][ T5771] veth0_macvtap: entered promiscuous mode
[   92.082677][ T5772] veth1_macvtap: entered promiscuous mode
[   92.092153][ T5773] veth0_macvtap: entered promiscuous mode
[   92.123086][  T789] cfg80211: failed to load regulatory.db
[   92.137439][ T5773] veth1_macvtap: entered promiscuous mode
[   92.151954][ T5771] veth1_macvtap: entered promiscuous mode
[   92.172410][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.190784][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.206900][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.246937][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.264533][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.277494][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.316459][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.337679][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.349266][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.359922][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.372569][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.394655][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.405439][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.416022][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.427432][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.438723][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.451150][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.463866][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.480762][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.492850][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.503097][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.520979][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.532848][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.544441][ T5772] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.554068][ T5772] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.563584][ T5772] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.574742][ T5772] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.601102][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.616225][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.632486][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.644909][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.660082][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.676398][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.690700][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.702380][ T5771] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.714358][ T5771] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.725639][ T5771] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.751640][ T5771] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.774378][ T5773] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.786337][ T5773] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.797765][ T5773] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.815534][ T5773] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.033927][ T5786] Bluetooth: hci1: command tx timeout
[   93.039570][ T5776] Bluetooth: hci2: command tx timeout
[   93.045153][ T5776] Bluetooth: hci0: command tx timeout
[   93.069775][ T5776] Bluetooth: hci3: command tx timeout
[   93.378891][ T5777] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   93.581813][ T5777] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   93.626174][ T5777] usb 3-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[   93.667926][ T5777] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.764538][ T2928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.787279][ T5777] usb 3-1: config 0 descriptor??
[   93.804489][ T2928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.872741][ T5777] usb 3-1: bad CDC descriptors
[   93.893682][ T5777] usb 3-1: bad CDC descriptors
[   93.993552][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.127534][ T5777] usb 3-1: USB disconnect, device number 2
[   94.136547][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.291036][ T3505] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.317133][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.341789][ T3505] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.356351][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.522529][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.585472][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.690181][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.748325][    C0] sched: RT throttling activated
[   94.774664][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.077897][ T5776] Bluetooth: hci0: command tx timeout
[   95.077986][ T5786] Bluetooth: hci1: command tx timeout
[   95.083509][ T5083] Bluetooth: hci2: command tx timeout
[   95.149036][ T5776] Bluetooth: hci3: command tx timeout
[  100.043828][ T5881] syz.3.10[5881]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  100.073606][ T5881] loop3: detected capacity change from 0 to 16
[  100.496547][ T5881] erofs: (device loop3): mounted with root inode @ nid 36.
[  104.087658][ T5895] sctp: failed to load transform for md5: -2
[  106.367059][ T5916] netlink: 'syz.1.16': attribute type 1 has an invalid length.
[  108.106219][ T5927] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  108.394769][ T5916] netlink: 20 bytes leftover after parsing attributes in process `syz.1.16'.
[  108.716580][ T5936] loop0: detected capacity change from 0 to 32768
[  108.812253][ T5929] netlink: 28 bytes leftover after parsing attributes in process `syz.1.16'.
[  108.847737][ T5936] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  108.931289][ T5939] loop2: detected capacity change from 0 to 32768
[  108.944932][ T5939] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.20 (5939)
[  108.974388][ T5939] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  108.985017][ T5939] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  108.994415][ T5939] BTRFS info (device loop2): force zlib compression, level 3
[  109.002258][ T5939] BTRFS info (device loop2): force clearing of disk cache
[  109.009505][ T5939] BTRFS info (device loop2): setting nodatasum
[  109.015720][ T5939] BTRFS info (device loop2): use zlib compression, level 3
[  109.023482][ T5939] BTRFS info (device loop2): enabling disk space caching
[  109.030660][ T5939] BTRFS info (device loop2): disk space caching is enabled
[  109.094304][ T5936] XFS (loop0): Ending clean mount
[  109.116636][ T5936] XFS (loop0): Quotacheck needed: Please wait.
[  109.194154][ T5939] BTRFS info (device loop2): enabling ssd optimizations
[  109.201331][ T5939] BTRFS info (device loop2): auto enabling async discard
[  109.227441][ T5939] BTRFS info (device loop2): rebuilding free space tree
[  109.290345][ T5939] BTRFS info (device loop2): disabling free space tree
[  109.297409][ T5939] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  109.309279][ T5939] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  109.356156][ T5936] XFS (loop0): Quotacheck: Done.
