last executing test programs:

4m35.059798142s ago: executing program 1 (id=560):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
write$cgroup_subtree(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)

4m32.77897106s ago: executing program 1 (id=575):
r0 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xa)
fchdir(r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r4 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)

4m32.544314826s ago: executing program 1 (id=577):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x404c031}, 0x404a05c)

4m32.206571308s ago: executing program 1 (id=590):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
recvfrom(r1, &(0x7f0000004000)=""/4112, 0xfffffffffffffedc, 0x2080, 0x0, 0x0)

4m31.072690011s ago: executing program 1 (id=582):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

4m30.696284926s ago: executing program 1 (id=586):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x80fe, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x24}}, 0x20000000)
write$tcp_mem(r0, &(0x7f00000003c0)={0xff, 0x2d, 0x0, 0x3a, 0x1, 0x2c}, 0x48)

4m21.739915037s ago: executing program 2 (id=652):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000005180), 0x1, 0x50ec, &(0x7f00000051c0)="$eJzs3U+IVVUcB/Dz5o8zKcw8QcighS3chhQtVIYeYZCL9KUQtDAnF0EIMtguwWxEEIwaCaSsQAuG3MgDIUGYEBe1CTRJEFqY4KaVQrtaFO/de968d67vvueojennEzP3nvu759zzHncx35fnvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhDVv194vq09tvHJh4eyWg7MHGsdvzh89EkKldbyS13e/8tqOd3fufn08dph+I9tWq72GzLr+njVWdB1s9uv+eSeEMJoMMJxvXx0ujNq5u784YKlrx/adnj25fdPCmvVTl3bNnyu+dJrGl3sCyyW/r24t3ku11u+h5Ix2u+PWq3Tdoln/9Ib7T14EAHBPNtRbm/afo/mfuO32obSetGtJey5px78Q5jobS5GNu6LXPNel9WWaZy2LCmM955nU8/e/3a6n/ZN2EjXuYZ7dp+aRZrzXPGeS+nLNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRcqb2wday+tTGKxcWzm45OHugcfzm/NEjIVRbxytZufL07RMjY9e3/fDRja9PvrT66t/Deb+4Hek4OVyPOxsnQ9jTUbkVh/1jIoR6d6HVDF8UC++1drbGAgAAAI+TZ1q/h9rtLA6OdrUrrTRZaf0XZWHx2rF9p2dPbt+0sGb91KVd8+eWPl69x3i1u47XblcXfyodwTjG33S8xXo8dX9hnHLpiGmeP//Ltq/K+hfyf7U8/8d3Tv4HAADgfsj/6Tjl+uX/PZufnSnrX8j/67ouWcj/ccYx/w+FpeV/AAAAeJQ97PxfK4xTrl/+f/Hwm9+X9S/k/w2D5f+RzmnHgz/HCe+dDGFDv6kDAAAAPcT/77740ULM69knB2lev/rNU7+WjVfI/7XB8v/oA31VAAAAwP3YXr3xfFm9kP/rg+X/sYc6awAAAOBefF75ZLasXsj/04Pl/5X5Nl/5kHX6Mf4rhM8mQxhv7sxkhZ/C3MvtAgAAAPCAxJz+6cffXi47r5D/Z8qf/x+fdBDX/3c9/6+w/r+jkD31b7MHAwAAAPAkKq7nj4/Hz765oNf37w+6/n/i5u3vyq5fyP+HBsv/w53bB/n9fwAAALAE/7fv/3urME65fs///2von4tl/Qv5f26w/B+3qzpf3sX4/hyeDGFtcyd/muCZeLm9SaEx2lFoqSc9dsYeeaEx1lFomUl6vDAZwnPNnUNJYXUszCWFOxN54VRSuBwL+f3QLpxNChfjnXZiIp9uWjgfC/kCi0ZcQbGqvSQi6fFnrx7Nwl17/Na+OAAAwBMlhuc8y452N0MaZRuVfies7HfCUL8ThvudMJKckJ7Y63iY7i7E4x/uOP1lKFHI/6cGy//xrViRbXqt/w9x/X/+vYbt9f/TsVBNCo1YqKdPDKjHa2Rh91i8RrWe97iztl0AAACAx1r8XGB4mecBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7J3rzFyXfUBwM8+Z3e93l0TpASKYAElIZW8Xm+wpZAgbKAEgQSbynyoUISNvUk33iTGDwmHh9YOQaAUNSkpCShQuxUUf0lWVIhHgVhRcVQ1VaNUQk5T8qYREtTkoVTUQa5m7z2zd87deTjedbzp7yd558z8z/POw3PuvXMuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/8ORW95xXrP4uy976Mc/vef9nz/4mbnbn/zOl24JYXL+8Y4s3HH+ia91V45/5GcHHv/mNzasefhkb14uj4dV1T+d+Z0vxFqfWR3CDzpC6E4DawezQE9+fzDW96bBENaEhUCtxNRAViJtOPy8P4RDYSFQq+pH/SEMFgJbHr7/vq9UE3f0h3BhCKGStvHLStZGfxq4qDcLDKSBG7uzwP+cytQCP+zMAnDG4puh9qKfm6zPMLJ4uQavv54l69irKx1eV0yMNM73283L3KmC3vSByTN62krVsSxKb4+j3m0r4N1W2s63edqKX6TybyinFkKV0Llj6ppt+2b2xkc6w9hYV6Oalul5fuS5z24/nfSKeR3GDowsyevwzq8/9blvPX3l3Xd98QNX3/vi86Nn2s3jhU1aTC+3SshfcyvmeYw2+TxZAW+/0rekUV+6QghffuJv/6RZvDT/H2k+/48v53jbWZc71npyKJubx0cGY+LEUDY3BwAAgBVjJew1nf3O5RPN6ivN/0fbO/4fD/nnk/lstEdD2DSfuHk4hAvmH88CR2JznxwO4a3zqcn6wOYkcDSEN8wnLqlVlZToiyVGk8CzQ3lgUxI4FgOTSeDbMXBbEvhCDMwlge0xcDQJvDcGwnT9OP54KB9H24H+GNiabcS5eBbCC0OxtWRbPVqrCgAAYInks8Oe+ruFcx3ONEOcXs71t8oQz8BumKGS1JDOYGvTqoY1dLeqobNVDbVxzzYffqnmjlY1l07D6KjPsPuzv/uz0ERp/j/efP5fWaQjHaXj/yFcNf835u7MIzO1+NbJugwAAADAGVi1+YYtzeKl+f+m9s7/j/tEugqZw4NxN8TO4RDG6wNZtZeXA9lR71V5AAAAAFaC2vH42rHw6fw2O0U7nU+X80+eZv544H/Tovl//cF3Xdesv6X5/2R75/8P1N9mnTgWe/HV4RD6CoEHYi+rgXmjMfDEe+oD+fiPxQ1wa6wqPzGhVtWtscTWGBhPAocalXioVuKC+kD+ZNUav7k2jum8RCEAAAAAZ13cHRCPy8fz/x/Zd/x9zcqV5v9bT+/8//l5cOn0/plVIazrDqEr/WHAgwPZwoAxMNiRJ346kNXVlVZ1YCCEK6oDS6t6Ml//vztdY/Dh/qyqGLjgbd997qJq4u/6Q1hXDPzi44c3VBN7k0Ct8Y/1h/CW6mjTxr/flzXekzZ+Z18Iby4EalV9si+EamO9aVX3V/LrGKRV3VsJ4bxCoFbVxkoI+wMAK1T8r3RH8cE9+2/auW1mZmr3MibiPvz+cM30zNTY9htndlQa9GlH0ue6ZYwOlMfUcDmkxKP5EkVHXr5sqJ107XeC48W+5PvxSycO5vfjd6Ge+XFO9NTdvTQd8jveXm4iFL5JvVpDHihWsvAkluqP+XvDqtC3b8/U7rFPb9u7d/f67G+72Seyv3FQ2bZan26rgcX6dg68PC4uVrJu7/W71u3Zf9Pa6eu3XTt17dQNE+Pv3LBxw8T4xo3rqqMaz/62GOrFi1WdDPXU4bM/1Dd2Fyo5G58aEhISKy0xe/PhVc0+fkrz/13N5//xUyd+8ufrMzQ6/j8SD/Nnjy8c5t8aA4faPf4/0uhofu3EgNEkMBsDsw7zAwAA8NoQd0fG3Y5xr3Xv4Ut/06xcaf4/297v/5do/f/a0vUfarTM/yWxxHij9f/TZf5r6//PNlr/P13mv7b+/6FXYf3/fbVAsklesP4/AADwWnD21v9vubx/eoGAUoaWy/unFwgoZWi5jH+7Fwg47fX/J657/JnQRGn+f1t7838L9wMAAMC54/Z/eu4tzeKl+f+h9ub/Z3/9v9Do/P/RRoHJRgsDWv8PAACAFarR+n+nhv/iY83Kleb/c+3N/+NpF511uWOtJ4eyNe1CuqbdiaHaTwYAAABgZegMY2M9beatWxl18ytv85F8KdBm6aIHLv+va5vVV5r/H21v/l/3u4w7v/7U57719JV3n7zrix+4+t4Xnx9dOP4PAAAALJ9290sAAAAAAAAAAAAAAACvvn2f+NcTzeKl3/+Hq+Yfb/T7/3jdv/j7gtfX5Y61tl7/L7+/5cP37J9fsvDBoRDeXgzsPLhzTcivzX9xMXDf1ZecX00cTEv85LH3/qqa+EQa+ODa171UTVyRBLbGRRLfkAbiVRVfWp0E4vKK/54G4vaYSwO9eeDLq7NxdKTb6teD2bbqSLfVfwyGMFwI1LbVDwazNjrSAd6RBGoD/FQaiAP8SB7oTHt1z6qsVzEwGIv+zaqsVwAAnLPit8CecM30zNR4/Aofb9/YXX8b1S1ZdqBcbVebzT+aL0125OXLhtpJd6XfRReuNd4TKtUhrC99XS1m6Zgf5dLU0mLTvb7BkFut9rZcm6638Yj6sxGNbb9xZkdPy4Ff2jrLRHfLLOtLk51ils75TdpGLW30pY0Rtblt2uhyvN8Zxsa6klzvisGRUKfVK6Ld3+sX1/lr9Coo5jkw0/OHZvWV5v8j7c3/K8VxvZRfDGA2XlnvL4ct8w8AAADL68ubf39X/PeT4Y/+Z7O8pfn/aHvz/7hjLD8UnO3tOBqv/3/zcAjzl9YfyQJHYnOfHA7hrfOpyVgiu6D+h2KJ8SxwJO4wuSSW2DpZX1VfDMwlgWeH8sDRJHAsBvK9FN8N+a6c24dC2DCfuqq+xK5YYiQJfDQGRpPAWAyMJ4HVMbApCfxmdR6YTAL/EgNhun5b/cPqfFsBAACcjnye1VN/N6TzvLnuVhk6WmUYaJWhs1WGSqsMjUYR738vZugpHo/PM8SHetJa+5NaShnixfBPu1+lDOGh+pxpwVLTtTNJRupzxgxb5g6uDk2U5v/j7c3/B+pvs9aPxfn/wvX/ssADsXtfjaeOj8bAE++pD+Q7Bo7Fye6ttaom8xL5pP3WWGJTDIwmgV0xsCkJbL0qDxw6vz6Qz7Rrjd9ca3w6L1EIAAAAwFkXdxDE3TRx/v/ffX/462blSvP/Te3N/2N7q4qNfSHW+szqEH7QsdCbWmDtYBaI+zEG48/j3zQYwprCDo5aiamBrERv0nD4eX/2C/XetKof9Wc/Poj3tzx8/31fqSbu6A/hwsLel1obv6xkbfSngYt6s8BAGrixOwvEPT+1wA87swCcsdpewfiCyk91qRlZvFyD199r5Zqg6fBK+0AXybfYb66WSyV9IN+nWnN6T1upOpZF6e1x1LttJb7bRrzbil+k8m8opxZCldC5Y+qabftm9sZHir9kLVmm57n4K9V20kvwOpx95b1trZJ2YDz5+BhfvNzir8OOWN2dX3/qc996+sq77/riB66+98XnR9vuRgPxh8I3XPe/Q8cLm3e5VUL+mltxnyeTPk9W4n8Do562EMItcxe80Cxemv9Ptjf/705u5/0+bsw9wyG8o7BxH4yb/33D2edgIZB9Sp5XDmSH3J8eavjJCQAAAEuttrujtr9gOr/NTghP58nl/JOnmT/ur9i0aP52+/2ZCy/8x2bx0vx/a/P5f1/STcf/Hf9nmTj+v6hzfVd0X/rA7Bntii5Vx7Jw/H9R5/q7zfH/RTn+7/j/Yhz/b8Hx/0Wd609b6VvSLl+6Qgj937/8oWbx0vx/V3vzf+v/Lb5oX239v62N1v/b1Wj9v1nr/wEAAMuqwUJz6TyvtHpfKUO6el8pQ8sFAlsuMWj9v9Ne/2/grz7+u9BEaf4/2978P74cVhVbXynr/41e1aCq22Jgl4UBAQAAOBc12kEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAq+vZ4wPvbxZ/92UP/fin97z/8wc/M3f7k9/50i0hTM8/3pGFO84/8bXuyvGP/OzA49/8xoY1D5+s5OV68ts/qssdaz05FMKhwiODMXFiqHpnIbDlw/fs764mHhwK4e3FwM6DO9dUE98eCuHiYuC+qy85v5o4mJb4yWPv/VU18Yk08MG1r3upmrgiD3Sk3b17ddbdjrS7X1kdwnAhUOvudavrq6q1cWUe6Ezb+PvBrI0YGIxF7xrM2oiBmVhiui+Edd0hdKVV/XMlq6orrerHlayqrrSqz1dCuCKE0J1W9VhvVlV3OvJ/682qioEL3vbd5y6qJg71hrCuGPjFxw9vqCY+lQRqjf9pbwhvqb5k0sa/15M13pM2fkdPCG8OIfSmJV7szkr0piWe7A7hvEKg1vifd4ewP/CaED98dhQf3LP/pp3bZmamdi9jojdvqz9cMz0zNbb9xpkdlaRPjXQU0qcOlOOdbY790ec+u716e+Tly4baSXfn5XrmuzzRU3f30qXqfccy9T72a6BYycLzUao/5u8Nq0Lfvj1Tu8c+vW3v3t3rs7/tZp/I/nbl0WxbrV+qbdWuV7qtLi5Wsm7v9bvW7dl/09rp67ddO3Xt1A0T4+/csHHDxPjGjeuqoxrP/i7FUA+X413LPNQ3dhcqORsfABISEist0Vn36TZ+rv+XXfqiv9DRnlCZ/4AuTSuKWTrmR7kUg97cPL6Ugy5NSUojWl+aOJSyTLTOcmlpMrGQpT/LMv+9rjQ5LNbUOb9J4/3OMDbW8H+6kfq7xc3320U2b7seyTddu2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/YwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//19BHGg==")
openat(0xffffffffffffff9c, 0x0, 0x107842, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000004640)=""/94, 0x5e, 0x7)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000000c0)={{}, 0x0, 0x0, 0x100000})
mount$overlay(0x0, 0x0, 0x0, 0xc2006, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
chdir(0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0)
statx(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x100, 0xb38dcf3f7bb4b8a7, 0x0)

