last executing test programs:

16m59.568610496s ago: executing program 32 (id=1412):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xa, [@struct={0x8, 0x1, 0x0, 0xf, 0x0, 0x20008, [{0xe, 0x0, 0x3}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, 0x0, 0x3a}, 0x20)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x800714, &(0x7f0000000240), 0xff, 0x494, &(0x7f0000000840)="$eJzs3M1vFOUfAPDvTFugvLU/foiCoFU0El9aWlA5eFCjiQdNTPSAx9oWRBZqaE2ENFqNwaMh8W48mvgXePNi1IMx8aqJR0NCtDGheKqZnRm6bHf7RtuF7ueTLPs8M8/0eb4z8+w+Mw+zAbStvuyfJGJnRPwWET159tYCffnb7MzUyI2ZqZEk5ube+Cuplrs+MzVSFi2321FkjqQR6adJPJ8srHfi4qWzw5XK2IUiPzB57r2BiYuXnjpzbvj02Omx80MnThw/NvjsM0NPr0mcWVzXD3w4fnD/K29deW3k5JW3f/wma9a+Q/n62jiWdKNBQA30ZXvt77mq+nWPrqDtd4NdNemks4UNYUU6IiI7XF3V/t8THTF/8Hri5U9a2jhgXWXfTVubr56eAzaxJFrdAqA1yi/67Pq3fG3Q0OOOcO2FiC1FenZmamT2ZvydkRbLu9ax/r6IODn975fZK1Z6HwIAYBWqY5snG43/0thXfc/nOnYXcyi9EfG/iNgTEf+PiL0RcU9Etey9EXFfvvFczzLr76vLLxz/pFcbtnmNZOO/52rGfrM18RdvvR1Fblc1/q7k1JnK2NFinxyJrq1ZfnCROr576dfPm62rHf9lr6z+cixYNOBqZ90NutHhyeG12gnXPo440Nko/uTmTEB2BuyPiAMr+9O7oztPnHn864PNCi0d/yLWYJ5p7quIx/LjPx118ZeSxecnB7ZFZezoQHlWLPTTL5dfb1b/bcW/BrLjv/3W87+uRM8/ST5f2xWVytiFiZXXcfn3z5pe06z2/N+SvFmds/75nXzZB8OTkxcGI7Ykr1bz5TVddfnQ/LZlviyfxX/kcOP+v6fYJov//ojITuJDEfFARDxYtP2hiHg4Ig4vEv8PLz7y7iLxJ5FES4//aMPPv5vnf29SO1+/ikTH2e+/bTZjvrzjfzymq5+1uern3xKW28Db3H0AAABwV0gjYmckaX+e7tsZadrfn/8f/r2xPa2MT0w+cWr8/fOj+TMCvdGVlne6emruhw4m08VfzPNDxb3icv2x4r7xFx3d1Xz/yHhltMWxQ7vbcWv/j7L/Z/7saHXrgHXneS1oX/X9P21RO4CNt5zvf9cCsDk16P/drWgHsPFc/0P7atT/P6rLG//D5rSw///R4CfrgM3I+B/al/4P7Uv/h7Z0O8/1L5FIm1dRPiyw+iq2LfsJ/3VOdEXEHdCMylj5ixfrWVd3zC+JtOUht1Ei6zEbW+n8b6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADczf4LAAD//3344cc=")
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f00000001c0)=':,^]+*@', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000001880)={'wg1\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000280)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="290a00000000000000ca0100c9ce08000100", @ANYBLOB="24000300"/36], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x40, r8, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r7}]}, 0x40}}, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$netlink(0x10, 0x3, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x34, r11, 0x1, 0x200, 0x0, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8}]}, 0x34}}, 0x0)
dup(r9)
socket$key(0xf, 0x3, 0x2)

15m31.72691448s ago: executing program 3 (id=1588):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='status\x00')
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
mmap(&(0x7f0000624000/0x1000)=nil, 0x1000, 0x5, 0x2010, 0xffffffffffffffff, 0xffffc000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000380)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0xfdef, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, &(0x7f00000003c0)={0x5, 0x1, 0xc654, 0x7, 0x5, 0x8, 0x5, 0xffffffff, 0x6})
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000000)=0xfffffffc, 0x4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = userfaultfd(0x1)
r8 = epoll_create(0x400)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000200)={0x30000010})
sendmsg$DEVLINK_CMD_SB_POOL_SET(r1, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x110, r2, 0x0, 0x70bd2d, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x4}, {0x8, 0x13, 0x401}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x7b2}, {0x8}, {0x5, 0x14, 0xfe}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xa}, {0x6, 0x11, 0x2}, {0x8, 0x13, 0x3}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x3}, {0x8, 0x13, 0xa25a}, {0x5}}]}, 0x110}, 0x1, 0x0, 0x0, 0x10000}, 0x40)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_LINK_GET(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="030700000000000000000800000068000480040007801300010062726f6164636173742d6c696e6b00001900078008000300000000000800020000000000080003000000000008000200000000000800030000000000040004"], 0x7c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r10)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)