[  109.655519][ T5968] process 'syz.1.21' launched './file1' with NULL argv: empty string added
[  110.208061][   T27] audit: type=1800 audit(1777617385.156:2): pid=5972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.19" name="file1" dev="loop0" ino=4422 res=0 errno=0
[  111.701433][ T5771] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  111.956248][ T5983] loop1: detected capacity change from 0 to 512
[  112.025468][ T5983] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  112.038898][ T5983] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  112.163982][ T5983] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  112.174283][ T5983] System zones: 1-12
[  112.222266][ T5983] EXT4-fs (loop1): 1 truncate cleaned up
[  112.237051][ T5983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.785264][ T5770] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  112.874542][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.115833][ T5785] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop2 scanned by udevd (5785)
[  113.447665][ T5987] loop1: detected capacity change from 0 to 32768
[  115.496956][ T5987] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  115.882834][ T5987] XFS (loop1): Ending clean mount
[  115.895720][ T6006] loop0: detected capacity change from 0 to 128
[  115.919295][ T5987] XFS (loop1): Quotacheck needed: Please wait.
[  116.046832][ T5987] XFS (loop1): Quotacheck: Done.
[  117.365473][   T27] audit: type=1800 audit(1777617391.546:3): pid=6012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.26" name="file1" dev="loop1" ino=4422 res=0 errno=0
[  117.412425][ T5774] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  118.515770][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.987707][ T6053] NILFS (nullb0): couldn't find nilfs on the device
[  123.869702][ T6075] warning: `syz.3.36' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  123.943840][ T6068] loop0: detected capacity change from 0 to 4096
[  126.312093][ T5760] libceph: connect (1)[c::]:6789 error -101
[  126.337771][ T5760] libceph: mon0 (1)[c::]:6789 connect error
[  126.569949][ T6092] ceph: No mds server is up or the cluster is laggy
[  131.325031][ T6131] loop1: detected capacity change from 0 to 32768
[  131.332597][ T6131] =======================================================
[  131.332597][ T6131] WARNING: The mand mount option has been deprecated and
[  131.332597][ T6131]          and is ignored by this kernel. Remove the mand
[  131.332597][ T6131]          option from the mount to silence this warning.
[  131.332597][ T6131] =======================================================
[  131.557860][ T6131] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  131.936992][ T6131] XFS (loop1): Ending clean mount
[  131.952481][ T6131] XFS (loop1): Quotacheck needed: Please wait.
[  132.231476][ T6131] XFS (loop1): Quotacheck: Done.
[  133.513464][ T6150] bond0: (slave bond_slave_1): Releasing backup interface
[  133.598298][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  133.699608][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  133.706359][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  137.046435][ T6166] No such timeout policy "syz1"
[  140.244735][ T6182] tipc: Failed to remove unknown binding: 66,0,0/0:1649591139/1649591140
[  140.256790][ T6182] tipc: Failed to remove unknown binding: 66,0,0/0:1649591139/1649591140
[  141.028677][ T6172] loop3: detected capacity change from 0 to 4096
[  143.296016][ T6190] loop1: detected capacity change from 0 to 131072
[  143.397015][ T6190] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  143.405621][ T6190] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  143.442109][ T6192] loop2: detected capacity change from 0 to 512
[  143.559862][ T6192] EXT4-fs warning (device loop2): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  143.581214][ T6192] EXT4-fs (loop2): mount failed
[  143.921614][ T6199] IPv6: NLM_F_REPLACE set, but no existing node found!
[  144.511769][ T6190] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  144.543033][  T789] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  144.550793][  T789] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  145.141047][ T6207] loop3: detected capacity change from 0 to 32768
[  145.167064][ T6210] NILFS (nullb0): couldn't find nilfs on the device
[  145.520734][ T6207] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  145.697261][  T789] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1072ms
[  145.746081][  T789] gfs2: fsid=syz:syz.0: jid=0: Done
[  145.756041][ T5886] gfs2: fsid=syz:syz.0: jid=1: Trying to acquire journal glock...
[  145.892440][ T5886] gfs2: fsid=syz:syz.0: jid=1: Looking at journal...
[  145.992007][ T6207] XFS (loop3): Ending clean mount
[  146.004419][ T6207] XFS (loop3): Quotacheck needed: Please wait.
[  146.066576][ T5886] gfs2: fsid=syz:syz.0: journal 1 mapped with 1 extents in 0ms
[  146.255186][ T6207] XFS (loop3): Quotacheck: Done.