4m20.148467051s ago: executing program 2 (id=660):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x48e02, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'pimreg0\x00', 0x1})
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000000000)=""/24, 0x0, 0x8000000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='oom_score\x00')
r3 = socket$nl_route(0x10, 0x3, 0x0)
dup3(r0, r2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f00000000c0)={0x0, r2})
dup3(r3, r1, 0x80000)

4m19.312012335s ago: executing program 2 (id=666):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000380)={[{@debug}, {@delalloc}, {@journal_ioprio}, {@test_dummy_encryption}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@acl}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
chdir(&(0x7f00000003c0)='./bus\x00')
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec772000)
r1 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

4m17.975975632s ago: executing program 2 (id=671):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0xfd, 0x2a9, &(0x7f0000000980)="$eJzs3M9qE20Ux/HzNn2bNLVNBBEU1INudDO08QI0SAtiQKlNURfC1E40ZEzKTKhExGYjbr2O4tKdoN5AN+LGvbsiCG66EEc6k2mTNq1pmn+23w+U50nO82NO22k5KTTr9948LeRcI2eWZSimMiRSlQ2R5Oau5r/aOuTvR6ReVa6M/fx67u79B7fSmcz0rOpMeu5qSlUnLnx49uLtxU/lsfl3E++jspZ8uP4j9W3t9NqZ9d9zT/Ku5l0tlspq6kKpVDYXbEsX827BUL1jW6Zrab7oWk5DPWeXlpYqahYXx+NLjuW6ahYrWrAqWi5p2amo+djMF9UwDB2Py/E23MKZ7OrsrJnes+xFOtoRum602ZOOk642L2ZXe9ATAAAYMPvP/8Gsv/f8n5kP1g7P/yLM/11SbXj0l/kfR4LjpM147ee3EfM/AAAAAAAAAAAAAAAAAAAAAAD/gg3PS3ielwjX8CMqIjERCR/3u090R5vf/2t9ahcdVvePezER+/VydjkbrEE9nZO82GLJpCTkl38/1AT7mZuZ6Un1JeWjvVLLryxnIxIN86Fks/z5k1NBXhvz/0u8/vopScip5tdPNc2PyOVLdXlDEvL5kZTElkX/vt7Ov5xSvXE7syM/6p8DAAAAAOAoMHTLrtfvft0/EJPd9SB/gL8P7Hh9PSxnW3mLSgAAAAAAcGhu5XnBtG3LaWMTFZFDxO2FE0EPbcYHdRORgWhjx+a6iAxAG73axEQkeEbbiX/fireU8lo4M7x5p/f7y3KATb9/MwEAAADotO2h/wChL6+62BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMdPq+8HFp7fVQoL+8TrLhfp+ScIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADJA/AQAA//9rfR0F")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18}, 0x18)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x2020)

4m16.524187076s ago: executing program 2 (id=674):
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './mnt'}, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-ssse3\x00'}, 0x58)
r2 = accept4(r0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x8000, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfe1b)

4m15.439808577s ago: executing program 32 (id=586):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x80fe, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x24}}, 0x20000000)
write$tcp_mem(r0, &(0x7f00000003c0)={0xff, 0x2d, 0x0, 0x3a, 0x1, 0x2c}, 0x48)

4m15.280363437s ago: executing program 2 (id=678):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000400)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000000000100000000", @ANYRES32, @ANYBLOB="00c00100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000040000000000000000000000000000000000000000000000b9483d2185081bec880f4d5ba61e75eb16d93d7b27ec24c5cfb02a8ddbc68cd4594c6752d36b240dbed49201c73e03d2d6565288a1dc80efee60a4aac0025b868364ad4c4b449b3d4feed3ef9f51c685aac97d217f334c9d4e79efeef83e776fc31c0c8a00"/141], 0x50)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
syz_clone(0xc2164000, 0x0, 0x0, 0x0, 0x0, 0x0)

4m14.830244687s ago: executing program 33 (id=678):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000400)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000000000100000000", @ANYRES32, @ANYBLOB="00c00100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000040000000000000000000000000000000000000000000000b9483d2185081bec880f4d5ba61e75eb16d93d7b27ec24c5cfb02a8ddbc68cd4594c6752d36b240dbed49201c73e03d2d6565288a1dc80efee60a4aac0025b868364ad4c4b449b3d4feed3ef9f51c685aac97d217f334c9d4e79efeef83e776fc31c0c8a00"/141], 0x50)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
syz_clone(0xc2164000, 0x0, 0x0, 0x0, 0x0, 0x0)

20.672148787s ago: executing program 5 (id=1629):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$inet_int(r0, 0x0, 0x14, 0x0, 0x0)

11.812718183s ago: executing program 3 (id=1651):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000280)={0x2, 0xe28, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
getpeername$packet(r0, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x6, 0x0, 0x0, 0x0, 0x73, 0x11, 0x3b}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x70)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, 0x0)
unshare(0x400)
fchmod(0xffffffffffffffff, 0x0)
ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f0000000180)={0x1, &(0x7f0000000200)=[{0x4, 0x2}]})
r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x8)
ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000000)={0x0, 0x8001, 0x2, 0x4, 0xa, "e457433cf29cec892b6ab3265d6c62f299a6fa"})

11.809762163s ago: executing program 6 (id=1653):
r0 = gettid()
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x800)
r1 = socket$nl_route(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl(r1, 0x8b2a, 0x0)
pselect6(0x40, &(0x7f0000000040)={0xc, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0x0, 0x0, 0x0)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r2, 0x0, 0x0}, 0x20)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)

8.722093573s ago: executing program 6 (id=1654):
socket$igmp(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x41, &(0x7f0000000200)={0xa, 0x4e23, 0x10001, @loopback, 0xe}, 0x1c)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000004440)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000002600)=ANY=[], 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)
sendto$inet6(r0, &(0x7f0000000700)='\x00', 0x1, 0x4090, 0x0, 0x0)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000340)=',', 0x34000}], 0x1)

8.62046604s ago: executing program 0 (id=1655):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x3}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x9af33139c2c4eaae}, 0x20)

8.619869839s ago: executing program 5 (id=1656):
setpriority(0x1, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffe25)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x60}, [@IFLA_MASTER={0x8, 0x3, r4}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @mcast1}]}}}]}, 0x50}, 0x1, 0xd, 0x0, 0x480c5}, 0x0)

7.577564038s ago: executing program 0 (id=1658):
openat$kvm(0xffffffffffffff9c, &(0x7f0000002180), 0xa0002, 0x0)
munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f00009a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000fef000/0x4000)=nil)
mlock(&(0x7f00000fc000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000084c000/0x3000)=nil)
mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil)
mremap(&(0x7f0000883000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f00004ce000/0x4000)=nil)
munmap(&(0x7f0000308000/0x4000)=nil, 0x4000)
mremap(&(0x7f000076c000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000397000/0x1000)=nil)
munmap(&(0x7f0000866000/0x3000)=nil, 0x3000)
madvise(&(0x7f0000678000/0x14000)=nil, 0x14000, 0x12)
mremap(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x800000, 0x3, &(0x7f00007fd000/0x800000)=nil)

7.483461444s ago: executing program 6 (id=1659):
socket$xdp(0x2c, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000600)='task_rename\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r2, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000000000029000000", @ANYRES16=r2], 0x18}, 0x40c0)

7.453711926s ago: executing program 4 (id=1660):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0)

7.349972892s ago: executing program 5 (id=1661):
r0 = syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x0, 0x20e}, &(0x7f0000ff0000), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/14, 0xe}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8082, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800001965ba917c62e1e6902300000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r2}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0)

7.305956115s ago: executing program 3 (id=1662):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)

7.012115544s ago: executing program 0 (id=1663):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r3)
sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x20, r4, 0x1, 0x70bd28, 0x25dfdffb, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000}, 0x4000000)

6.440846381s ago: executing program 6 (id=1664):
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x6)
r3 = socket$inet(0x2, 0x5, 0x0)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

5.23268521s ago: executing program 4 (id=1665):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840)
inotify_init()
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000005500d509000000000000000007000000", @ANYRES32=r5, @ANYBLOB="20000280", @ANYRES32=r3, @ANYBLOB="0000000000000000000000000a000000000000000000001420000100", @ANYBLOB="00000000ac1404ae00000000000000000000000086dd"], 0x58}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
utime(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x5, 0x4})
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x144, 0x10, 0x713, 0x0, 0x25dfdbbb, {{@in6=@empty, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0xa, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in=@multicast2, 0xfe, 0x32}, @in=@broadcast, {0x0, 0x0, 0x0, 0x8, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x1, 0x0, 0x50}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}, @extra_flags={0x8, 0x18, 0xe}]}, 0x144}, 0x1, 0x0, 0x0, 0x880}, 0x2000)

5.000934815s ago: executing program 3 (id=1666):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

4.883380972s ago: executing program 5 (id=1667):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
symlink(0x0, &(0x7f0000000080)='./file0\x00')
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r3})

4.144094801s ago: executing program 0 (id=1668):
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
epoll_create(0xfff)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0)

4.090569024s ago: executing program 6 (id=1669):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc040564a, &(0x7f0000000340)={0x0, 0x1, 0x100a, 0xffffffffffffffff, 0x0, 0x0})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x2000404, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000010280)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)

3.611857125s ago: executing program 4 (id=1670):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x4000000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

3.063063711s ago: executing program 5 (id=1671):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x6d7, 0x3, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c)

3.027703723s ago: executing program 4 (id=1672):
setpriority(0x1, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffe25)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x60}, [@IFLA_MASTER={0x8, 0x3, r4}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @mcast1}]}}}]}, 0x50}, 0x1, 0xd, 0x0, 0x480c5}, 0x0)

3.027011043s ago: executing program 3 (id=1673):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3010000}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0x41}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.695887925s ago: executing program 0 (id=1674):
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x185800, 0xbe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1a8}, 0x1, 0x0, 0x0, 0x5}, 0x0)
wait4(r3, 0x0, 0x80000000, 0x0)
ptrace(0x10, r3)
r4 = syz_pidfd_open(r3, 0x0)
waitid$P_PIDFD(0x3, r4, 0x0, 0xa000000c, 0x0)

1.937598124s ago: executing program 4 (id=1675):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=@base={0x9, 0x18, 0x8, 0x40, 0x42, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r4}, 0x38)

1.870660129s ago: executing program 5 (id=1676):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000001000000280001801400040000000000000002000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r4, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

1.869911288s ago: executing program 3 (id=1677):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000003f000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)

863.687364ms ago: executing program 4 (id=1678):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
clock_settime(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)

104.626293ms ago: executing program 0 (id=1679):
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x4)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000000)={0x1})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x1, 0x0, 0x7})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000380)={0x1, 0x0, 0x103ff})

50.195747ms ago: executing program 6 (id=1680):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

0s ago: executing program 3 (id=1681):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=@ipv4_newaddr={0x68, 0x14, 0x10, 0x70bd27, 0x25dfdbfe, {0x2, 0x0, 0x8, 0xfe, r1}, [@IFA_ADDRESS={0x8, 0x1, @multicast1}, @IFA_RT_PRIORITY={0x8, 0x9, 0xff}, @IFA_RT_PRIORITY={0x8, 0x9, 0x1000}, @IFA_CACHEINFO={0x14, 0x6, {0x4, 0x7, 0x1, 0x2}}, @IFA_LABEL={0x14, 0x3, 'bond_slave_0\x00'}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x1}, @IFA_TARGET_NETNSID={0x8}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004}, 0x20040840)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r4, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x0)

kernel console output (not intermixed with test programs):