15m23.89027281s ago: executing program 3 (id=1599):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000740))
quotactl$Q_GETQUOTA(0xffffffff80000700, &(0x7f00000000c0)=@rnullb, 0x0, &(0x7f0000000780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700c55a5b87300000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r8}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
sendmsg$can_bcm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="01000000000800006b21000000000000", @ANYRES64=0x0, @ANYRES64=<r9=>0xea60, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x80}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="01000000971bac5544ad77400779467f", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r9, @ANYRES64=0x2710, @ANYBLOB="0000000001"], 0x80}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x1)

15m15.693892525s ago: executing program 3 (id=1601):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x4, &(0x7f00000000c0)=""/196, 0xc4)
syslog(0x4, &(0x7f00000002c0)=""/18, 0x12)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="3000c1b91800190100000000fcdbdf250a800000400000000000001400020000000000000000000000000000000000649f3681f54746fd93ae770e457bc9820408a48e4c5d35513aa2f3d379c8094ccf3c1465c48b35ce12a6c83e5bdb77abe8d6f62cdbd2c0ea3e6433c514cba1a1e76a7f9c565a2cdf848297666d0a56226c632abb78c777255b6de71f3e3884715bcc8d36c2b63c3e93ca5ebb33d37a1ff30e3873a8a1abb73343df743525654039b911b2f6c803aa9b457341594d1f901fea01c69051ce6cff3339748a6d80378ede865e0dedf41640ed2650542653d0297d4e047c95a0edca29d222529e498385e4d681780e1fb8d6b39f44b18e5b2db49ec673ccd96125ea421f0bf09172fb0a23862760d394b7ab84d1724e3e76ee5dda24f10abedf4294f814060239a0fa36e5d616691cf45cc6294581d5115a4ed36ffc6641d5fa809c815d8aa95278c79c74b8a9160389af2192f9414704c09c6943d6a38957fe0bb8f9b8dbbdbd07b57824381d634470ff679d1609fcc506e35d"], 0x30}}, 0x44010)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xb, 0xc, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r3, @ANYRESHEX=r4, @ANYRESHEX, @ANYRES32], 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffbff}, 0x94)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000002, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r7, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r8 = socket(0x1e, 0x5, 0x0)
listen(r8, 0x0)
accept4(r8, &(0x7f0000000200)=@caif, &(0x7f0000000040)=0x80, 0x0)
accept4$inet6(r8, 0x0, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x2000000}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="18007728e449800000000000000000009500000000000000265470a461928383afa1187dcb1ef7838d8deddbd673a89968a54fffea96000000009e3f068fdcc0d144d0000025aae310150efe4ca0fcf0c419f57b043450f6837d2d562200000000000000000000000000001bf83990cab5a99d91aa5803e9d1cf6c3a4cc57d5d7c8cca54f22feb236822a40a6d80e0b594f73e62a5ecd3cdda040c0a0f"], &(0x7f0000000e80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET_FEATURE(r11, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
dup2(r10, r9)

15m11.590971688s ago: executing program 3 (id=1608):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x1, 0x0, &(0x7f0000000000))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r7, 0x0, 0x0, 0x7fff, 0x1, 0x0)
write$P9_RWALK(r7, &(0x7f00000004c0)={0x3d, 0x6f, 0x1, {0x4, [{0x80, 0x4, 0x7}, {0x20, 0x3, 0x4}, {0x1, 0x3, 0x4}, {0x0, 0x0, 0x6}]}}, 0x3d)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x1, 0xfffc}, 0x20)