[  147.175744][ T6228] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  147.827507][ T5773] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  147.979493][ T5886] gfs2: fsid=syz:syz.0: jid=1: Journal head lookup took 1953ms
[  148.007188][ T5886] gfs2: fsid=syz:syz.0: jid=1: Done
[  148.074927][ T6190] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  149.098142][ T6190] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[  150.525742][ T6247] syz.3.76 uses obsolete (PF_INET,SOCK_PACKET)
[  154.374141][ T6259] loop3: detected capacity change from 0 to 1024
[  155.768362][ T5777] IPVS: starting estimator thread 0...
[  155.904804][ T6269] IPVS: using max 17 ests per chain, 40800 per kthread
[  155.948962][ T3505] hfsplus: b-tree write err: -5, ino 25
[  155.968311][ T3505] hfsplus: b-tree write err: -5, ino 4
[  155.974189][ T3505] hfsplus: b-tree write err: -5, ino 2
[  160.178393][ T5777] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  160.423045][ T5777] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  160.456955][ T5777] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.465078][ T5777] usb 2-1: Product: syz
[  160.489871][ T5777] usb 2-1: Manufacturer: syz
[  160.505494][ T5777] usb 2-1: SerialNumber: syz
[  160.591137][ T6315] loop3: detected capacity change from 0 to 2048
[  160.701726][ T6315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.741414][ T5777] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  160.763137][ T5777] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  160.788544][ T5777] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[  160.822177][ T5777] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  160.835987][ T5777] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  160.993324][  T788] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  161.019097][ T5777] lan78xx: probe of 2-1:1.0 failed with error -71
[  161.487990][ T5777] usb 2-1: USB disconnect, device number 2
[  161.745041][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.954841][  T788] usb 3-1: Using ep0 maxpacket: 16
[  161.980420][  T788] usb 3-1: config 1 interface 0 altsetting 12 bulk endpoint 0x82 has invalid maxpacket 8
[  162.000181][  T788] usb 3-1: config 1 interface 0 altsetting 12 bulk endpoint 0x3 has invalid maxpacket 16
[  162.010260][  T788] usb 3-1: config 1 interface 0 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  162.173020][  T788] usb 3-1: config 1 interface 0 has no altsetting 0
[  162.957273][  T788] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  162.984986][  T788] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.016984][  T788] usb 3-1: Product: syz
[  163.031588][  T788] usb 3-1: Manufacturer: ⓯㝄瓤ꕕ햙㓻쏀ₖᒥ鰧뗐묁䵏귯―䗟⡈膳參惓챲뛢ﴖΕ៷뙐媯鮯鱒ᒴ呀᧒峽㜻뵈ꅹ塬菚産杫⽳떼㩼헪㺰፟〧뒋ꝅ妷킴ᯁấ南ꚭᝩꜮ။鯝שּ먐ᯂᔘ犒另쟫䂅룯饬㗲炙굡懮结Ｃ헯常쪃Ⱙ脈
[  163.103063][ T6348] loop3: detected capacity change from 0 to 512
[  163.110787][  T788] usb 3-1: SerialNumber: syz
[  163.124553][ T6348] EXT4-fs warning (device loop3): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  163.179551][ T6348] EXT4-fs (loop3): mount failed
[  164.345107][  T788] usb 3-1: can't set config #1, error -71
[  164.370586][  T788] usb 3-1: USB disconnect, device number 3
[  167.501041][ T6376] loop2: detected capacity change from 0 to 40427
[  167.693794][ T6376] F2FS-fs (loop2): build fault injection attr: rate: 174, type: 0x7ffff
[  168.233562][ T6380] loop1: detected capacity change from 0 to 512
[  168.292841][ T6380] EXT4-fs warning (device loop1): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  168.310177][ T6380] EXT4-fs (loop1): mount failed
[  170.107683][ T6386] netlink: 28 bytes leftover after parsing attributes in process `syz.0.104'.
[  170.201085][ T6389] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  175.830768][ T6415] loop2: detected capacity change from 0 to 512
[  176.040966][ T6415] EXT4-fs warning (device loop2): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  176.065158][ T6415] EXT4-fs (loop2): mount failed
[  177.461430][ T6434] loop3: detected capacity change from 0 to 128
[  185.953475][ T6475] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  185.960431][ T6475] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  186.000996][ T6475] vhci_hcd vhci_hcd.0: Device attached
[  186.188255][  T788] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  186.285855][ T5819] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  186.562175][  T788] usb 3-1: Using ep0 maxpacket: 8
[  186.596658][  T788] usb 3-1: config 0 has no interfaces?
[  186.602619][  T788] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  186.613258][  T788] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.406433][  T788] usb 3-1: config 0 descriptor??