   T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   82.101742][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   82.110410][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   82.119613][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   82.128776][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   82.137852][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   82.149525][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   82.157730][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   82.176919][ T4270] device veth1_macvtap entered promiscuous mode
[   82.206849][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.217023][ T4272] device veth1_vlan entered promiscuous mode
[   82.226349][   T59] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   82.235043][   T59] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   82.251602][   T59] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   82.266371][   T59] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   82.274404][   T59] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   82.283794][   T59] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   82.320174][ T4267] device veth0_macvtap entered promiscuous mode
[   82.331628][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.351219][ T4268] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.361948][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.425445][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.438026][ T4270] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.445690][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   82.454934][ T4286] Bluetooth: hci4: command 0x040f tx timeout
[   82.456769][ T4280] Bluetooth: hci3: command 0x040f tx timeout
[   82.460985][ T4286] Bluetooth: hci2: command 0x040f tx timeout
[   82.467267][ T4287] Bluetooth: hci1: command 0x040f tx timeout
[   82.480852][   T48] Bluetooth: hci0: command 0x040f tx timeout
[   82.483382][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   82.502700][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   82.511907][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   82.525459][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   82.535267][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   82.544158][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   82.555031][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   82.584161][ T4272] device veth0_macvtap entered promiscuous mode
[   82.602199][ T4267] device veth1_macvtap entered promiscuous mode
[   82.620402][ T4266] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.637124][ T4266] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.649489][ T4266] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.658534][ T4266] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.671605][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.682571][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.694255][ T4270] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.702875][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   82.712751][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   82.722141][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   82.731260][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   82.740112][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   82.749302][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   82.766498][ T4272] device veth1_macvtap entered promiscuous mode
[   82.781116][ T4270] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.791348][ T4270] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.801488][ T4270] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.811077][ T4270] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.832595][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.852820][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.863937][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.874951][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.886892][ T4267] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.913686][ T4272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.933151][ T4272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.944955][ T4272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.955857][ T4272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.965826][ T4272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.976467][ T4272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.988642][ T4272] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.013879][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   83.032291][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   83.041943][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   83.050969][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   83.079065][ T4272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.108557][ T4272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.119888][ T4272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.130661][ T4272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.142217][ T4272] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.151814][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.165592][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.176460][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.187958][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.198690][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.209509][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.221620][ T4267] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.246860][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   83.265773][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   83.275297][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   83.284243][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   83.304206][ T4272] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.319640][ T4272] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.337875][ T4272] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.349826][ T4272] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.362901][ T4267] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.373521][ T4267] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.382653][ T4267] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.391655][ T4267] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.491813][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.503488][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.550675][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.554845][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   83.559615][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.576886][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   83.587191][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   83.596548][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   83.627646][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.634471][ T4268] device veth0_vlan entered promiscuous mode
[   83.641974][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.668209][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   83.681677][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.690301][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   83.698902][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.707261][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.728612][ T4268] device veth1_vlan entered promiscuous mode
[   83.783892][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   83.803799][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.814362][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.838238][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   83.853949][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.890399][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.925953][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.934001][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.944501][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   83.981671][ T4268] device veth0_macvtap entered promiscuous mode
[   83.990878][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.006994][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.037999][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   84.051923][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   84.061463][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   84.106157][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.114228][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.127650][ T4388] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   84.154990][ T4388] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.163770][ T4388] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.197627][ T4268] device veth1_macvtap entered promiscuous mode
[   84.218932][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   84.233502][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   84.295884][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   84.327573][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   84.355717][ T4394] netlink: 'syz.1.7': attribute type 4 has an invalid length.
[   84.404961][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.414180][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.423024][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   84.446610][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   84.535428][ T4286] Bluetooth: hci1: command 0x0419 tx timeout
[   84.541622][ T4286] Bluetooth: hci3: command 0x0419 tx timeout
[   84.548051][   T48] Bluetooth: hci4: command 0x0419 tx timeout
[   84.554690][ T4285] Bluetooth: hci2: command 0x0419 tx timeout
[   84.554710][ T4280] Bluetooth: hci0: command 0x0419 tx timeout
[   84.778861][ T4398] netlink: 'syz.1.7': attribute type 4 has an invalid length.
[   85.151244][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.277647][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.458220][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.523764][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.533702][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.545460][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.556052][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.567404][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.586083][ T4268] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.598718][ T4398] syz.1.7 (4398) used greatest stack depth: 20576 bytes left
[   85.607936][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   85.654280][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.704040][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.724960][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.747920][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.772374][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.789988][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.800581][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.818921][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.831636][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.890595][ T4268] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.933574][ T4407] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1'.
[   85.950872][ T4407] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1'.
[   86.010636][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   86.025696][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   86.074068][ T4268] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.105048][ T4268] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.113856][ T4268] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.168818][ T4268] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.348231][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.370748][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.414231][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   86.443791][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.462714][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.503534][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   86.777620][  T953] cfg80211: failed to load regulatory.db
[   88.175393][ T4448] device vlan2 entered promiscuous mode
[   88.492751][ T4457] netlink: 'syz.3.21': attribute type 10 has an invalid length.
[   88.529619][ T4457] netlink: 40 bytes leftover after parsing attributes in process `syz.3.21'.
[   88.697499][ T4457] team0: Port device geneve0 added
[   89.062775][ T4439] loop0: detected capacity change from 0 to 32768
[   89.187103][ T4439] XFS (loop0): Mounting V5 Filesystem
[   89.318732][ T4439] XFS (loop0): Ending clean mount
[   89.393368][ T4439] XFS (loop0): Quotacheck needed: Please wait.
[   89.431440][ T4483] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   89.497984][ T4439] XFS (loop0): Quotacheck: Done.
[   89.603029][ T4488] process 'syz.2.27' launched './file0' with NULL argv: empty string added
[   90.041253][ T4272] XFS (loop0): Unmounting Filesystem
[   90.086599][  T953] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   90.276432][   T27] audit: type=1326 audit(1759892471.694:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.305210][  T953] usb 5-1: Using ep0 maxpacket: 16
[   90.331627][  T953] usb 5-1: config 6 has an invalid interface number: 227 but max is 0
[   90.354772][  T953] usb 5-1: config 6 has no interface number 0
[   90.370896][   T27] audit: type=1326 audit(1759892471.744:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.376903][  T953] usb 5-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice= 7.79
[   90.428949][  T953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.443241][  T953] usb 5-1: Product: syz
[   90.447938][  T953] usb 5-1: Manufacturer: syz
[   90.453001][  T953] usb 5-1: SerialNumber: syz
[   90.458322][   T27] audit: type=1326 audit(1759892471.864:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.498804][  T953] kalmia: probe of 5-1:6.227 failed with error -22
[   90.538337][   T27] audit: type=1326 audit(1759892471.924:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.571429][   T27] audit: type=1326 audit(1759892471.984:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.636437][   T27] audit: type=1326 audit(1759892472.044:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.728948][   T27] audit: type=1326 audit(1759892472.114:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.810854][   T27] audit: type=1326 audit(1759892472.224:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.870774][   T27] audit: type=1326 audit(1759892472.284:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   90.963060][   T27] audit: type=1326 audit(1759892472.344:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4506 comm="syz.3.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x7fc00000
[   91.053979][ T4314] usb 5-1: USB disconnect, device number 2
[   91.361854][ T4528] loop1: detected capacity change from 0 to 256
[   91.374295][ T4528] =======================================================
[   91.374295][ T4528] WARNING: The mand mount option has been deprecated and
[   91.374295][ T4528]          and is ignored by this kernel. Remove the mand
[   91.374295][ T4528]          option from the mount to silence this warning.
[   91.374295][ T4528] =======================================================
[   91.461018][ T4528] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x5961d1f3, utbl_chksum : 0xe619d30d)
[   91.474406][ T4528] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   91.674169][ T4531] netlink: 'syz.1.43': attribute type 1 has an invalid length.
[   92.000627][ T4540] Zero length message leads to an empty skb
[   94.262990][ T4598] netlink: 4 bytes leftover after parsing attributes in process `syz.1.66'.
[   95.014890][ T4616] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[   95.050680][ T4616] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.059165][ T4616] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.894710][   T22] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   97.118519][   T22] usb 2-1: Using ep0 maxpacket: 8
[   97.131132][   T22] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[   97.163100][   T22] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   97.203612][   T22] usb 2-1: config 0 has no interface number 0
[   97.215666][   T22] usb 2-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[   97.227070][   T22] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[   97.240235][   T22] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   97.250513][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.263954][   T22] usb 2-1: config 0 descriptor??
[   97.277086][   T22] ldusb 2-1:0.55: Interrupt in endpoint not found
[   97.490706][ T4678] netlink: 12 bytes leftover after parsing attributes in process `syz.0.96'.
[   97.614480][ T4678] device gre1 entered promiscuous mode
[   98.214894][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.304554][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   98.312887][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   98.577690][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   98.680108][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   98.842491][    T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!!
[   99.470089][   T27] kauditd_printk_skb: 69 callbacks suppressed