15m6.792790821s ago: executing program 3 (id=1612):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x16, 0x0, 0x0, 0x0}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x1c2)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x3a)
inotify_add_watch(r3, &(0x7f0000000000)='./file0\x00', 0x42000200)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000580)={'syz1\x00', {0x6fc9, 0x5, 0x5, 0x5}, 0x38, [0x9, 0x3, 0xa, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf5, 0x9, 0x3b, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x5, 0xfffffffb, 0xbeb, 0x3, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x4, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x8, 0x4000e, 0xd76, 0x2, 0xde, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x1], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x0, 0x400005, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0xc33, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x4, 0x5, 0x0, 0x981, 0x4, 0x31, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x0, 0xfffffff9, 0x0, 0x2, 0x1, 0x0, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0x7, 0x101, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0xc, 0xe, 0x5, 0x7, 0x6, 0x1000002, 0x1, 0x1, 0xb, 0x26, 0x200, 0x3], [0x401, 0xc584, 0x4, 0xcd4, 0x7, 0x20, 0x7, 0x4, 0x8, 0x89b2, 0x7, 0x100009, 0xe8b, 0x5, 0x80000001, 0x7, 0xfffffffc, 0x1000, 0x2, 0xff, 0x9, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x5, 0x80, 0x40, 0x9, 0x47, 0x2, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0xbf23, 0x6, 0x8, 0x0, 0x0, 0x3ff, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x7, 0x5, 0x6, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x10, 0x2, 0x761, 0xb, 0x402, 0x800, 0xc4a, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x7, 0x1e0, 0x4, 0x2000e47, 0x3, 0x3, 0x4, 0x200, 0x1000, 0x9, 0x5, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x8, 0x1208a8, 0x2, 0x3d, 0x7, 0x2, 0x6, 0x4, 0x10, 0x340a, 0x0, 0x7fff, 0xa1, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0x2000000e, 0x2, 0xd, 0xf, 0x133, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(r5, 0x5501)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r7=>0x0})
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f00000002c0)={r7, 0x11, 0x6}, 0x10)
setsockopt$packet_drop_memb(r6, 0x107, 0x2, &(0x7f0000000580)={r7, 0x1, 0x6, @local}, 0x10)

15m2.93599089s ago: executing program 3 (id=1615):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69703000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
openat$vcsu(0xffffff9c, 0x0, 0x8000, 0x0)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10)

14m43.310430501s ago: executing program 33 (id=1615):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69703000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
openat$vcsu(0xffffff9c, 0x0, 0x8000, 0x0)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10)

11m49.699675456s ago: executing program 5 (id=3264):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x1, 0x0, &(0x7f0000000000))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
setpgid(0x0, 0x0)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r7, 0x0, 0x0, 0x7fff, 0x1, 0x0)
write$P9_RWALK(r7, &(0x7f00000004c0)={0x3d, 0x6f, 0x1, {0x4, [{0x80, 0x4, 0x7}, {0x20, 0x3, 0x4}, {0x1, 0x3, 0x4}, {0x0, 0x0, 0x6}]}}, 0x3d)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x1, 0xfffc}, 0x20)

11m48.097439301s ago: executing program 5 (id=3279):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x1d, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)

11m48.014504252s ago: executing program 5 (id=3282):
socket(0x10, 0x803, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
mknod$loop(0x0, 0x2, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
writev(r0, &(0x7f0000000380)=[{&(0x7f00000000c0)="6b5ea0cd", 0x4}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, r0, 0x0)
ioctl(r0, 0x1, &(0x7f0000000080))

11m47.940912013s ago: executing program 5 (id=3288):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0xad3c3b, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
chroot(&(0x7f0000000080)='./file0/../file0\x00')
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)

11m47.912885564s ago: executing program 5 (id=3290):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x1, 0x0, &(0x7f0000000000))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
setpgid(0x0, 0x0)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r7, 0x0, 0x0, 0x7fff, 0x1, 0x0)
write$P9_RWALK(r7, &(0x7f00000004c0)={0x3d, 0x6f, 0x1, {0x4, [{0x80, 0x4, 0x7}, {0x20, 0x3, 0x4}, {0x1, 0x3, 0x4}, {0x0, 0x0, 0x6}]}}, 0x3d)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x1, 0xfffc}, 0x20)

11m47.821310625s ago: executing program 5 (id=3293):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000140), 0x62}, 0x2}], 0x1, 0x40000406, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2409c8c9, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c)
sendto$inet6(r1, &(0x7f0000000e80)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb", 0x63, 0x6d91fb6102d8910c, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

11m47.730026956s ago: executing program 34 (id=3293):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000140), 0x62}, 0x2}], 0x1, 0x40000406, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2409c8c9, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c)
sendto$inet6(r1, &(0x7f0000000e80)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb", 0x63, 0x6d91fb6102d8910c, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