[  187.491945][  T788] usb 3-1: can't set config #0, error -71
[  187.500547][ T6481] vhci_hcd: connection reset by peer
[  187.558283][ T5883] vhci_hcd: stop threads
[  187.563400][ T5883] vhci_hcd: release socket
[  187.573912][  T788] usb 3-1: USB disconnect, device number 4
[  187.599819][ T5883] vhci_hcd: disconnect device
[  188.383144][ T6500] netlink: 28 bytes leftover after parsing attributes in process `syz.2.133'.
[  189.158845][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  191.948248][ T5819] vhci_hcd: vhci_device speed not set
[  199.349009][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  199.356215][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  200.429217][ T6603] vivid-002: =================  START STATUS  =================
[  200.437415][ T6603] vivid-002: Radio HW Seek Mode: Bounded
[  200.443496][ T6603] vivid-002: Radio Programmable HW Seek: false
[  200.449718][ T6603] vivid-002: RDS Rx I/O Mode: Block I/O
[  200.455414][ T6603] vivid-002: Generate RBDS Instead of RDS: false
[  200.461811][ T6603] vivid-002: RDS Reception: true
[  200.466933][ T6603] vivid-002: RDS Program Type: 0 inactive
[  200.472737][ T6603] vivid-002: RDS PS Name:  inactive
[  200.478051][ T6603] vivid-002: RDS Radio Text:  inactive
[  200.483614][ T6603] vivid-002: RDS Traffic Announcement: false inactive
[  200.490662][ T6603] vivid-002: RDS Traffic Program: false inactive
[  200.497172][ T6603] vivid-002: RDS Music: false inactive
[  200.502717][ T6603] vivid-002: ==================  END STATUS  ==================
[  201.761910][ T6613] netlink: 'syz.3.162': attribute type 4 has an invalid length.
[  201.818422][ T6614] netlink: 'syz.3.162': attribute type 4 has an invalid length.
[  203.586398][ T6626] loop2: detected capacity change from 0 to 1024
[  203.814625][ T6626] EXT4-fs (loop2): bad geometry: bigalloc file system with non-zero first_data_block
[  203.814625][ T6626] 
[  206.427533][ T6649] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  206.434150][ T6649] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  206.493028][ T6649] vhci_hcd vhci_hcd.0: Device attached
[  207.870567][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  208.308203][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  208.448625][ T6650] vhci_hcd: connection closed
[  208.450128][ T3471] vhci_hcd: stop threads
[  208.468517][ T3471] vhci_hcd: release socket
[  208.474652][ T3471] vhci_hcd: disconnect device
[  214.107637][ T6703] netlink: 68 bytes leftover after parsing attributes in process `syz.1.186'.
[  216.355251][    C0] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.0
[  217.229369][ T6727] netlink: 'syz.0.193': attribute type 10 has an invalid length.
[  217.321005][ T6727] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  217.377952][ T6729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.192'.
[  217.790732][ T6730] 8021q: adding VLAN 0 to HW filter on device bond1
[  217.922676][ T6727] bond_slave_0: entered promiscuous mode
[  217.929053][ T6727] bond_slave_1: entered promiscuous mode
[  217.934886][ T6727] syz_tun: entered promiscuous mode
[  217.999658][ T6727] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  218.040590][ T6727] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[  218.079535][ T6727] bond1: (slave macvlan2): speed changed to 0 on port 1
[  218.167706][ T6727] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  218.331825][ T6727] syz.0.193 (6727) used greatest stack depth: 20840 bytes left
[  218.415515][ T6739] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  218.748881][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  218.755000][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  218.761147][ T5083] Bluetooth: hci3: command 0x0406 tx timeout
[  218.767263][ T5786] Bluetooth: hci0: command 0x0406 tx timeout
[  221.548589][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  221.986405][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  224.847779][ T6779] dvmrp1: entered allmulticast mode
[  225.808720][ T6781] loop7: detected capacity change from 0 to 16384
[  226.343110][ T6785] loop7: detected capacity change from 16384 to 0
[  227.300246][ T6800] loop3: detected capacity change from 0 to 512
[  227.353958][ T6800] EXT4-fs warning (device loop3): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  227.372271][ T6800] EXT4-fs (loop3): mount failed
[  228.449104][ T6812] Zero length message leads to an empty skb
[  233.706653][ T6856] tipc: Started in network mode
[  233.712139][ T6856] tipc: Node identity 8, cluster identity 4711
[  233.718438][ T6856] tipc: Node number set to 8
[  235.226748][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  235.935360][ T6878] loop3: detected capacity change from 0 to 512
[  235.973022][ T6878] EXT4-fs warning (device loop3): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  235.990078][ T6878] EXT4-fs (loop3): mount failed
[  237.335072][ T6888] loop3: detected capacity change from 0 to 2048
[  237.438944][ T6888] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  241.837359][ T6935] loop3: detected capacity change from 0 to 32768
[  241.992449][ T6935] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  242.547868][ T6935] XFS (loop3): Ending clean mount
[  242.581048][ T6935] XFS (loop3): Quotacheck needed: Please wait.