[   99.470104][   T27] audit: type=1326 audit(1759892480.884:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[   99.592072][ T4705] mmap: syz.2.105 (4705) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   99.633940][   T27] audit: type=1326 audit(1759892480.954:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[   99.687225][   T27] audit: type=1326 audit(1759892480.954:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[   99.714716][   T27] audit: type=1326 audit(1759892480.954:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[   99.757655][   T27] audit: type=1326 audit(1759892480.954:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[   99.881506][   T27] audit: type=1326 audit(1759892481.004:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[  100.092807][   T27] audit: type=1326 audit(1759892481.004:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[  100.165324][   T27] audit: type=1326 audit(1759892481.004:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[  100.311036][   T27] audit: type=1326 audit(1759892481.004:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[  100.414814][   T27] audit: type=1326 audit(1759892481.104:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4704 comm="syz.2.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x7ffc0000
[  100.762685][ T4273] usb 2-1: USB disconnect, device number 2
[  103.554022][ T4748] netlink: 12 bytes leftover after parsing attributes in process `syz.3.121'.
[  104.078889][ T4761] loop0: detected capacity change from 0 to 1024
[  104.134458][ T4761] EXT4-fs: Ignoring removed orlov option
[  104.168970][ T4761] EXT4-fs: Ignoring removed mblk_io_submit option
[  104.288362][ T4761] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  106.801322][ T4272] EXT4-fs (loop0): unmounting filesystem.
[  107.278541][ T4797] netlink: 140 bytes leftover after parsing attributes in process `syz.4.133'.
[  107.309091][ T4797] netlink: 140 bytes leftover after parsing attributes in process `syz.4.133'.
[  107.355386][ T4797] netlink: 140 bytes leftover after parsing attributes in process `syz.4.133'.
[  107.866849][ T4818] loop0: detected capacity change from 0 to 128
[  107.909675][ T4818] FAT-fs (loop0): Directory bread(block 414) failed
[  107.930247][ T4818] FAT-fs (loop0): Directory bread(block 415) failed
[  107.957031][ T4818] FAT-fs (loop0): Directory bread(block 416) failed
[  107.971678][ T4818] FAT-fs (loop0): Directory bread(block 417) failed
[  107.982666][ T4818] FAT-fs (loop0): Directory bread(block 418) failed
[  107.989963][ T4818] FAT-fs (loop0): Directory bread(block 419) failed
[  107.991000][   T14] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  107.998067][ T4818] FAT-fs (loop0): Directory bread(block 420) failed
[  108.012227][ T4818] FAT-fs (loop0): Directory bread(block 421) failed
[  108.185415][ T4827] FAT-fs (loop0): Directory bread(block 414) failed
[  108.196613][   T14] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  108.214042][   T14] usb 4-1: config 0 has no interface number 0
[  108.220618][ T4827] FAT-fs (loop0): Directory bread(block 415) failed
[  108.241120][   T14] usb 4-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=13.67
[  108.289861][   T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.308262][   T14] usb 4-1: Product: syz
[  108.312633][   T14] usb 4-1: Manufacturer: syz
[  108.327138][   T14] usb 4-1: SerialNumber: syz
[  108.353446][   T14] usb 4-1: config 0 descriptor??
[  108.578474][   T14] cdc_subset: probe of 4-1:0.114 failed with error -71
[  108.633105][   T14] usb 4-1: USB disconnect, device number 2
[  108.640727][ T4832] loop1: detected capacity change from 0 to 32768
[  108.662395][ T4832] 
[  108.662395][ T4832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.662395][ T4832] 
[  108.690154][   T27] kauditd_printk_skb: 8 callbacks suppressed
[  108.690169][   T27] audit: type=1800 audit(1759892490.104:99): pid=4832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.151" name="file1" dev="loop1" ino=4 res=0 errno=0
[  108.811067][ T4837] device batadv_slave_0 entered promiscuous mode
[  108.818413][ T4832] ERROR: (device loop1): xtSearch: stack overrun!
[  108.818413][ T4832] 
[  108.863196][ T4837] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  108.902314][ T4832] ERROR: (device loop1): xtSearch: stack overrun!
[  108.902314][ T4832] 
[  108.909775][ T4837] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.911298][ T4832] xtLookup: xtSearch returned -5
[  108.924365][ T4832] ERROR: (device loop1): xtTruncate: stack overrun!
[  108.924365][ T4832] 
[  108.935380][ T4839] ERROR: (device loop1): xtSearch: stack overrun!
[  108.935380][ T4839] 
[  108.968707][ T4839] xtLookup: xtSearch returned -5
[  109.137079][ T4837] device batadv_slave_0 left promiscuous mode
[  109.171271][ T4837] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.603089][ T4780] 
[  109.603089][ T4780]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.603089][ T4780] 
[  109.615120][ T4780] 
[  109.615120][ T4780]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.615120][ T4780] 
[  109.629389][ T4780] 
[  109.629389][ T4780]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.629389][ T4780] 
[  109.646382][ T4780] 
[  109.646382][ T4780]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.646382][ T4780] 
[  109.675484][ T4780] JFS: metapage_get_blocks failed
[  109.686876][ T4780] 
[  109.686876][ T4780]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.686876][ T4780] 
[  109.699898][ T4266] 
[  109.699898][ T4266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.699898][ T4266] 
[  109.926118][ T4266] 
[  109.926118][ T4266]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.926118][ T4266] 
[  110.233365][ T4852] fuse: Bad value for 'fd'
[  110.282904][ T4840] netlink: 9 bytes leftover after parsing attributes in process `syz.0.154'.
[  110.341849][ T4840] device gretap0 entered promiscuous mode
[  110.401705][ T4858] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  110.650726][ T4863] loop2: detected capacity change from 0 to 128
[  111.167382][ T4876] netlink: 12 bytes leftover after parsing attributes in process `syz.1.168'.
[  111.778905][ T4891] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.173'.
[  111.794954][ T4891] netlink: zone id is out of range
[  111.800747][ T4891] netlink: zone id is out of range
[  111.808727][ T4891] netlink: zone id is out of range
[  111.820464][ T4891] netlink: zone id is out of range
[  111.831486][ T4891] netlink: zone id is out of range
[  111.837636][ T4891] netlink: zone id is out of range
[  111.843232][ T4891] netlink: zone id is out of range
[  111.855624][ T4891] netlink: zone id is out of range
[  111.861020][ T4891] netlink: zone id is out of range
[  111.870966][ T4891] netlink: zone id is out of range
[  115.779733][ T4927] loop1: detected capacity change from 0 to 32768
[  116.617890][ T4974] loop2: detected capacity change from 0 to 128
[  117.758928][ T4983] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  117.769550][ T4984] netlink: 20 bytes leftover after parsing attributes in process `syz.1.206'.
[  119.200683][ T5007] netlink: 28 bytes leftover after parsing attributes in process `syz.4.215'.
[  119.236697][ T5007] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.314430][ T5007] device bridge_slave_1 left promiscuous mode
[  119.344226][ T5007] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.409685][ T5009] 
[  121.304665][  T953] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  121.500909][ T5059] netlink: 8 bytes leftover after parsing attributes in process `syz.3.231'.
[  121.514871][  T953] usb 5-1: Using ep0 maxpacket: 8
[  121.523308][  T953] usb 5-1: config 0 has no interfaces?
[  121.543092][  T953] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  121.562669][ T5059] netlink: 12 bytes leftover after parsing attributes in process `syz.3.231'.
[  121.573375][  T953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.593607][  T953] usb 5-1: Product: syz
[  121.606871][  T953] usb 5-1: Manufacturer: syz
[  121.611551][  T953] usb 5-1: SerialNumber: syz
[  121.617004][ T5059] netlink: 36 bytes leftover after parsing attributes in process `syz.3.231'.
[  121.637592][  T953] usb 5-1: config 0 descriptor??
[  123.737653][ T4400] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.980690][ T4257] usb 5-1: USB disconnect, device number 3
[  124.541121][ T5141] netlink: 4 bytes leftover after parsing attributes in process `syz.4.254'.
[  124.561508][ T5141] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.777568][ T5141] batman_adv: batadv0: Removing interface: batadv_slave_1
[  124.892594][ T5140] netlink: 'syz.0.255': attribute type 1 has an invalid length.
[  124.994098][ T5144] 8021q: adding VLAN 0 to HW filter on device bond2
[  125.004075][ T5144] bond1: (slave bond2): making interface the new active one
[  125.012871][ T5144] bond1: (slave bond2): Enslaving as an active interface with an up link
[  125.028722][ T5145] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  125.084743][ T5145] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  125.310314][ T5162] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.317588][ T5162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.325329][ T5162] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.332512][ T5162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.426797][ T5162] net_ratelimit: 21 callbacks suppressed
[  125.426849][ T5162] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  126.205432][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  126.319461][ T5184] netlink: 24 bytes leftover after parsing attributes in process `syz.1.269'.
[  126.422438][ T5191] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'.
[  126.621894][   T27] audit: type=1326 audit(1759892508.034:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5192 comm="syz.1.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543d58eec9 code=0x7ffc0000
[  126.650158][   T27] audit: type=1326 audit(1759892508.034:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5192 comm="syz.1.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543d58eec9 code=0x7ffc0000
[  126.677143][   T27] audit: type=1326 audit(1759892508.064:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5192 comm="syz.1.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f543d58eec9 code=0x7ffc0000
[  126.699674][   T27] audit: type=1326 audit(1759892508.064:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5192 comm="syz.1.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543d58eec9 code=0x7ffc0000
[  126.723713][   T27] audit: type=1326 audit(1759892508.064:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5192 comm="syz.1.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543d58eec9 code=0x7ffc0000
[  127.409179][ T5210] netlink: 128 bytes leftover after parsing attributes in process `syz.1.278'.
[  127.826511][ T5224] loop2: detected capacity change from 0 to 256
[  127.863559][ T5224] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  127.908031][ T5224] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  127.948511][ T5224] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  128.332830][ T5214] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.340151][ T5214] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.065419][ T5214] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  129.095469][ T5214] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  129.652069][ T5266] loop4: detected capacity change from 0 to 128
[  129.955831][ T5214] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  129.966471][ T5214] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  129.978108][ T5214] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  129.990525][ T5214] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  130.361536][ T5227] netlink: 76 bytes leftover after parsing attributes in process `syz.0.283'.
[  132.580386][ T5350] tipc: Started in network mode
[  132.664694][ T5350] tipc: Node identity aaaaaaaaaa34, cluster identity 4711
[  132.672476][ T5350] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  132.856921][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  132.863831][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.666919][  T953] tipc: Node number set to 10398378
[  133.732688][ T5356] netlink: 9 bytes leftover after parsing attributes in process `syz.2.303'.
[  133.786676][ T5356] device gretap0 entered promiscuous mode
[  135.453117][ T5397] loop0: detected capacity change from 0 to 128
[  137.102096][ T5418] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  138.520196][ T5472] netlink: 'syz.0.347': attribute type 10 has an invalid length.
[  138.528583][ T5472] netlink: 40 bytes leftover after parsing attributes in process `syz.0.347'.
[  138.627969][ T5472] team0: Port device geneve0 added
[  138.930401][ T5484] fuse: Bad value for 'fd'
[  139.183461][ T5489] netlink: 'syz.4.352': attribute type 1 has an invalid length.
[  139.324264][ T5489] 8021q: adding VLAN 0 to HW filter on device bond1
[  139.342300][ T5491] bond1: (slave vlan2): making interface the new active one
[  139.352332][ T5491] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  139.361249][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  140.715973][ T5528] Driver unsupported XDP return value 0 on prog  (id 119) dev N/A, expect packet loss!
[  143.295209][ T5578] netlink: 24 bytes leftover after parsing attributes in process `syz.2.386'.
[  144.964863][ T4382] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  145.036607][ T5607] netlink: 4 bytes leftover after parsing attributes in process `syz.4.399'.
[  145.051367][ T5607] netlink: 4 bytes leftover after parsing attributes in process `syz.4.399'.
[  145.160900][ T4382] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  145.175391][ T4382] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.187094][ T4382] usb 2-1: Product: syz
[  145.191525][ T4382] usb 2-1: Manufacturer: syz
[  145.198536][ T4382] usb 2-1: SerialNumber: syz
[  145.212142][ T4382] usb 2-1: config 0 descriptor??
[  145.261584][ T5615] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  145.268730][ T5615] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  145.299655][ T5615] netlink: 14 bytes leftover after parsing attributes in process `syz.4.401'.
[  145.336415][ T5615] device hsr_slave_0 left promiscuous mode
[  145.353359][ T5615] device hsr_slave_1 left promiscuous mode
[  145.435840][ T4382] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  145.463394][ T5617] overlayfs: failed to clone upperpath
[  147.622677][ T5647] fuse: Bad value for 'fd'
[  148.123349][ T4382] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -71
[  148.145383][ T4382] usb 2-1: USB disconnect, device number 3
[  148.417137][ T5660] fuse: Bad value for 'fd'
[  149.092915][ T5681] overlayfs: failed to clone upperpath
[  149.141763][ T5683] netlink: 'syz.4.427': attribute type 2 has an invalid length.
[  149.412899][   T27] audit: type=1326 audit(1759892530.824:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.2.428" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d5318eec9 code=0x0
[  149.868484][    C1] vcan0: j1939_tp_rxtimer: 0xffff888057b5b400: rx timeout, send abort
[  150.378448][    C1] vcan0: j1939_tp_rxtimer: 0xffff888057b5b400: abort rx timeout. Force session deactivation
[  150.583698][ T5705] device wg2 entered promiscuous mode
[  151.002485][ T5719] overlayfs: failed to clone upperpath
[  151.209977][ T5725] overlayfs: unrecognized mount option "\']*=°¢°©æ[\1\" or missing value
[  152.270368][ T5754] netlink: 12 bytes leftover after parsing attributes in process `syz.2.457'.
[  152.354464][ T5754] bridge1: port 1(vlan2) entered blocking state
[  152.375650][ T5754] bridge1: port 1(vlan2) entered disabled state
[  152.407801][ T5754] device vlan2 entered promiscuous mode
[  152.443615][ T5754] device bridge0 entered promiscuous mode
[  153.101789][ T5775] overlayfs: failed to clone upperpath
[  154.707614][ T5818] netlink: 'syz.2.483': attribute type 10 has an invalid length.
[  154.716226][ T5818] netlink: 'syz.2.483': attribute type 17 has an invalid length.
[  154.727626][ T5818] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  154.742520][ T5819] loop1: detected capacity change from 0 to 2048
[  154.782937][ T5819] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=3932051, location=3932051
[  154.847924][ T5819] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  155.360978][ T5837] netlink: 830 bytes leftover after parsing attributes in process `syz.3.491'.
[  157.066951][ T5856] loop2: detected capacity change from 0 to 4096
[  157.667049][ T5856] ntfs: volume version 3.1.
[  157.938017][ T5872] netlink: 4 bytes leftover after parsing attributes in process `syz.0.504'.
[  158.336463][ T5888] netlink: 'syz.2.510': attribute type 10 has an invalid length.
[  158.364951][ T5888] netlink: 40 bytes leftover after parsing attributes in process `syz.2.510'.
[  158.387062][ T5888] batman_adv: batadv0: Adding interface: virt_wifi0
[  158.400285][ T5888] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  158.420266][    C1] vkms_vblank_simulate: vblank timer overrun
[  158.428038][ T5888] batman_adv: batadv0: Interface activated: virt_wifi0
[  158.719463][ T5902] netlink: 12 bytes leftover after parsing attributes in process `syz.4.517'.
[  158.826238][ T5902] bridge1: port 1(vlan3) entered blocking state
[  158.861600][ T5902] bridge1: port 1(vlan3) entered disabled state
[  158.871176][ T5902] device vlan3 entered promiscuous mode
[  158.883219][ T5902] device bridge0 entered promiscuous mode
[  159.791113][ T5930] loop1: detected capacity change from 0 to 1024
[  159.875629][ T5930] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  160.039549][ T5930] EXT4-fs error (device loop1): ext4_xattr_ibody_get:603: inode #15: comm syz.1.524: corrupted in-inode xattr
[  160.060721][ T5930] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.524: corrupted in-inode xattr