11m21.062381024s ago: executing program 6 (id=3566):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x552f, &(0x7f0000000880)="$eJzs3L1vG2UYAPDHTtJvSoQY2HpShZRItVWnH4KtQCs+RKuqwMAEju1Ybm1fFDtOyMTAiBiY+ScQSEyM/A0MzGyIAcSGFOS7CzRQEFXsuEl/P+n83L1+/dzznqJIz53lAJ5ai8lvv5TifJyOiLmIOBeR7ZeKLXMjDy9ExIWIKD+0lYrxPwdORMSZiDg/Tp7nLBVvfX5pdPHaz2/9+u33J+fPfvnND7NbNTBrL0ZEbz3f3+rlMW3n8X4xXh91sti7Oipi/kbvQXGc5nGrtZpl2Krvzatn8Uo7n5+ubw7Gca1bb4xju7OWja/38xMORu29PNkH7tc3suNmazWLnUGaxfZOXtf2Tv6/bWcwzPM0i3wfZeljONyL+Xhru5WvZ/1BFhv9YTGe502bre1xHBWxOF000m4zq2P1IFf6yfZ2p7+5nYxaG4NO2k+uVWsvVWvXK7WNtNkatq5W6r3m9avJUrs7nlYZtuq9G+00bXdb1UbaW06W2o1GpVZLlm62Vjv1flKrVa9UL1euLRd7l5LX77yXdJvJ0ji+2ulvDjvdQbKWbiT5J5aTleqVl5eTi7Xkndt3k7v3bt26fffdD26+f+eV22++Vkz6R1nJ0srllZVK7XJlpbb8FK3/k6LoCa4fDqT0eNNPTqsOgCNE/w/MwvT6/417EdPv/0P/PxH/3f+W44nqf6fW/39xNPr/g6x//mDXCR7pMft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOjx8Xvnoj21nMj88W488UQ88Vx6WIKEfE7iPMxYl9OeeKPAv/Mn/hbzV8V4osw/gcJ4vtTETcKLbfn532VQAAAIBjZ3e32Pn64wuf5d16/rI407I4ZPlNm/K5DyeUrxQRC4s/TShbefzy/ISSZX/f87E9oWzZDaxTE0qW33Kbn1S2/2VuXzj1UCjloXyo5QAAAIdifydwuF0IAAAAh+nTWRfAbJRi71Hm3rPg7Jv3fz0QPL3vCAAAADiCSrMuAAAAAJi6rP/3+38AAABwvOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAf7NxPbtpAFAfgZ4ML/aeiqvv2KN3BMXqELrusOEAvwRHoFXoBzkB3OUIEER4HQZREiTy2FfJ9khnGgp+fESxmBg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECX/lfrxd/fX/+0zdnt2znNGj/9st/a1g0AAACvwbZaL+ons9R/35z/2Jz63PSLiCgj4r6x+yjenGWOmpzqgddXd2r4F1EnHK4xaY53EfG9Oa4/df0pAAAAwOXaLFfzNFpPD7OhC6JPadKm/PAjU14REdXsKlNaecj7kims/n6P41emtHoCa5opLE25PeM/LxnUP/fjrN30pClSUz7+/mz3DgAA9Gh01vQ7CgEAAKBPP4cugGEUcbuUeVwKnKSmWd57e9YDAAAAXqBi6AIAAACAztXjf/v/AQAAwGVL+/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTx3AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDD/ryjQAiEQRjsXd+ZzP0PKw2amppUgfDxNwYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf7c5sCIAiEYXAr+/oX3v+w8YKeIYIZEB52URAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAH7lnLOPUOmNLPFXVMk3sGfeqOrJKnFklrlzo48HWP/wRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwsnM/r3FUcQDA38zsbNKquEbZQ0QseNCLTbe1tRcRD0rw4J8ghHRbY7f+aHOwpQi5iBfJuRfRo4igxFv/h55b6KXeethDBc+V+ZVMfhxWZGc23c8H3rzvDMN73zeBJd+8yQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP+IO9OMkOvSKOy2v3n9xez/oHB/rM3e2Hy1nL4qjJpI+H1+onUb92sth8MgAAAMyHpKrvQwiP0p3VrI97ef2fVvdkNf9PLxRxVc8frPurvqr9s/bnH49f2Z2oV8yTDXp5YzQ8cziVzvRW2bxk0hufvjjBTZ38ycfVwHGIP956eZzmzzP64d69D7t5uPC/UgYApuh01ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBcFUchhOXOXpx58OT2+lH93e2Hy1W7cOfOdn3MbIg0hHB5YzQ8ExYbXM1su3Hz1tW10Wh4vfng9RBCW7O/Xy7/6qcT3BzClNI41dKTn7MgLn/Ys5LP8QgOf1a8932Tn0wAADxr0rJldf2jdGc1uxYthfD05/31/5u1OExY/z/+7ML9+lz1+n/Q2Apn38rmta9Wbty89fbGtbUrwyvDL945O3h3cO7i+fMXV/K/lRTHttMEAADgGOuWrV7/x0uH9/9P1uIwYf3/9Y+Db+tzJer/I+1t+rWdCQAAwHx76dQ/f0dHXI+63fDN2ubm9UFx3D0/WxxbSPU/Wyhbvf5PltrOCgAAAGjCeCvat/9/qRaHCff/n//l1d/qYyYhhBPl/v/p9S9Hl5pbzkybyj8PL5SDe7MAAACAsh4/cWD/P83f/493X3mIQwhvvVHE5dcATlT/Jx9992t9rvr7/+eaW+JMivvF88j7fgidftsZAQAA8CxbzFsvr///SndWP//95Cdd7/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA//8G/j5b")