[  242.890887][ T6935] XFS (loop3): Quotacheck: Done.
[  243.846443][ T5773] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  244.335629][ T6956] loop2: detected capacity change from 0 to 512
[  244.372194][ T6956] EXT4-fs warning (device loop2): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  244.392041][ T6956] EXT4-fs (loop2): mount failed
[  246.304121][ T6963] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  247.923955][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  247.957338][ T6963] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  248.001297][ T6963] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  248.096980][ T6963] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  248.118298][ T6963] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  248.132300][ T6963] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  248.151193][ T6963] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  249.842586][ T6996] loop1: detected capacity change from 0 to 512
[  249.865870][ T6996] EXT4-fs: inline encryption not supported
[  249.876175][ T6996] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  249.955695][ T6996] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  249.963992][ T6996] System zones: 1-12
[  250.016211][ T6996] EXT4-fs (loop1): 1 truncate cleaned up
[  250.023343][ T6996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.128289][   T51] Bluetooth: hci0: unexpected event for opcode 0x0c38
[  250.294630][ T5786] Bluetooth: hci2: command 0x0406 tx timeout
[  250.301051][ T5786] Bluetooth: hci3: command 0x0406 tx timeout
[  250.815244][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.675017][ T7011] Malformed UNC in devname
[  251.675017][ T7011] 
[  251.682112][ T7011] CIFS: VFS: Malformed UNC in devname
[  251.705745][ T7011] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  251.717963][ T7011] Cannot find add_set index 0 as target
[  252.516478][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  252.522683][ T5786] Bluetooth: hci2: command 0x0406 tx timeout
[  253.135156][ T7020] loop3: detected capacity change from 0 to 32768
[  253.224449][ T7017] loop2: detected capacity change from 0 to 512
[  253.453583][ T7020] JBD2: Ignoring recovery information on journal
[  253.541529][ T7020] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  253.565278][ T7017] EXT4-fs warning (device loop2): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  253.592810][ T7017] EXT4-fs (loop2): mount failed
[  254.882878][ T5773] ocfs2: Unmounting device (7,3) on (node local)
[  255.091115][ T7035] netlink: 'syz.3.267': attribute type 10 has an invalid length.
[  255.202943][ T7035] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  255.272647][ T7036] 8021q: adding VLAN 0 to HW filter on device bond1
[  256.095035][ T7035] bond_slave_0: entered promiscuous mode
[  256.100896][ T7035] syz_tun: entered promiscuous mode
[  256.115835][ T7035] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  256.134222][ T7035] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  257.586096][ T7055] loop3: detected capacity change from 0 to 764
[  258.942618][ T7063] netlink: 20 bytes leftover after parsing attributes in process `syz.3.274'.
[  259.633786][ T7073] nfs4: Unknown parameter 'noa'
[  259.880342][ T7063] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  259.889622][ T7063] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  259.898562][ T7063] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  259.907595][ T7063] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  260.490417][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.274'.
[  260.502892][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.274'.
[  260.947368][ T7088] loop1: detected capacity change from 0 to 16
[  261.072701][ T7088] erofs: (device loop1): mounted with root inode @ nid 36.
[  263.142869][ T5886] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  263.297425][ T7114] syzkaller0: entered promiscuous mode
[  263.306712][ T7114] syzkaller0: entered allmulticast mode
[  263.365294][ T5886] usb 4-1: config 0 has an invalid interface number: 69 but max is 0
[  263.375355][ T5886] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.406441][ T5886] usb 4-1: config 0 has no interface number 0
[  263.412726][ T5886] usb 4-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  263.429936][ T5886] usb 4-1: config 0 interface 69 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  263.456517][ T5886] usb 4-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  263.497717][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.527662][ T5886] usb 4-1: Product: syz
[  263.531901][ T5886] usb 4-1: Manufacturer: syz
[  263.600306][ T5886] usb 4-1: SerialNumber: syz
[  263.617664][ T5886] usb 4-1: config 0 descriptor??