[  160.086006][ T5930] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 1803188595: comm syz.1.524: lblock 0 mapped to illegal pblock 1803188595 (length 1)
[  160.138912][ T5930] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  160.161558][ T5930] EXT4-fs (loop1): This should not happen!! Data will be lost
[  160.161558][ T5930] 
[  160.350103][ T5337] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm kworker/u4:24: corrupted in-inode xattr
[  160.410565][ T5337] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm kworker/u4:24: corrupted in-inode xattr
[  160.440064][ T4266] EXT4-fs (loop1): Inode 15 (ffff88807001da48): i_reserved_data_blocks (1) not cleared!
[  160.458660][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  160.950957][ T5958] netlink: 'syz.2.533': attribute type 4 has an invalid length.
[  161.430252][ T5971] netlink: 168 bytes leftover after parsing attributes in process `syz.3.540'.
[  161.604880][ T5256] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  161.768544][ T5978] netlink: 4 bytes leftover after parsing attributes in process `syz.4.543'.
[  161.809305][ T5256] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  161.825871][ T5256] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.844652][ T5256] usb 3-1: Product: syz
[  161.857891][ T5256] usb 3-1: Manufacturer: syz
[  161.877711][ T5256] usb 3-1: SerialNumber: syz
[  161.891289][ T5256] usb 3-1: config 0 descriptor??
[  162.114198][ T5256] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  162.259941][ T5989] loop1: detected capacity change from 0 to 128
[  162.301708][ T5989] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  162.437127][ T5989] loop1: detected capacity change from 128 to 0
[  162.454585][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  162.464627][ T5331] loop: Write error at byte offset 9223372036854834687, length 512.
[  162.503836][    C1] I/O error, dev loop1, sector 115 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  162.513751][    C1] Buffer I/O error on dev loop1, logical block 115, lost sync page write
[  162.522339][ T5991] UDF-fs: warning (device loop1): udf_update_inode: IO error syncing udf inode [00000073]
[  163.945940][ T5256] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71
[  163.983039][ T5256] usb 3-1: USB disconnect, device number 2
[  164.327704][   T27] audit: type=1326 audit(1759892545.744:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6005 comm="syz.0.552" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcc27d8eec9 code=0x0
[  166.293706][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880556ebc00: rx timeout, send abort
[  166.302103][    C1] vcan0: j1939_tp_rxtimer: 0xffff888076394c00: rx timeout, send abort
[  166.312135][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880556ebc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  166.328149][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888076394c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  167.623814][   T27] audit: type=1326 audit(1759892549.034:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.3.568" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa9ee98eec9 code=0x0
[  169.763726][ T6104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.589'.
[  171.245993][ T6119] netlink: 'syz.3.595': attribute type 3 has an invalid length.
[  171.312711][ T6119] netlink: 'syz.3.595': attribute type 3 has an invalid length.
[  171.908075][ T6135] netlink: 168 bytes leftover after parsing attributes in process `syz.0.602'.
[  174.313053][ T6181] netlink: 168 bytes leftover after parsing attributes in process `syz.4.616'.
[  174.534612][ T6185] xt_connbytes: Forcing CT accounting to be enabled
[  174.541447][ T6185] Cannot find set identified by id 0 to match
[  175.941024][ T6205] ptrace attach of "./syz-executor exec"[4267] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  176.379203][ T6213] device erspan0 entered promiscuous mode
[  176.604408][ T6219] netlink: 1347 bytes leftover after parsing attributes in process `syz.4.632'.
[  177.001329][ T6226] kvm [6225]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x1
[  177.972612][ T6260] kvm: emulating exchange as write
[  178.161549][ T6268] netlink: 'syz.3.648': attribute type 12 has an invalid length.
[  178.970756][ T6279] loop2: detected capacity change from 0 to 32768
[  179.058119][ T6279] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 scanned by syz.2.652 (6279)
[  179.157786][ T6290] xt_connbytes: Forcing CT accounting to be enabled
[  179.164813][ T6290] set match dimension is over the limit!
[  179.225101][ T6279] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  179.264743][ T6279] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  179.288660][ T6279] BTRFS info (device loop2): using free space tree
[  179.603758][ T6279] BTRFS info (device loop2): enabling ssd optimizations
[  179.972139][ T4267] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  180.578675][ T6337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.624993][  T128] wlan1: authenticate with 08:02:11:00:00:00
[  180.644234][ T6337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.657657][  T128] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  180.675132][ T5331] wlan1: authenticated
[  180.680235][  T128] mac80211_hwsim hwsim11 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP
[  180.706688][ T5331] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[  180.722287][ T6337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.736916][ T5331] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1)
[  180.752388][ T5331] wlan1: associated
[  180.928710][ T6346] loop2: detected capacity change from 0 to 4096
[  181.331865][ T6346] EXT4-fs (loop2): Test dummy encryption mode enabled
[  181.349905][ T6346] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  181.359689][ T6346] System zones: 0-5
[  181.383279][ T6346] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  181.776407][ T6346] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  182.195602][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  183.252833][ T6379] loop2: detected capacity change from 0 to 128
[  183.296384][ T6379] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  183.339664][ T6379] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  184.781545][   T11] loop: Write error at byte offset 9223372036854818303, length 512.
[  184.804596][    C1] I/O error, dev loop1, sector 83 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  184.814200][    C1] Buffer I/O error on dev loop1, logical block 83, lost sync page write
[  185.525161][ T4287] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  185.544857][ T4287] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  185.553625][ T4287] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  185.563462][ T4287] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  185.571285][ T4287] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  185.584777][ T4287] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  185.920848][ T4287] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  185.935161][ T4287] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  185.943856][ T4287] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  185.951965][ T4287] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  185.964124][ T4287] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  185.972995][ T4286] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  186.102382][ T6398] chnl_net:caif_netlink_parms(): no params data found
[  186.272096][ T6398] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.286406][ T6398] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.302467][ T6398] device bridge_slave_0 entered promiscuous mode
[  186.314077][ T6398] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.328100][ T6398] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.337557][ T6398] device bridge_slave_1 entered promiscuous mode
[  186.369979][ T6398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.384068][ T6398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.402688][ T6404] chnl_net:caif_netlink_parms(): no params data found
[  186.439865][ T6398] team0: Port device team_slave_0 added
[  186.461155][ T6398] team0: Port device team_slave_1 added
[  186.498686][ T6398] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.505836][ T6398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.531966][ T6398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.555317][ T6398] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.562414][ T6398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.588468][ T6398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.601105][ T6404] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.608588][ T6404] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.617519][ T6404] device bridge_slave_0 entered promiscuous mode
[  186.629661][ T6404] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.637118][ T6404] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.646274][ T6404] device bridge_slave_1 entered promiscuous mode
[  186.692716][ T6404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.708646][ T6398] device hsr_slave_0 entered promiscuous mode
[  186.716825][ T6398] device hsr_slave_1 entered promiscuous mode
[  186.723558][ T6398] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.731437][ T6398] Cannot create hsr debugfs directory
[  186.739082][ T6404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.783695][ T6404] team0: Port device team_slave_0 added
[  186.808052][ T6404] team0: Port device team_slave_1 added
[  186.867832][ T6404] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.875318][ T6404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.902067][ T6404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.944443][ T6404] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.959630][ T6404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.992475][ T6404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.098189][ T6404] device hsr_slave_0 entered promiscuous mode
[  187.122067][ T6404] device hsr_slave_1 entered promiscuous mode
[  187.130793][ T6404] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  187.141845][ T6404] Cannot create hsr debugfs directory
[  187.337631][ T6398] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  187.347507][ T6398] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  187.370936][ T6398] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  187.414826][ T6398] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  187.642586][ T6404] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  187.654663][ T4286] Bluetooth: hci0: command 0x0409 tx timeout
[  187.677700][ T6398] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.692518][ T6404] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  187.728201][ T6404] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  187.754220][ T6398] 8021q: adding VLAN 0 to HW filter on device team0
[  187.762512][ T6404] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  187.777438][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  187.785664][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  188.076593][ T4286] Bluetooth: hci1: command 0x0409 tx timeout
[  188.135165][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  188.196098][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  188.279574][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.286876][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.509679][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  188.538020][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  188.546699][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.553943][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.575028][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  188.708267][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  188.721613][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  188.747826][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  188.757608][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  188.766844][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  188.801819][ T6398] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  188.821429][ T6398] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  188.844130][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  188.860753][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  188.871993][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  188.888401][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.898604][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  188.907418][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.937387][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  188.961736][ T6404] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.992450][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  189.011121][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  189.028676][ T6404] 8021q: adding VLAN 0 to HW filter on device team0
[  189.041194][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  189.050459][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  189.059951][ T5333] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.067144][ T5333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.087226][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  189.121151][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  189.135611][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  189.155350][ T5333] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.162497][ T5333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.185179][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  189.220123][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  189.270756][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  189.287480][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  189.297647][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  189.308262][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  189.317568][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  189.327087][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  189.337199][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  189.352344][ T6404] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  189.379786][ T6404] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  189.400258][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  189.413823][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  189.654369][ T5338] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  189.663811][ T5338] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  189.699171][ T6398] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.735130][ T4280] Bluetooth: hci0: command 0x041b tx timeout
[  189.992460][ T6476] netlink: 4 bytes leftover after parsing attributes in process `syz.4.698'.
[  190.135532][ T4280] Bluetooth: hci1: command 0x041b tx timeout
[  190.172305][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  190.183491][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  190.250424][ T6404] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.521281][ T6491] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  190.541876][ T6491] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  190.596495][ T6491] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  190.636432][ T6491] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  190.663898][ T6491] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  190.677132][ T6491] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  190.687836][ T6491] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  190.744096][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  190.802993][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  190.907838][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  190.936195][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  190.966716][ T6398] device veth0_vlan entered promiscuous mode
[  190.977122][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  190.995561][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  191.039508][ T6398] device veth1_vlan entered promiscuous mode
[  191.109877][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  191.125822][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  191.163672][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  191.185688][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  191.225557][ T6398] device veth0_macvtap entered promiscuous mode
[  191.268334][ T6398] device veth1_macvtap entered promiscuous mode
[  191.296097][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  191.337687][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  191.410923][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.441586][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.466042][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.491957][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.505506][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.523181][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.546412][ T6398] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.560959][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  191.575824][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  191.595408][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.612653][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.640965][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.671974][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.689980][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.701929][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.721517][ T6398] batman_adv: batadv0: Interface activated: batadv_slave_1