11m16.283330207s ago: executing program 6 (id=3577):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_LBT_MODE(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), r1)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000012c0), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x70bd2a, 0x25dfdbf8, {}, [@NLBL_MGMT_A_DOMAIN={0xc, 0x1, '\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8800}, 0x40000)

11m15.529422589s ago: executing program 6 (id=3578):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x20085e, &(0x7f0000000100), 0x1, 0x502, &(0x7f0000000a00)="$eJzs3c9vI1cdAPCvnV9OmjZp6QEQokspLGi1TuJto6oHKCeEUCVEjyBtQ+KNothxFDulCXvY/g9IVOIER/4Azj3xJyC4cYEDEj8iULMSSFPNeLzrzdob7yaxs/HnI41m3ryxv+/t7rzn+W7iF8DYuhYR9yJiOiI+iIiF/Hwh3+Ld9pZe99nR3fXjo7vrhUiS9/9VyOrTc9H1mtQL+XuWIuLH34/4WeHxuM2Dw+21Wq261y7OLrXqu0vNg8ObW/W1zepmdadSWV1ZXX771luVc+vra/Xp9sFE2sBv/yJt1nxe192Pc/T/JDP1IE5qMiJ+eAHBRmEi78/0qBvCMylGxCsR8Xp2/y/ERPa3CQBcZUmyEMlCdxkAuOqKWQ6sUCznuYD5KBbL5XYO79WYK9YazdaNO439nY12rmwxpop3tmrV5TxXuBhThbS8kh0/LFdOlG9FxMsR8cuZ2axcXm/UNkb5wQcAxtgLJ+b//860538A4IorjboBAMDQmf8BYPyY/wFg/Jj/AWD8mP8BYPyY/wFg/Jj/AWCs/Oi999ItOc6//3rjw4P97caHNzeqze1yfX+9vN7Y2y1vNhqb2Xf21E97v1qjsbvyZux/tPid3WZrqXlweLve2N9p3c6+1/t2dWoovQIAnuTl1z79cyEi7r0zm23RtZaDuRqutuJZXjx7fu0Ahm9i1A0ARsZqXzC+zvCMLz0AV0SPJXofUXrkcT+/OkmS5GKbBVyg61+S/4dx1ZX/91PAMGbk/2F8DZr/Py0/ADx/kqQw6Jr/MeiFAMDlJscP9Hm+fyXf/y7/z4Gfbpy84pOLbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbp31f8v5WuDzUSyWyxEvRsRiTBXubNWqyxHxUkT8aWZqJi2vjLjNAMBZFf9eyNf/ur7wxvzJ2unC/ZlsHxE///X7v/pordXa+2N6/t8Pzrc+yc9XRtF+AOA0nXk623c9yH92dHe9sw2zPf/4XkSU2vGPj6bj+EH8yZjM9qWYioi5/xTycluhK3dxFvc+jogv9up/IeazHEh75dOT8dPYLw41fvGR+MWsrr1P/yy+8NSRk4VzaD481z5Nx593e91/xbiW7Xvf/6VshDq7fPxL32r9OBsDH8bvjH8Tfca/a4PGePMPP2gfzT5e93HElycjOrGPu8afTvxCn/hvDBj/L1/56uv96pLfRFyP3vG7Yy216rtLzYPDm1v1tc3qZnWnUlldWV1++9ZblaUsR73Ufzb45zs3XupXl/Z/rk/80in9/8aA/f/t/z74ydeeEP9bX+8VvxivPiF+Oid+c8D4a3O/L/WrS+Nv9Ox/R//+3xgw/l//dvjYsuEAwOg0Dw6312q16t4wDzofJIYa1MEVOEj/1VyCZvQ8+O6wYk3HU70qSZ4pVr8R4zyybsBl0L7Xk+peRNwfdWMAAAAAAAAAAAAAAICehvEbS6PuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfX5wEAAP//90HVog==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0x3920e, r0, 0x2, 0x0, 0x2})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)

11m15.382623731s ago: executing program 6 (id=3584):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
creat(&(0x7f0000000580)='./bus\x00', 0x0)
creat(&(0x7f0000000180)='./file1\x00', 0x88)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
unlink(&(0x7f0000000180)='./file1\x00')

11m15.105509065s ago: executing program 6 (id=3593):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='kfree\x00', r1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0)

11m15.011936256s ago: executing program 6 (id=3596):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @random="f19a1ae8dd9a", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dc58c", 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x27}, @local, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xfffd}}}}}}}, 0x0)