[  263.647841][ T5886] cyberjack 4-1:0.69: required endpoints missing
[  263.819988][ T7123] loop1: detected capacity change from 0 to 512
[  263.882464][ T7099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.904559][ T7099] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.922918][ T7123] EXT4-fs warning (device loop1): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  263.939860][ T7123] EXT4-fs (loop1): mount failed
[  264.956864][ T7132] mmap: syz.3.283 (7132) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  265.006862][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  265.013832][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  265.318736][    C1] ------------[ cut here ]------------
[  265.324535][    C1] WARNING: CPU: 1 PID: 7135 at net/mac80211/tx.c:5033 __ieee80211_beacon_get+0x1233/0x1600
[  265.334681][    C1] Modules linked in:
[  265.338642][    C1] CPU: 1 PID: 7135 Comm: syz.2.292 Not tainted syzkaller #0
[  265.346025][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  265.356174][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  265.362691][    C1] Code: 24 4c 89 e7 e8 be 74 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 b9 b2 82 f7 0f 0b e9 f6 f7 ff ff e8 ad b2 82 f7 <0f> 0b e9 48 fb ff ff e8 a1 b2 82 f7 48 c7 c7 20 89 64 8e 4c 89 e6
[  265.382391][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  265.388535][    C1] RAX: ffffffff8a046f53 RBX: ffffffff8a045d56 RCX: ffff888026f29e00
[  265.396592][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  265.404642][    C1] RBP: 0000000000000000 R08: ffff888026f29e00 R09: 0000000000000003
[  265.412668][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff8880580763c0
[  265.420730][    C1] R13: dffffc0000000000 R14: ffff8880580768b0 R15: ffff888030d3ac24
[  265.428782][    C1] FS:  00007fef2ce6d6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  265.437808][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  265.444520][    C1] CR2: 00007fc981e17dac CR3: 0000000026198000 CR4: 00000000003526e0
[  265.452576][    C1] Call Trace:
[  265.455909][    C1]  <IRQ>
[  265.458829][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  265.464470][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  265.470040][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  265.476899][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  265.482540][    C1]  __iterate_interfaces+0x243/0x500
[  265.487809][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  265.494146][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  265.501467][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  265.507758][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  265.514879][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  265.520172][    C1]  __hrtimer_run_queues+0x520/0xc40
[  265.525462][    C1]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  265.531519][    C1]  ? hw_scan_work+0xf60/0xf60
[  265.536291][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  265.541456][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  265.547621][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  265.552790][    C1]  handle_softirqs+0x280/0x820
[  265.557735][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  265.562549][    C1]  ? do_softirq+0x1a0/0x1a0
[  265.567147][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  265.572411][    C1]  __irq_exit_rcu+0xd3/0x190
[  265.577081][    C1]  ? irq_exit_rcu+0x20/0x20
[  265.581639][    C1]  irq_exit_rcu+0x9/0x20
[  265.585962][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  265.591669][    C1]  </IRQ>
[  265.594661][    C1]  <TASK>
[  265.597668][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  265.603711][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x17/0x60
[  265.609961][    C1] Code: 48 8b 3d dc f9 03 0d 48 89 de 5b e9 d3 67 57 00 cc cc cc f3 0f 1e fa 48 8b 04 24 65 48 8b 0d b0 93 7c 7e 65 8b 15 b1 93 7c 7e <81> e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 1c 16 00 00
[  265.629660][    C1] RSP: 0018:ffffc900034a7740 EFLAGS: 00000246
[  265.635820][    C1] RAX: ffffffff81b69d6b RBX: ffffea0001284380 RCX: ffff888026f29e00
[  265.643885][    C1] RDX: 0000000080000001 RSI: 0000000000000000 RDI: 0000000000000000
[  265.651937][    C1] RBP: 1ffffd4000250871 R08: ffffea00012843b7 R09: 1ffffd4000250876
[  265.659973][    C1] R10: dffffc0000000000 R11: fffff94000250877 R12: ffffc900034a78a0
[  265.668028][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffea0001284388