[  191.787084][ T6404] device veth0_vlan entered promiscuous mode
[  191.809845][ T6404] device veth1_vlan entered promiscuous mode
[  191.818853][ T4280] Bluetooth: hci0: command 0x040f tx timeout
[  191.888704][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  191.950034][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  191.985165][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  192.005374][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  192.035551][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  192.055501][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  192.065022][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  192.091080][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  192.101653][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  192.123455][ T6398] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.141988][ T6398] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.172016][ T6398] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.194800][ T6398] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.215153][ T4280] Bluetooth: hci1: command 0x040f tx timeout
[  192.298915][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  192.326966][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  192.358640][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  192.395332][ T6404] device veth0_macvtap entered promiscuous mode
[  192.445389][ T6404] device veth1_macvtap entered promiscuous mode
[  192.548940][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.569745][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.582766][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.609207][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.628171][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.643327][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.660828][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.671535][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.694297][ T6404] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.712858][ T5338] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  192.730794][ T5338] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  192.743754][ T5338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  192.774039][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.809743][ T4780] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.818959][ T4780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.834647][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.852406][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.863900][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.874083][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.894564][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.916220][ T6404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.935267][ T6404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.948717][ T6404] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.974963][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  192.983123][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  193.017571][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  193.055618][ T6404] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.072916][ T6404] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.083107][ T6404] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.092239][ T6404] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.170443][ T5321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.208883][ T5321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.299660][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  193.338276][ T5321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.362874][ T5321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.446386][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  193.470869][ T5321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.510759][ T5321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.536714][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  193.897666][ T4280] Bluetooth: hci0: command 0x0419 tx timeout
[  194.316281][ T4280] Bluetooth: hci1: command 0x0419 tx timeout
[  194.325136][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.331521][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  194.429383][ T6542] tipc: Failed to remove unknown binding: 66,1,1/0:3734345601/3734345603
[  194.475131][ T6542] tipc: Failed to remove unknown binding: 66,1,1/0:3734345601/3734345603
[  194.594677][  T128] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  194.760351][ T6552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.722'.
[  194.784868][ T6552] device bridge_slave_1 left promiscuous mode
[  194.812239][ T6552] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.902209][ T6552] device bridge_slave_0 left promiscuous mode
[  194.917664][ T6552] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.014743][  T128] usb 7-1: Using ep0 maxpacket: 8
[  196.674504][    C0] sched: RT throttling activated
[  197.281633][  T128] usb 7-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  197.291729][  T128] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.299886][  T128] usb 7-1: Product: syz
[  197.304091][  T128] usb 7-1: Manufacturer: syz
[  197.318016][  T128] usb 7-1: config 0 descriptor??
[  197.334614][  T128] usb 7-1: can't set config #0, error -71
[  197.354771][  T128] usb 7-1: USB disconnect, device number 2
[  198.279496][ T6599] netlink: 'syz.6.736': attribute type 4 has an invalid length.
[  198.439963][ T6600] netlink: 'syz.6.736': attribute type 4 has an invalid length.
[  199.994594][ T6333] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  200.764645][ T6333] usb 7-1: Using ep0 maxpacket: 8
[  200.771427][ T6333] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.830615][ T6333] usb 7-1: config 0 has no interfaces?
[  200.864323][ T6333] usb 7-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=50.d3
[  200.901735][ T6333] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.951929][ T6333] usb 7-1: Product: syz
[  200.956974][ T6333] usb 7-1: Manufacturer: syz
[  200.961624][ T6333] usb 7-1: SerialNumber: syz
[  201.001230][ T6333] usb 7-1: config 0 descriptor??
[  201.248111][ T6333] usb 7-1: USB disconnect, device number 3
[  201.494800][ T4280] Bluetooth: hci4: command 0x0406 tx timeout
[  201.500927][ T4280] Bluetooth: hci2: command 0x0406 tx timeout
[  201.504702][ T4286] Bluetooth: hci3: command 0x0406 tx timeout
[  201.549589][ T6634] netlink: 24 bytes leftover after parsing attributes in process `syz.5.749'.
[  201.968837][ T6639] netlink: 'syz.5.750': attribute type 1 has an invalid length.
[  202.201955][ T6654] capability: warning: `syz.4.757' uses 32-bit capabilities (legacy support in use)
[  202.317593][ T6656] netlink: 'syz.3.758': attribute type 1 has an invalid length.
[  202.387323][ T6656] 8021q: adding VLAN 0 to HW filter on device bond1
[  202.491973][ T6660] bond1: (slave geneve2): making interface the new active one
[  202.536373][ T6666] loop5: detected capacity change from 0 to 256
[  202.563599][ T6666] exfat: Deprecated parameter 'namecase'
[  202.571967][ T6660] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  202.578135][ T6666] exfat: Deprecated parameter 'namecase'
[  202.611167][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  202.710257][ T6666] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  204.341254][ T6683] netlink: 'syz.3.768': attribute type 10 has an invalid length.
[  204.389435][ T6683] 8021q: adding VLAN 0 to HW filter on device team0
[  204.438067][ T6683] bond0: (slave team0): Enslaving as an active interface with an up link
[  204.589589][ T6687] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:4c7d:a8ff:fe30:ae4e error=-28
[  205.083941][ T6687] infiniband syz!: set active
[  205.109359][ T6687] infiniband syz!: added team_slave_0
[  205.389226][ T6687] RDS/IB: syz!: added
[  205.414123][ T6687] smc: adding ib device syz! with port count 1
[  205.436215][ T6687] smc:    ib device syz! port 1 has pnetid 
[  205.858394][ T6702] netlink: 'syz.6.773': attribute type 10 has an invalid length.
[  205.893305][ T6702] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.900868][ T6702] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.027685][ T6702] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.034937][ T6702] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.042465][ T6702] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.049697][ T6702] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.231688][ T6702] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  206.277476][ T6707] netlink: 4 bytes leftover after parsing attributes in process `syz.6.773'.
[  206.350392][ T6707] device bridge_slave_1 left promiscuous mode
[  206.382830][ T6707] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.403874][ T6707] device bridge_slave_0 left promiscuous mode
[  206.417957][ T6707] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.311722][ T6707] bond0: (slave bridge0): Releasing backup interface
[  207.522409][ T6723] af_packet: tpacket_rcv: packet too big, clamped from 240 to 4294967272. macoff=96
[  212.819751][ T6750] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.860112][ T6750] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.043442][ T6750] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.064262][ T6750] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.077492][ T6750] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.086553][ T6750] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.209020][ T6750] syz.6.787 (6750) used greatest stack depth: 20352 bytes left
[  213.214575][ T6760] netlink: 12 bytes leftover after parsing attributes in process `syz.4.791'.
[  213.294594][ T6783] bridge: RTM_NEWNEIGH with invalid ether address
[  213.521852][   T14] kernel write not supported for file bpf-prog (pid: 14 comm: kworker/0:1)
[  213.627639][ T6797] netlink: 32 bytes leftover after parsing attributes in process `syz.5.801'.
[  213.647614][ T6797] netlink: 32 bytes leftover after parsing attributes in process `syz.5.801'.
[  213.737024][ T6799] loop6: detected capacity change from 0 to 512
[  213.829990][ T6799] EXT4-fs (loop6): too many log groups per flexible block group
[  213.839525][ T6799] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  213.847755][ T6799] EXT4-fs (loop6): mount failed
[  214.808913][ T6818] netlink: 'syz.0.808': attribute type 1 has an invalid length.
[  214.887647][ T6818] 8021q: adding VLAN 0 to HW filter on device bond3
[  214.951426][ T6818] bond3: (slave gretap1): making interface the new active one
[  215.036870][ T6818] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  215.046312][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  215.097406][ T6833] loop6: detected capacity change from 0 to 64
[  215.561030][ T4280] Bluetooth: hci1: unexpected event 0x03 length: 1 < 11
[  216.091085][ T6854] netlink: 'syz.3.821': attribute type 10 has an invalid length.
[  216.190932][ T6854] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  217.236820][ T6870] loop6: detected capacity change from 0 to 8
[  217.685141][ T6877] SQUASHFS error: zlib decompression failed, data probably corrupt
[  217.693696][ T6877] SQUASHFS error: Failed to read block 0x4e8: -5
[  217.703640][ T6877] SQUASHFS error: zlib decompression failed, data probably corrupt
[  217.711869][ T6877] SQUASHFS error: Failed to read block 0x4ee: -5
[  217.721985][ T6877] SQUASHFS error: zlib decompression failed, data probably corrupt
[  217.730359][ T6877] SQUASHFS error: Failed to read block 0x4ef: -5
[  217.807999][   T27] audit: type=1800 audit(1759892599.154:108): pid=6877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.828" name="file1" dev="loop6" ino=5 res=0 errno=0
[  218.454092][ T6884] loop6: detected capacity change from 0 to 16
[  218.815400][ T6884] erofs: (device loop6): mounted with root inode @ nid 36.
[  219.840105][ T6891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.836'.
[  219.901371][ T6891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.836'.
[  220.134839][ T6895] 9pnet: p9_errstr2errno: server reported unknown error 
[  220.917868][ T6913] lo speed is unknown, defaulting to 1000
[  220.949375][ T6913] lo speed is unknown, defaulting to 1000
[  221.004196][ T6913] lo speed is unknown, defaulting to 1000
[  221.043203][ T6920] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  221.912898][ T6920] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  222.203551][ T6913] infiniband s
z1: set active
[  222.208838][ T4273] lo speed is unknown, defaulting to 1000
[  222.222572][ T6913] infiniband s
z1: added lo
[  222.255616][ T6913] rdma_rxe: unable to create cq
[  222.260581][ T6913] infiniband s
z1: Couldn't create ib_mad CQ
[  222.301036][ T6913] infiniband s
z1: Couldn't open port 1
[  222.396492][ T6913] RDS/IB: s
z1: added
[  222.400589][ T6913] smc: adding ib device s
z1 with port count 1
[  222.417299][ T6913] smc:    ib device s
z1 port 1 has pnetid 
[  222.446244][ T4273] lo speed is unknown, defaulting to 1000
[  222.457160][ T6913] lo speed is unknown, defaulting to 1000
[  222.703475][ T6913] lo speed is unknown, defaulting to 1000
[  222.913665][ T6913] lo speed is unknown, defaulting to 1000
[  223.273833][ T6913] lo speed is unknown, defaulting to 1000
[  224.191543][ T6913] lo speed is unknown, defaulting to 1000
[  224.397220][ T6913] lo speed is unknown, defaulting to 1000
[  225.103990][ T6325] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  225.304607][ T6325] usb 6-1: Using ep0 maxpacket: 8
[  225.311636][ T6325] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  225.355138][ T6913] lo speed is unknown, defaulting to 1000
[  225.366105][ T6325] usb 6-1: config 0 has no interfaces?
[  225.376883][ T6979] netlink: 24 bytes leftover after parsing attributes in process `syz.6.866'.
[  225.387803][ T6325] usb 6-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=50.d3
[  225.413392][ T6325] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.432682][ T6325] usb 6-1: Product: syz
[  225.444573][ T6325] usb 6-1: Manufacturer: syz
[  225.451466][ T6325] usb 6-1: SerialNumber: syz
[  225.471551][ T6325] usb 6-1: config 0 descriptor??
[  225.549073][ T6983] overlayfs: failed to clone upperpath
[  225.735378][ T6325] usb 6-1: USB disconnect, device number 2
[  226.852723][ T6998] loop5: detected capacity change from 0 to 8
[  228.133289][   T27] audit: type=1800 audit(1759892609.414:109): pid=7008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.873" name="file1" dev="loop5" ino=5 res=0 errno=0
[  228.755940][ T7025] netlink: 'syz.5.882': attribute type 10 has an invalid length.
[  228.783429][ T7025] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.791042][ T7025] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.856663][ T7025] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.863920][ T7025] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.872734][ T7025] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.879901][ T7025] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.055819][ T7025] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  229.133834][ T7029] netlink: 4 bytes leftover after parsing attributes in process `syz.5.882'.
[  229.200635][ T7029] device bridge_slave_1 left promiscuous mode
[  229.331016][ T7029] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.905463][ T7029] device bridge_slave_0 left promiscuous mode
[  229.934914][ T7029] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.073504][ T7029] bond0: (slave bridge0): Releasing backup interface
[  231.332969][ T7046] netlink: 'syz.3.886': attribute type 13 has an invalid length.
[  231.354874][ T7046] netlink: 28 bytes leftover after parsing attributes in process `syz.3.886'.
[  231.605426][ T7059] "syz.0.900" (7059) uses obsolete ecb(arc4) skcipher
[  232.628095][ T7074] netlink: 'syz.0.905': attribute type 1 has an invalid length.
[  232.668572][ T7074] 8021q: adding VLAN 0 to HW filter on device bond4
[  232.825987][ T7074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.905'.
[  233.493179][ T7102] netlink: 'syz.0.902': attribute type 10 has an invalid length.
[  233.540463][ T7102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.902'.
[  234.688053][ T7116] infiniband s
z1: set down
[  234.829292][ T7121] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 3, id = 0
[  234.850332][ T4257] lo speed is unknown, defaulting to 1000
[  234.868821][ T4257] lo speed is unknown, defaulting to 1000
[  235.287251][ T7119] lo speed is unknown, defaulting to 1000
[  237.499123][ T7155] netlink: 'syz.4.924': attribute type 10 has an invalid length.
[  237.517595][ T7155] wlan1: deauthenticating from 08:02:11:00:00:00 by local choice (Reason: 3=DEAUTH_LEAVING)
[  237.656958][ T7155] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  237.913488][ T7164] 8021q: adding VLAN 0 to HW filter on device bond5
[  237.947596][ T7164] device bond_slave_0 entered promiscuous mode
[  237.954518][ T7164] device bond_slave_1 entered promiscuous mode
[  237.969779][ T7164] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  238.020904][ T7164] bond5: (slave macvlan2): making interface the new active one
[  238.063183][ T7164] bond5: (slave macvlan2): Enslaving as an active interface with an up link
[  238.084242][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready
[  239.381037][ T7186] netlink: 4 bytes leftover after parsing attributes in process `syz.4.935'.
[  241.284313][ T7215] netlink: 12 bytes leftover after parsing attributes in process `syz.4.945'.