11m14.594239013s ago: executing program 35 (id=3596):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @random="f19a1ae8dd9a", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dc58c", 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x27}, @local, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xfffd}}}}}}}, 0x0)

11m4.864232232s ago: executing program 7 (id=3662):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0xfdb7)

11m4.545344907s ago: executing program 7 (id=3668):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000000)="89e7eb2c7cdad9b4b47380c9892f", 0xe}], 0x1)

11m4.198368182s ago: executing program 7 (id=3671):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

11m3.167826338s ago: executing program 7 (id=3679):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000001140)={[{@errors_continue}, {@data_err_abort}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000002f40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
mount$bind(&(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc01, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

11m2.695464995s ago: executing program 7 (id=3681):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @window={0x3, 0xe, 0x7ff}, @timestamp, @sack_perm, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x11, 0x0, 0x11)

11m2.574645197s ago: executing program 7 (id=3685):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x5)

11m2.501616468s ago: executing program 36 (id=3685):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x5)

1m3.276164764s ago: executing program 4 (id=5631):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, r5)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, 0x0, 0x404c044)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000009400)={'wpan0\x00'})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000400850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8c00000013000500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014000300766c616e300000000000000000000000080004000000000034002b8008000100", @ANYBLOB="110008"], 0x8c}}, 0x0)

59.381837086s ago: executing program 4 (id=5637):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x8992, &(0x7f00000000c0)={'sit0\x00', 0x0})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
lsetxattr$security_selinux(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000000)='system_u:object_r:systemd_unit_file_t:s0\x00', 0x29, 0x5)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x2)
mmap(&(0x7f0000419000/0x4000)=nil, 0x4000, 0x800001, 0x11, r5, 0x43200000)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa80, 0x0)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000001240)={0x0, 0x2, 0x0, 0x0, 0x0, "001bf1000000000000002000"})
r7 = syz_open_pts(r6, 0x101)
dup3(r7, r6, 0x0)

58.411966882s ago: executing program 4 (id=5639):
mount$incfs(&(0x7f0000000140)='./file2\x00', &(0x7f0000000100)='./file2\x00', 0x0, 0x1888028, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r5)
socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0xe, 0x0, &(0x7f00000002c0))

56.490442693s ago: executing program 4 (id=5643):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bridge0\x00'})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000180))
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000280)='./file3\x00', 0x210040, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1dc, &(0x7f00000007c0)="$eJzslr+PEkEUx78zSxYwGhP/AQtJ1MJld1FjQyKNlYWJP4iFiURWgqySAIWQGPQvsLezsPcfMNHWP8Kgjddw1V29l/mxMEd2geOWo7j3Se7td/Zm3r55b/IGEARxbvn393ASHVT/FwBcRAl5/X7Pms/hxvw/hf0Pvx4+qH9+8e13fuIUk3xG0frfzwH4WbMwmK09vrqkn0/AZ/opOG5qXQeDo/VLcDzTOgDDc63fGLor5jvO63YYOK+6YVMIVxhPGF+YymJ8008MTSM+Zvy/Pxx1GmEY9LYoVuVvWuOoGvGZ9XKgonWN/Hng8LSugOGxrvA95OPcqJQY+2eGf2vp/m1sOyMiphOsunIptVQ2gM3CAFhWtcdHfWS3eYZShAUp4opm5Nk6o12IY7tiDnLLMp/dlrMTm9Tix321Jn4TjdVYzrmc4jAar/UJO2l5cXVg8/4UfWW4bvSPnFRf5FUjSljuD0e32m8braAVvPP9yl33tuve8cuyESm7pP8VZX+6MPefeCcJbGbjfWMw6HnKzsa+skkdl8v+x3HjmhqLPmgv+C0Ymuk/Lp+ya3a+p0ZPEASxO66CyZ4s+3Is9G0C47fuox3GSBAEQRAEQRAEQRDE6TgKAAD//4qoQzM=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000080)=""/234, 0xea)
getdents64(r3, 0x0, 0x0)
mount$incfs(&(0x7f0000000340)='./file0\x00', &(0x7f0000000540)='./file0\x00', &(0x7f00000005c0), 0xf8e3cc917175abf2, &(0x7f0000000740)={[{@read_timeout_ms={'read_timeout_ms', 0x3d, 0x36ac}}, {@read_timeout_ms={'read_timeout_ms', 0x3d, 0x6}}, {@readahead={'readahead', 0x3d, 0x43}}, {@read_timeout_ms={'read_timeout_ms', 0x3d, 0x7f}}, {}]})