[  265.676100][    C1]  ? next_uptodate_folio+0x24b/0xad0
[  265.681521][    C1]  next_uptodate_folio+0x24b/0xad0
[  265.686698][    C1]  filemap_map_pages+0xfd4/0x1970
[  265.691804][    C1]  ? filemap_map_pages+0x1d7/0x1970
[  265.697100][    C1]  ? filemap_read_folio+0x760/0x760
[  265.702366][    C1]  handle_mm_fault+0x3b05/0x4c00
[  265.707387][    C1]  ? handle_mm_fault+0xe7/0x4c00
[  265.712391][    C1]  ? numa_migrate_prep+0x350/0x350
[  265.717580][    C1]  ? follow_page_pte+0x6dd/0x1ac0
[  265.722679][    C1]  ? pmd_lock+0x60/0x60
[  265.726954][    C1]  __get_user_pages+0x5d0/0x1380
[  265.731997][    C1]  ? mtree_destroy+0x30/0x30
[  265.736694][    C1]  ? populate_vma_page_range+0x380/0x380
[  265.742403][    C1]  populate_vma_page_range+0x2c1/0x380
[  265.747968][    C1]  ? fixup_user_fault+0x700/0x700
[  265.753069][    C1]  ? userfaultfd_unmap_complete+0x29f/0x320
[  265.759069][    C1]  ? down_read+0x1ac/0x2e0
[  265.763549][    C1]  __mm_populate+0x260/0x390
[  265.768297][    C1]  ? faultin_page_range+0x8e0/0x8e0
[  265.773571][    C1]  ? up_write+0x1c3/0x410
[  265.777998][    C1]  vm_mmap_pgoff+0x2da/0x3f0
[  265.782660][    C1]  ? account_locked_vm+0x210/0x210
[  265.787860][    C1]  ? ksys_mmap_pgoff+0xea/0x700
[  265.792811][    C1]  ? __x64_sys_mmap+0x7a/0x130
[  265.797637][    C1]  do_syscall_64+0x55/0xa0
[  265.802144][    C1]  ? clear_bhb_loop+0x40/0x90
[  265.806874][    C1]  ? clear_bhb_loop+0x40/0x90
[  265.811650][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  265.817602][    C1] RIP: 0033:0x7fef2bf9cdd9
[  265.822105][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  265.841804][    C1] RSP: 002b:00007fef2ce6d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  265.850277][    C1] RAX: ffffffffffffffda RBX: 00007fef2c215fa0 RCX: 00007fef2bf9cdd9
[  265.858357][    C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[  265.866429][    C1] RBP: 00007fef2c032d69 R08: ffffffffffffffff R09: 0000000000000000
[  265.874485][    C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  265.882512][    C1] R13: 00007fef2c216038 R14: 00007fef2c215fa0 R15: 00007fff08ffa288
[  265.890620][    C1]  </TASK>
[  265.893865][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  265.901209][    C1] CPU: 1 PID: 7135 Comm: syz.2.292 Not tainted syzkaller #0
[  265.908632][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  265.918779][    C1] Call Trace:
[  265.922111][    C1]  <IRQ>
[  265.925020][    C1]  dump_stack_lvl+0x18c/0x250
[  265.929767][    C1]  ? show_regs_print_info+0x20/0x20
[  265.935030][    C1]  ? load_image+0x420/0x420
[  265.939604][    C1]  panic+0x2dc/0x730
[  265.943555][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  265.948387][    C1]  __warn+0x2e0/0x470
[  265.952417][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  265.958192][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  265.963958][    C1]  report_bug+0x2be/0x4f0
[  265.968337][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  265.974118][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  265.979888][    C1]  ? __ieee80211_beacon_get+0x1235/0x1600
[  265.985690][    C1]  handle_bug+0xcf/0x120
[  265.989980][    C1]  exc_invalid_op+0x1a/0x50
[  265.994526][    C1]  asm_exc_invalid_op+0x1a/0x20
[  265.999507][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  266.005887][    C1] Code: 24 4c 89 e7 e8 be 74 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 b9 b2 82 f7 0f 0b e9 f6 f7 ff ff e8 ad b2 82 f7 <0f> 0b e9 48 fb ff ff e8 a1 b2 82 f7 48 c7 c7 20 89 64 8e 4c 89 e6
[  266.025638][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  266.031845][    C1] RAX: ffffffff8a046f53 RBX: ffffffff8a045d56 RCX: ffff888026f29e00
[  266.039862][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  266.048051][    C1] RBP: 0000000000000000 R08: ffff888026f29e00 R09: 0000000000000003
[  266.056087][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff8880580763c0
[  266.064117][    C1] R13: dffffc0000000000 R14: ffff8880580768b0 R15: ffff888030d3ac24
[  266.072170][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  266.077781][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  266.083567][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  266.089350][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  266.094958][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  266.100482][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  266.107329][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  266.112958][    C1]  __iterate_interfaces+0x243/0x500