[  244.258597][ T7261] overlayfs: failed to clone lowerpath
[  244.274390][ T7259] netlink: 'syz.3.958': attribute type 10 has an invalid length.
[  244.296609][ T7261] overlayfs: failed to clone lowerpath
[  244.336883][   T27] audit: type=1326 audit(1759892625.754:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  244.365536][ T7259] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.374558][ T7259] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.438691][   T27] audit: type=1326 audit(1759892625.754:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  244.590154][   T27] audit: type=1326 audit(1759892625.754:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  244.645185][ T7259] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.652379][ T7259] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.659791][ T7259] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.666909][ T7259] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.713339][ T7259] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  244.732603][   T27] audit: type=1326 audit(1759892625.754:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  244.734331][ T7263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.958'.
[  244.823850][   T27] audit: type=1326 audit(1759892625.754:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  244.853326][ T7263] device bridge_slave_1 left promiscuous mode
[  244.885014][ T7263] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.907717][   T27] audit: type=1326 audit(1759892625.754:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  244.940400][ T7263] device bridge_slave_0 left promiscuous mode
[  244.954621][   T27] audit: type=1326 audit(1759892625.754:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  244.988326][ T7263] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.032417][   T27] audit: type=1326 audit(1759892625.754:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  245.105909][   T27] audit: type=1326 audit(1759892625.754:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  245.131914][ T7263] bond0: (slave bridge0): Releasing backup interface
[  245.139319][   T27] audit: type=1326 audit(1759892625.754:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.5.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  245.245082][ T7273] netlink: 'syz.0.961': attribute type 27 has an invalid length.
[  245.275388][ T7273] netlink: 'syz.0.961': attribute type 4 has an invalid length.
[  245.322981][ T7273] netlink: 144 bytes leftover after parsing attributes in process `syz.0.961'.
[  245.441374][ T7287] netlink: 'syz.5.967': attribute type 1 has an invalid length.
[  246.538279][ T7309] xt_CT: You must specify a L4 protocol and not use inversions on it
[  247.505718][ T7319] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  247.738559][ T7326] netlink: 'syz.4.980': attribute type 10 has an invalid length.
[  247.761961][ T7326] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.823856][ T7329] netlink: 48 bytes leftover after parsing attributes in process `syz.0.981'.
[  247.838805][ T7326] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.846070][ T7326] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.867790][ T7326] bridge1: port 1(vlan3) entered blocking state
[  247.874230][ T7326] bridge1: port 1(vlan3) entered forwarding state
[  247.897900][ T7326] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  247.909074][ T7328] netlink: 4 bytes leftover after parsing attributes in process `syz.4.980'.
[  247.948748][ T7328] device bridge_slave_0 left promiscuous mode
[  247.977916][ T7328] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.013755][ T7328] bridge1: port 1(vlan3) entered disabled state
[  248.096135][ T7328] bond0: (slave bridge0): Releasing backup interface
[  248.156806][ T7328] device vlan3 left promiscuous mode
[  248.162185][ T7328] device bridge0 left promiscuous mode
[  248.184884][ T7328] bridge1: port 1(vlan3) entered disabled state
[  249.607014][ T7349] netlink: 4 bytes leftover after parsing attributes in process `syz.6.987'.
[  250.584320][ T7364] loop5: detected capacity change from 0 to 128
[  250.638645][ T7364] EXT4-fs (loop5): Test dummy encryption mode enabled
[  250.658712][ T7364] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  250.759153][ T7367] 8021q: adding VLAN 0 to HW filter on device bond1
[  250.903203][ T7372] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  250.976828][ T5333] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  250.989341][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  251.043527][ T7378] sock: sock_set_timeout: `syz.3.998' (pid 7378) tries to set negative timeout
[  251.146644][ T5333] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  253.524549][ T7417] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1012'.
[  255.739158][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  255.745566][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  255.924245][ T7459] fuse: Bad value for 'fd'
[  256.421132][ T7468] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  256.428922][ T7468] IPv6: NLM_F_CREATE should be set when creating new route
[  256.961695][ T7475] netlink: 'syz.4.1032': attribute type 10 has an invalid length.
[  257.816879][ T7475] 8021q: adding VLAN 0 to HW filter on device team0
[  257.883255][ T7461] overlayfs: failed to clone upperpath
[  257.928239][ T7478] rdma_rxe: rxe_register_device failed with error -23
[  257.953641][ T7461] overlayfs: failed to clone upperpath
[  257.980072][ T7478] rdma_rxe: failed to add team_slave_0
[  257.980083][ T7475] bond0: (slave team0): Enslaving as an active interface with an up link
[  259.678514][ T7499] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1038'.
[  260.456624][ T7519] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  260.464896][ T7519] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1046'.
[  262.057312][ T7539] 9pnet_fd: Insufficient options for proto=fd
[  262.448947][ T7551] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1056'.
[  263.999697][ T7569] netlink: 'syz.0.1063': attribute type 10 has an invalid length.
[  264.051577][ T7574] rdma_rxe: rxe_register_device failed with error -23
[  264.109836][ T7574] rdma_rxe: failed to add team_slave_0
[  264.148153][ T7569] 8021q: adding VLAN 0 to HW filter on device team0
[  264.186886][ T7569] device team_slave_0 entered promiscuous mode
[  264.193751][ T7569] device team_slave_1 entered promiscuous mode
[  264.200061][ T7569] device geneve0 entered promiscuous mode
[  264.262816][ T7569] bond0: (slave team0): Enslaving as an active interface with an up link
[  264.278443][ T7577] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1065'.
[  264.791959][ T7591] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1069'.
[  265.846874][ T7612] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  267.124838][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  267.124855][   T27] audit: type=1326 audit(1759892648.544:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  267.169624][ T7631] netlink: 'syz.5.1085': attribute type 10 has an invalid length.
[  267.219717][   T27] audit: type=1326 audit(1759892648.544:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  267.718891][   T27] audit: type=1326 audit(1759892648.574:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  267.750337][ T7631] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  268.034201][   T27] audit: type=1326 audit(1759892648.574:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  268.074660][   T27] audit: type=1326 audit(1759892648.584:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  268.286686][   T27] audit: type=1326 audit(1759892648.584:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  268.410944][   T27] audit: type=1326 audit(1759892648.584:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  268.455918][   T27] audit: type=1326 audit(1759892648.604:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  268.562125][   T27] audit: type=1326 audit(1759892648.604:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  268.614814][   T27] audit: type=1326 audit(1759892648.604:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7627 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95cb98eec9 code=0x7ffc0000
[  268.680940][ T7645] tipc: Resetting bearer <eth:macvlan0>
[  268.836796][ T7645] tipc: Disabling bearer <eth:macvlan0>
[  269.177831][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1088'.
[  269.216873][ T7651] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  269.384874][ T7658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1088'.
[  269.681909][ T7678] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1096'.
[  269.770724][ T7681] bridge0: port 1(vlan3) entered blocking state
[  269.804721][ T7681] bridge0: port 1(vlan3) entered disabled state
[  269.827356][ T7681] device vlan3 entered promiscuous mode
[  269.880549][ T7681] device bond0 entered promiscuous mode
[  269.904878][ T7681] device team0 entered promiscuous mode
[  270.016352][ T7657] lo speed is unknown, defaulting to 1000
[  271.431380][ T7718] tipc: Failed to remove unknown binding: 66,1,1/10398378:336311917/336311919
[  271.462959][ T7718] tipc: Failed to remove unknown binding: 66,1,1/10398378:336311917/336311919
[  271.674985][ T7718] tipc: Failed to remove unknown binding: 66,1,1/10398378:336311917/336311919
[  273.978299][   T27] kauditd_printk_skb: 40 callbacks suppressed
[  273.978310][   T27] audit: type=1326 audit(1759892655.394:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.084917][   T27] audit: type=1326 audit(1759892655.424:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.173743][   T27] audit: type=1326 audit(1759892655.424:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.296183][   T27] audit: type=1326 audit(1759892655.454:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.401871][   T27] audit: type=1326 audit(1759892655.454:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.458858][ T7758] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1124'.
[  274.500168][   T27] audit: type=1326 audit(1759892655.454:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.529452][   T27] audit: type=1326 audit(1759892655.454:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.565781][ T7758] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  274.637174][   T27] audit: type=1326 audit(1759892655.454:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.692967][   T27] audit: type=1326 audit(1759892655.454:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  274.718960][ T7758] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1124'.
[  274.741179][   T27] audit: type=1326 audit(1759892655.454:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.5.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7ffc0000
[  275.202438][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1135'.
[  275.270017][ T7790] netlink: 'syz.6.1134': attribute type 1 has an invalid length.
[  275.304929][ T7790] 8021q: adding VLAN 0 to HW filter on device bond2
[  275.339886][ T7795] bond2: (slave gretap2): making interface the new active one
[  275.354096][ T7795] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  275.373514][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  275.973889][ T7807] IPv6: sit2: Disabled Multicast RS
[  276.274330][ T7809] loop5: detected capacity change from 0 to 40427
[  276.324378][ T7809] F2FS-fs (loop5): invalid crc value
[  276.341040][ T7809] F2FS-fs (loop5): Found nat_bits in checkpoint
[  276.402078][ T7809] F2FS-fs (loop5): Start checkpoint disabled!
[  276.427153][ T7809] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  277.270953][   T11] kworker/u4:1: attempt to access beyond end of device
[  277.270953][   T11] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  277.801966][ T7847] netlink: 176 bytes leftover after parsing attributes in process `syz.5.1153'.
[  277.812531][ T7835] futex_wake_op: syz.6.1151 tries to shift op by -1; fix this program
[  278.300185][ T7849] lo speed is unknown, defaulting to 1000
[  278.826963][ T7856] SET target dimension over the limit!
[  279.273925][ T7867] overlayfs: failed to clone upperpath
[  280.053653][ T7890] binder_alloc: 7889: pid 7889 spamming oneway? 2 buffers allocated for a total size of 5120
[  281.367268][ T7917] device ip6gretap0 entered promiscuous mode
[  281.374096][ T7917] device macsec1 entered promiscuous mode
[  281.384143][ T7917] device ip6gretap0 left promiscuous mode
[  285.241601][ T7962] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1191'.
[  285.403099][   T14] kernel read not supported for file [userfaultfd] (pid: 14 comm: kworker/0:1)
[  287.818530][ T8013] capability: warning: `syz.6.1207' uses deprecated v2 capabilities in a way that may be insecure
[  291.386365][ T8038] IPv6: sit3: Disabled Multicast RS
[  293.384946][ T8086] syz.5.1229 uses obsolete (PF_INET,SOCK_PACKET)
[  294.789615][ T8104] device ip6gretap0 entered promiscuous mode
[  295.787477][ T8093] Invalid option length (1032005) for dns_resolver key
[  297.755766][ T8142] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1257'.
[  298.019451][ T8142] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1257'.
[  298.887573][ T8141] lo speed is unknown, defaulting to 1000
[  299.958872][ T8178] lo speed is unknown, defaulting to 1000
[  301.142996][ T8202] SET target dimension over the limit!
[  304.459210][ T8218] lo speed is unknown, defaulting to 1000
[  304.623892][ T8248] IPv6: sit2: Disabled Multicast RS
[  305.706240][ T8259] loop5: detected capacity change from 0 to 256
[  305.752123][ T8259] exfat: Deprecated parameter 'namecase'
[  305.781591][ T8259] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d)
[  308.972566][ T8243] lo speed is unknown, defaulting to 1000
[  309.104645][ T4280] Bluetooth: hci0: command 0x0406 tx timeout
[  309.653712][ T8307] netlink: 'syz.0.1293': attribute type 12 has an invalid length.
[  309.662920][ T4287] Bluetooth: hci1: command 0x0406 tx timeout
[  310.030445][ T8309] device ip6gretap0 entered promiscuous mode
[  310.596976][ T8319] loop5: detected capacity change from 0 to 256
[  311.587512][ T8319] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb45ad1ca, utbl_chksum : 0xe619d30d)
[  314.190671][ T8359] overlayfs: failed to clone upperpath
[  315.653799][ T8363] lo speed is unknown, defaulting to 1000
[  316.020400][ T8387] xt_nat: multiple ranges no longer supported
[  317.181872][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  317.201407][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  319.376556][ T8399] lo speed is unknown, defaulting to 1000
[  323.069836][ T8446] loop5: detected capacity change from 0 to 2048
[  323.934863][ T8447] netlink: 'syz.6.1339': attribute type 4 has an invalid length.
[  323.947997][ T8447] netlink: 17 bytes leftover after parsing attributes in process `syz.6.1339'.
[  323.975686][ T8446]  loop5: p1 < > p3
[  323.998020][ T8446] loop5: p3 size 134217728 extends beyond EOD, truncated
[  324.487796][ T8465] xt_NFQUEUE: number of total queues is 0
[  325.352582][ T8474] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1348'.
[  325.668313][ T8398] udevd[8398]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  325.702665][ T8457] udevd[8457]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  325.775597][ T8398] udevd[8398]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  325.800760][ T8457] udevd[8457]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  325.833690][ T8398] udevd[8398]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  325.849435][ T8457] udevd[8457]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  325.873187][ T8398] udevd[8398]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  325.908677][ T8457] udevd[8457]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  326.913865][ T8492] device veth0_to_team entered promiscuous mode
[  327.390262][ T8506] syz.0.1355[8506] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  327.390375][ T8506] syz.0.1355[8506] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  328.864432][    C1] hrtimer: interrupt took 38370 ns
[  329.202967][ T8527] 9pnet_virtio: no channels available for device 
[  331.125509][ T8551] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed
[  332.659164][ T8571] 8021q: adding VLAN 0 to HW filter on device bond1
[  334.894147][ T8571] 8021q: adding VLAN 0 to HW filter on device bond1
[  334.954324][ T8571] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  335.040732][ T8571] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  335.219114][ T8576] device macvlan4 entered promiscuous mode
[  335.246493][ T8576] bond1: (slave macvlan4): Error -98 calling set_mac_address
[  335.463856][ T8584] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1380'.
[  335.492946][ T8584] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1380'.
[  335.848986][ T8584] device ip6gretap0 entered promiscuous mode
[  336.007543][ T8584] device syz_tun entered promiscuous mode
[  336.219316][ T5333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  336.339388][ T8596] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1384'.
[  336.416698][ T8596] tc_dump_action: action bad kind
[  336.709484][ T8608] device veth0_to_team entered promiscuous mode
[  338.095840][ T8620] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1394'.
[  339.606374][ T8629] loop5: detected capacity change from 0 to 8
[  339.687543][ T8632] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1397'.
[  339.887478][   T27] kauditd_printk_skb: 9 callbacks suppressed