52.955943439s ago: executing program 4 (id=5651):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bridge0\x00'})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000180))
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000280)='./file3\x00', 0x210040, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1dc, &(0x7f00000007c0)="$eJzslr+PEkEUx78zSxYwGhP/AQtJ1MJld1FjQyKNlYWJP4iFiURWgqySAIWQGPQvsLezsPcfMNHWP8Kgjddw1V29l/mxMEd2geOWo7j3Se7td/Zm3r55b/IGEARxbvn393ASHVT/FwBcRAl5/X7Pms/hxvw/hf0Pvx4+qH9+8e13fuIUk3xG0frfzwH4WbMwmK09vrqkn0/AZ/opOG5qXQeDo/VLcDzTOgDDc63fGLor5jvO63YYOK+6YVMIVxhPGF+YymJ8008MTSM+Zvy/Pxx1GmEY9LYoVuVvWuOoGvGZ9XKgonWN/Hng8LSugOGxrvA95OPcqJQY+2eGf2vp/m1sOyMiphOsunIptVQ2gM3CAFhWtcdHfWS3eYZShAUp4opm5Nk6o12IY7tiDnLLMp/dlrMTm9Tix321Jn4TjdVYzrmc4jAar/UJO2l5cXVg8/4UfWW4bvSPnFRf5FUjSljuD0e32m8braAVvPP9yl33tuve8cuyESm7pP8VZX+6MPefeCcJbGbjfWMw6HnKzsa+skkdl8v+x3HjmhqLPmgv+C0Ymuk/Lp+ya3a+p0ZPEASxO66CyZ4s+3Is9G0C47fuox3GSBAEQRAEQRAEQRDE6TgKAAD//4qoQzM=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000080)=""/234, 0xea)
getdents64(r3, 0x0, 0x0)
mount$incfs(&(0x7f0000000340)='./file0\x00', &(0x7f0000000540)='./file0\x00', &(0x7f00000005c0), 0xf8e3cc917175abf2, &(0x7f0000000740)={[{@read_timeout_ms={'read_timeout_ms', 0x3d, 0x36ac}}, {@read_timeout_ms={'read_timeout_ms', 0x3d, 0x6}}, {@readahead={'readahead', 0x3d, 0x43}}, {@read_timeout_ms={'read_timeout_ms', 0x3d, 0x7f}}, {}], [{@smackfshat={'smackfshat', 0x3d, 'fscrypt:'}}, {@appraise_type}, {@audit}, {@fowner_lt}]})

43.459553882s ago: executing program 4 (id=5668):
mount$incfs(&(0x7f0000000140)='./file2\x00', &(0x7f0000000100)='./file2\x00', 0x0, 0x1888028, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r5)
socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0xe, 0x0, &(0x7f00000002c0))

28.211484367s ago: executing program 37 (id=5668):
mount$incfs(&(0x7f0000000140)='./file2\x00', &(0x7f0000000100)='./file2\x00', 0x0, 0x1888028, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r5)
socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0xe, 0x0, &(0x7f00000002c0))

13.869297997s ago: executing program 0 (id=5686):
mount$incfs(&(0x7f0000000140)='./file2\x00', &(0x7f0000000100)='./file2\x00', 0x0, 0x1888028, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r5)
socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0xe, 0x0, &(0x7f00000002c0))

12.908865773s ago: executing program 2 (id=5708):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x8992, &(0x7f00000000c0)={'sit0\x00', 0x0})
r1 = socket$packet(0x11, 0x3, 0x300)
lsetxattr$security_selinux(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000000)='system_u:object_r:systemd_unit_file_t:s0\x00', 0x29, 0x5)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x2)
mmap(&(0x7f0000419000/0x4000)=nil, 0x4000, 0x800001, 0x11, r5, 0x43200000)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa80, 0x0)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000001240)={0x0, 0x2, 0x0, 0x0, 0x0, "001bf1000000000000002000"})
r7 = syz_open_pts(r6, 0x101)
dup3(r7, r6, 0x0)

12.317006202s ago: executing program 0 (id=5711):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

11.883414609s ago: executing program 2 (id=5713):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

10.392815113s ago: executing program 1 (id=5715):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

9.425356078s ago: executing program 9 (id=5717):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, r5)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, 0x0, 0x404c044)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000009400)={'wpan0\x00'})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000004008500000082000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8c00000013000500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014000300766c616e300000000000000000000000080004000000000034002b8008000100", @ANYBLOB="110008"], 0x8c}}, 0x0)

9.388200559s ago: executing program 8 (id=5718):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, r5)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, 0x0, 0x404c044)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000009400)={'wpan0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000400850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8c00000013000500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014000300766c616e300000000000000000000000080004000000000034002b8008000100", @ANYBLOB="110008"], 0x8c}}, 0x0)