[  266.118285][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  266.124593][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  266.131859][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  266.138155][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  266.145252][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  266.150509][    C1]  __hrtimer_run_queues+0x520/0xc40
[  266.155846][    C1]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  266.161882][    C1]  ? hw_scan_work+0xf60/0xf60
[  266.166619][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  266.171781][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  266.177966][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  266.183131][    C1]  handle_softirqs+0x280/0x820
[  266.187942][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  266.192753][    C1]  ? do_softirq+0x1a0/0x1a0
[  266.197309][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  266.202575][    C1]  __irq_exit_rcu+0xd3/0x190
[  266.207220][    C1]  ? irq_exit_rcu+0x20/0x20
[  266.211756][    C1]  irq_exit_rcu+0x9/0x20
[  266.216207][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  266.221889][    C1]  </IRQ>
[  266.224844][    C1]  <TASK>
[  266.227804][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  266.233820][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x17/0x60
[  266.240016][    C1] Code: 48 8b 3d dc f9 03 0d 48 89 de 5b e9 d3 67 57 00 cc cc cc f3 0f 1e fa 48 8b 04 24 65 48 8b 0d b0 93 7c 7e 65 8b 15 b1 93 7c 7e <81> e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 1c 16 00 00
[  266.259655][    C1] RSP: 0018:ffffc900034a7740 EFLAGS: 00000246
[  266.265755][    C1] RAX: ffffffff81b69d6b RBX: ffffea0001284380 RCX: ffff888026f29e00
[  266.273841][    C1] RDX: 0000000080000001 RSI: 0000000000000000 RDI: 0000000000000000
[  266.281876][    C1] RBP: 1ffffd4000250871 R08: ffffea00012843b7 R09: 1ffffd4000250876
[  266.289876][    C1] R10: dffffc0000000000 R11: fffff94000250877 R12: ffffc900034a78a0
[  266.297883][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffea0001284388
[  266.305888][    C1]  ? next_uptodate_folio+0x24b/0xad0
[  266.311212][    C1]  next_uptodate_folio+0x24b/0xad0
[  266.316360][    C1]  filemap_map_pages+0xfd4/0x1970
[  266.321421][    C1]  ? filemap_map_pages+0x1d7/0x1970
[  266.326653][    C1]  ? filemap_read_folio+0x760/0x760
[  266.331891][    C1]  handle_mm_fault+0x3b05/0x4c00
[  266.336880][    C1]  ? handle_mm_fault+0xe7/0x4c00
[  266.341852][    C1]  ? numa_migrate_prep+0x350/0x350
[  266.346985][    C1]  ? follow_page_pte+0x6dd/0x1ac0
[  266.352051][    C1]  ? pmd_lock+0x60/0x60
[  266.356241][    C1]  __get_user_pages+0x5d0/0x1380
[  266.361227][    C1]  ? mtree_destroy+0x30/0x30
[  266.365893][    C1]  ? populate_vma_page_range+0x380/0x380
[  266.371568][    C1]  populate_vma_page_range+0x2c1/0x380
[  266.377066][    C1]  ? fixup_user_fault+0x700/0x700
[  266.382123][    C1]  ? userfaultfd_unmap_complete+0x29f/0x320
[  266.388054][    C1]  ? down_read+0x1ac/0x2e0
[  266.392497][    C1]  __mm_populate+0x260/0x390
[  266.397117][    C1]  ? faultin_page_range+0x8e0/0x8e0
[  266.402347][    C1]  ? up_write+0x1c3/0x410
[  266.406704][    C1]  vm_mmap_pgoff+0x2da/0x3f0
[  266.411347][    C1]  ? account_locked_vm+0x210/0x210
[  266.416498][    C1]  ? ksys_mmap_pgoff+0xea/0x700
[  266.421383][    C1]  ? __x64_sys_mmap+0x7a/0x130
[  266.426177][    C1]  do_syscall_64+0x55/0xa0
[  266.430623][    C1]  ? clear_bhb_loop+0x40/0x90
[  266.435336][    C1]  ? clear_bhb_loop+0x40/0x90
[  266.440041][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  266.445962][    C1] RIP: 0033:0x7fef2bf9cdd9
[  266.450404][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  266.470038][    C1] RSP: 002b:00007fef2ce6d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  266.478485][    C1] RAX: ffffffffffffffda RBX: 00007fef2c215fa0 RCX: 00007fef2bf9cdd9
[  266.486499][    C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[  266.494495][    C1] RBP: 00007fef2c032d69 R08: ffffffffffffffff R09: 0000000000000000
[  266.502489][    C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  266.510484][    C1] R13: 00007fef2c216038 R14: 00007fef2c215fa0 R15: 00007fff08ffa288
[  266.518496][    C1]  </TASK>
[  266.522126][    C1] Kernel Offset: disabled
[  266.526592][    C1] Rebooting in 86400 seconds..