[  339.887494][   T27] audit: type=1326 audit(1759892721.304:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8628 comm="syz.5.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7fc00000
[  339.977679][ T8632] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1397'.
[  340.554792][   T27] audit: type=1326 audit(1759892721.384:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8628 comm="syz.5.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f200798eec9 code=0x7fc00000
[  340.606943][   T27] audit: type=1326 audit(1759892721.384:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8628 comm="syz.5.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x7fc00000
[  342.118633][ T8679] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1405'.
[  345.133762][ T8701] team0: Device ipip1 is of different type
[  346.484523][ T8731] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.1418'.
[  346.609007][ T8738] overlayfs: failed to clone upperpath
[  350.789238][ T5333] device hsr_slave_0 left promiscuous mode
[  351.131785][ T5333] device hsr_slave_1 left promiscuous mode
[  351.158248][ T5333] batman_adv: batadv0: Removing interface: batadv_slave_0
[  351.182809][ T5333] batman_adv: batadv0: Removing interface: batadv_slave_1
[  351.200881][ T5333] device bridge_slave_1 left promiscuous mode
[  351.216496][ T5333] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.238922][ T5333] device bridge_slave_0 left promiscuous mode
[  351.258940][ T5333] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.465318][ T5333] team0 (unregistering): Port device team_slave_1 removed
[  352.539830][ T5333] team0 (unregistering): Port device team_slave_0 removed
[  352.607148][ T5333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  352.678413][ T5333] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  353.313904][ T5333] bond0 (unregistering): Released all slaves
[  353.383130][ T8757] lo speed is unknown, defaulting to 1000
[  353.383209][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.397128][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.405047][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.412797][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.420672][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.428515][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.436387][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.444109][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.452111][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.459983][ T8796] netlink: 'syz.3.1435': attribute type 1 has an invalid length.
[  353.529678][ T8814] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1438'.
[  353.553957][ T8818] device vlan0 entered promiscuous mode
[  353.570167][ T8818] device bond0 entered promiscuous mode
[  353.594576][ T8818] device bond_slave_0 entered promiscuous mode
[  353.610765][ T8818] device bond_slave_1 entered promiscuous mode
[  355.611678][ T4280] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  355.622246][ T4280] CPU: 0 PID: 4280 Comm: kworker/u5:3 Not tainted syzkaller #0
[  355.629848][ T4280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  355.639940][ T4280] Workqueue: hci1 hci_rx_work
[  355.644742][ T4280] Call Trace:
[  355.648045][ T4280]  <TASK>
[  355.651016][ T4280]  dump_stack_lvl+0x168/0x22e
[  355.655723][ T4280]  ? show_regs_print_info+0x12/0x12
[  355.660954][ T4280]  ? load_image+0x3b0/0x3b0
[  355.665526][ T4280]  sysfs_create_dir_ns+0x252/0x280
[  355.670683][ T4280]  ? hci_rx_work+0x3eb/0xd40
[  355.675303][ T4280]  ? sysfs_warn_dup+0xa0/0xa0
[  355.680006][ T4280]  ? do_raw_spin_unlock+0x11d/0x230
[  355.685253][ T4280]  kobject_add_internal+0x6b8/0xc80
[  355.690556][ T4280]  kobject_add+0x152/0x210
[  355.695055][ T4280]  ? kobject_init+0x1d0/0x1d0
[  355.699820][ T4280]  ? klist_children_get+0x50/0x50
[  355.704924][ T4280]  ? get_device_parent+0x121/0x3f0
[  355.710154][ T4280]  device_add+0x483/0xfb0
[  355.714583][ T4280]  ? kmem_cache_free+0xf7/0x290
[  355.719514][ T4280]  hci_conn_add_sysfs+0xd1/0x1e0
[  355.724509][ T4280]  le_conn_complete_evt+0xfec/0x15d0
[  355.729865][ T4280]  ? hci_le_big_info_adv_report_evt+0x310/0x310
[  355.736197][ T4280]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  355.741923][ T4280]  ? skb_pull_data+0xf7/0x200
[  355.746703][ T4280]  hci_le_conn_complete_evt+0x183/0x440
[  355.752324][ T4280]  ? hci_remote_host_features_evt+0x270/0x270
[  355.758467][ T4280]  hci_event_packet+0x791/0x1210
[  355.763508][ T4280]  ? bis_list+0x280/0x280
[  355.767914][ T4280]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  355.773922][ T4280]  ? kcov_remote_start+0x4c7/0x7e0
[  355.779102][ T4280]  ? bt_err+0x80/0x150
[  355.783236][ T4280]  ? hci_send_to_monitor+0x9c/0x4a0
[  355.788548][ T4280]  hci_rx_work+0x3eb/0xd40
[  355.793051][ T4280]  ? _raw_spin_unlock+0x40/0x40
[  355.798032][ T4280]  ? process_one_work+0x7a1/0x1160
[  355.803200][ T4280]  process_one_work+0x898/0x1160
[  355.808197][ T4280]  ? worker_detach_from_pool+0x240/0x240
[  355.813923][ T4280]  ? _raw_spin_lock_irq+0xab/0xe0
[  355.819037][ T4280]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  355.824494][ T4280]  ? kthread_data+0x4b/0xc0
[  355.829076][ T4280]  worker_thread+0xaa2/0x1250
[  355.833852][ T4280]  kthread+0x29d/0x330
[  355.837986][ T4280]  ? worker_clr_flags+0x1a0/0x1a0
[  355.843081][ T4280]  ? kthread_blkcg+0xd0/0xd0
[  355.847796][ T4280]  ret_from_fork+0x1f/0x30
[  355.852328][ T4280]  </TASK>
[  355.861061][ T4280] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  355.874961][ T4280] Bluetooth: hci1: failed to register connection device
[  357.099790][ T8878] overlayfs: failed to clone upperpath
[  357.308121][ T8863] lo speed is unknown, defaulting to 1000
[  360.323051][ T8903] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1457'.
[  360.480763][ T8903] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1457'.
[  360.508691][ T8903] device ip6gretap0 entered promiscuous mode
[  361.314158][ T8903] device syz_tun entered promiscuous mode
[  361.387520][ T8903] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  361.545260][ T8903] Cannot create hsr debugfs directory
[  361.550895][ T8903] hsr1: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network
[  361.597880][ T8903] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network
[  362.733167][ T8926] validate_nla: 37 callbacks suppressed
[  362.733186][ T8926] netlink: 'syz.6.1477': attribute type 1 has an invalid length.
[  362.777261][ T8926] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  362.793003][ T8926] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  362.801837][ T8926] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  362.810637][ T8926] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.825815][ T8926] bond3: (slave geneve2): making interface the new active one
[  362.835082][ T8926] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  362.915024][ T8926] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1477'.
[  362.929987][ T8926] 8021q: adding VLAN 0 to HW filter on device bond3
[  362.941126][ T8926] syz.6.1477 (8926) used greatest stack depth: 19616 bytes left
[  364.127981][ T4780] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  365.258798][   T27] audit: type=1107 audit(1759892746.664:203): pid=8958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  367.180384][ T8978] team0: Device ipip0 is of different type
[  367.572614][ T8986] netlink: 'syz.3.1479': attribute type 3 has an invalid length.
[  368.618814][ T8993] netlink: 'syz.5.1481': attribute type 3 has an invalid length.
[  369.048498][ T8993] netlink: 'syz.5.1481': attribute type 3 has an invalid length.
[  372.827830][   T27] audit: type=1326 audit(1759892754.244:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  372.922849][   T27] audit: type=1326 audit(1759892754.274:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.034631][   T27] audit: type=1326 audit(1759892754.274:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.133328][   T27] audit: type=1326 audit(1759892754.274:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.243019][   T27] audit: type=1326 audit(1759892754.284:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.374666][   T27] audit: type=1326 audit(1759892754.294:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.434736][   T27] audit: type=1326 audit(1759892754.294:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.457694][   T27] audit: type=1326 audit(1759892754.294:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.481287][   T27] audit: type=1326 audit(1759892754.294:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  373.521105][   T27] audit: type=1326 audit(1759892754.294:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9036 comm="syz.0.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcc27d8eec9 code=0x7ffc0000
[  377.146948][ T9089] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1506'.
[  377.361487][ T9089] bond0: (slave bond_slave_1): Releasing backup interface
[  378.764946][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  378.771717][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  380.009829][ T9128] netlink: 'syz.3.1516': attribute type 1 has an invalid length.
[  381.551839][ T9128] device bond2 entered promiscuous mode
[  381.612473][ T9129] bond2: (slave ip6gretap1): making interface the new active one
[  381.689203][ T9129] device ip6gretap1 entered promiscuous mode
[  381.725822][ T9129] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  384.962343][ T9187] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1533'.
[  385.081966][ T9187] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1533'.
[  385.144533][ T9187] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1533'.
[  385.547779][   T27] kauditd_printk_skb: 16 callbacks suppressed
[  385.547797][   T27] audit: type=1326 audit(1759892766.964:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.6.1528" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feb9518eec9 code=0x0
[  389.152693][ T9235] 8021q: adding VLAN 0 to HW filter on device bond4
[  389.203269][ T9235] device bond4 entered promiscuous mode
[  389.229653][ T9235] bond0: (slave bond4): Enslaving as an active interface with an up link
[  389.283876][ T9240] netlink: 14 bytes leftover after parsing attributes in process `syz.6.1547'.
[  390.260292][ T9240] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  391.096476][ T9240] device bond_slave_0 left promiscuous mode
[  391.135526][ T9240] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  391.195916][ T9240] device bond_slave_1 left promiscuous mode
[  391.254367][ T9240] bond0 (unregistering): (slave bond4): Releasing backup interface
[  391.300655][ T9240] device bond4 left promiscuous mode
[  391.381855][ T9240] bond0 (unregistering): Released all slaves
[  392.945556][ T9267] ceph: No mds server is up or the cluster is laggy
[  394.662506][ T4280] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  399.042014][ T9396] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1577'.
[  401.556491][ T9423] syz.4.1582 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  403.019377][ T9441] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1589'.
[  403.180191][ T9418] lo speed is unknown, defaulting to 1000
[  406.065258][ T9461] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1593'.
[  406.195060][ T9464] sch_tbf: burst 88 is lower than device veth5 mtu (1514) !
[  406.503173][ T9470] syz.6.1595[9470] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  406.503335][ T9470] syz.6.1595[9470] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  407.236270][ T9479] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  408.106782][   T27] audit: type=1326 audit(1759892789.244:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9485 comm="syz.5.1608" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f200798eec9 code=0x0
[  409.952160][ T9495] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1598'.
[  410.001981][ T9495] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1598'.
[  410.058494][ T9495] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1598'.
[  415.724458][   T27] audit: type=1326 audit(1759892796.844:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9546 comm="syz.6.1612" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb9518eec9 code=0x0
[  416.156645][   T27] audit: type=1326 audit(1759892797.574:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9568 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  416.217685][ T9572] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  416.813856][   T27] audit: type=1326 audit(1759892797.574:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9568 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  416.927182][   T27] audit: type=1326 audit(1759892798.214:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9568 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  416.959654][   T27] audit: type=1326 audit(1759892798.214:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9568 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  417.028334][   T27] audit: type=1326 audit(1759892798.224:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9578 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7feb951c1785 code=0x7ffc0000
[  417.231784][ T9560] syz.5.1614 (9560) used greatest stack depth: 18176 bytes left
[  417.404591][   T27] audit: type=1326 audit(1759892798.374:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9578 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  418.139836][ T9590] binder_alloc: 9589: binder_alloc_buf size 1024 failed, no address space
[  418.156817][ T9590] binder_alloc: allocated: 12288 (num: 2 largest: 12280), free: 0 (num: 0 largest: 0)
[  418.171628][   T27] audit: type=1326 audit(1759892798.524:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9568 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  418.317639][   T27] audit: type=1326 audit(1759892798.664:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9568 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  418.537821][   T27] audit: type=1326 audit(1759892798.664:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9568 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9518eec9 code=0x7ffc0000
[  418.762871][ T9629] sctp: [Deprecated]: syz.6.1624 (pid 9629) Use of int in max_burst socket option.
[  418.762871][ T9629] Use struct sctp_assoc_value instead
[  425.693252][ T9697] device vlan4 entered promiscuous mode
[  425.743795][ T9697] device hsr_slave_1 entered promiscuous mode
[  431.649686][ T9743] netlink: 'syz.6.1654': attribute type 4 has an invalid length.
[  432.443278][ T9752] syz.5.1656[9752] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  432.444223][ T9752] syz.5.1656[9752] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.930921][ T9776] tipc: Started in network mode
[  435.143408][ T9776] tipc: Node identity 2, cluster identity 4711
[  435.178449][ T9776] tipc: Node number set to 2
[  437.274641][ T9818] syz.4.1672[9818] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  437.274767][ T9818] syz.4.1672[9818] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  440.136181][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.154205][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  545.224360][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  545.231371][    C1] 	(detected by 1, t=10502 jiffies, g=46161, q=18 ncpus=2)
[  545.238571][    C1] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4294991637-4294981135), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  545.251946][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g46161 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  545.263140][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  545.273107][    C1] rcu: RCU grace-period kthread stack dump:
[  545.278998][    C1] task:rcu_preempt     state:R  running task     stack:27200 pid:16    ppid:2      flags:0x00004000
[  545.289785][    C1] Call Trace:
[  545.293066][    C1]  <TASK>
[  545.296005][    C1]  __schedule+0x10ec/0x40b0
[  545.300525][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  545.305737][    C1]  ? _raw_spin_unlock+0x40/0x40
[  545.310602][    C1]  ? __sched_text_start+0x8/0x8
[  545.315466][    C1]  schedule+0xb9/0x180
[  545.319542][    C1]  schedule_timeout+0x15c/0x280
[  545.324417][    C1]  ? console_conditional_schedule+0x40/0x40
[  545.330319][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  545.336332][    C1]  ? update_process_times+0x1b0/0x1b0
[  545.341724][    C1]  ? prepare_to_swait_event+0x335/0x350
[  545.347561][    C1]  rcu_gp_fqs_loop+0x2f2/0x1310
[  545.352422][    C1]  ? rcu_gp_kthread+0x380/0x380
[  545.357309][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  545.363298][    C1]  ? rcu_gp_init+0x14b0/0x14b0
[  545.368065][    C1]  ? rcu_gp_cleanup+0xb4c/0xca0
[  545.372920][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  545.378130][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  545.383339][    C1]  rcu_gp_kthread+0x95/0x380
[  545.387934][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  545.393048][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  545.398959][    C1]  ? __kthread_parkme+0x162/0x1c0
[  545.403994][    C1]  kthread+0x29d/0x330
[  545.408069][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  545.413181][    C1]  ? kthread_blkcg+0xd0/0xd0
[  545.417778][    C1]  ret_from_fork+0x1f/0x30
[  545.422208][    C1]  </TASK>
[  545.425228][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  545.431558][    C1] Sending NMI from CPU 1 to CPUs 0:
[  545.436784][    C0] NMI backtrace for cpu 0 skipped: idling at default_idle+0xb/0x10