9.194054632s ago: executing program 1 (id=5719):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x8992, &(0x7f00000000c0)={'sit0\x00', 0x0})
r1 = socket$packet(0x11, 0x3, 0x300)
lsetxattr$security_selinux(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000000)='system_u:object_r:systemd_unit_file_t:s0\x00', 0x29, 0x5)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x2)
mmap(&(0x7f0000419000/0x4000)=nil, 0x4000, 0x800001, 0x11, r5, 0x43200000)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa80, 0x0)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000001240)={0x0, 0x2, 0x0, 0x0, 0x0, "001bf1000000000000002000"})
r7 = syz_open_pts(r6, 0x101)
dup3(r7, r6, 0x0)

9.178902583s ago: executing program 0 (id=5720):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)

7.727646416s ago: executing program 9 (id=5721):
socket(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
lsetxattr$security_selinux(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000000)='system_u:object_r:systemd_unit_file_t:s0\x00', 0x29, 0x5)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0xc)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x2)
mmap(&(0x7f0000419000/0x4000)=nil, 0x4000, 0x800001, 0x11, r4, 0x43200000)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa80, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000001240)={0x0, 0x2, 0x0, 0x0, 0x0, "001bf1000000000000002000"})
r6 = syz_open_pts(r5, 0x101)
dup3(r6, r5, 0x0)

7.726816256s ago: executing program 1 (id=5722):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

7.609871588s ago: executing program 2 (id=5723):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000240)=@abs, 0x6e)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)

6.901885079s ago: executing program 8 (id=5724):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
getpid()
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r5}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000240)=@abs, 0x6e)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

6.755461342s ago: executing program 9 (id=5725):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r6)
socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r7, 0x107, 0xe, 0x0, &(0x7f00000002c0))

6.628081314s ago: executing program 1 (id=5726):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000240)=@abs, 0x6e)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)

5.926305954s ago: executing program 2 (id=5727):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

5.821064376s ago: executing program 9 (id=5728):
mount$incfs(&(0x7f0000000140)='./file2\x00', 0x0, 0x0, 0x1888028, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r6)
socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r7, 0x107, 0xe, 0x0, &(0x7f00000002c0))

5.704513208s ago: executing program 8 (id=5729):
ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x8992, &(0x7f00000000c0)={'sit0\x00', 0x0})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
lsetxattr$security_selinux(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000000)='system_u:object_r:systemd_unit_file_t:s0\x00', 0x29, 0x5)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0xc)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x2)
mmap(&(0x7f0000419000/0x4000)=nil, 0x4000, 0x800001, 0x11, r4, 0x43200000)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa80, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000001240)={0x0, 0x2, 0x0, 0x0, 0x0, "001bf1000000000000002000"})
r6 = syz_open_pts(r5, 0x101)
dup3(r6, r5, 0x0)

5.691323478s ago: executing program 0 (id=5730):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000240)=@abs, 0x6e)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)

3.75049013s ago: executing program 1 (id=5731):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

3.464650205s ago: executing program 9 (id=5732):
mount$incfs(&(0x7f0000000140)='./file2\x00', &(0x7f0000000100)='./file2\x00', 0x0, 0x1888028, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r5)
socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0xe, 0x0, &(0x7f00000002c0))

3.419714545s ago: executing program 8 (id=5733):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

2.046315367s ago: executing program 2 (id=5734):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

2.045002018s ago: executing program 1 (id=5735):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000240)=@abs, 0x6e)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)

2.032838708s ago: executing program 8 (id=5736):
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180)="b52be39296")
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/exec\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000010000", @ANYRES32, @ANYBLOB="00000000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, 0x0, &(0x7f0000001400))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
syz_emit_ethernet(0x53, 0x0, 0x0)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000476000/0x1000)=nil)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

1.583152015s ago: executing program 0 (id=5737):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x48)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x4, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x8, 0x0, 0x9, 0xfffffffffffffffd, 0x81, 0x7fffffff, 0x100000000}, 0x0, 0x0)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)

567.757761ms ago: executing program 2 (id=5738):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

485.233052ms ago: executing program 0 (id=5739):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

240.005467ms ago: executing program 8 (id=5740):
mount$incfs(&(0x7f0000000140)='./file2\x00', 0x0, 0x0, 0x1888028, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = io_uring_setup(0x734a, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r6)
socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r7, 0x107, 0xe, 0x0, &(0x7f00000002c0))

0s ago: executing program 9 (id=5741):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x25, 0x7, @val=@iter={&(0x7f0000000280)=@cgroup={0x2, r3, 0xe}, 0x10}}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

T349] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1056.320069][  T349] device bridge_slave_0 left promiscuous mode
[ 1056.326357][  T349] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1056.335626][  T349] device veth0_vlan left promiscuous mode
[ 1056.408975][ T6554] usb 8-1: Using ep0 maxpacket: 32
[ 1056.430309][ T6554] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 104, changing to 10
[ 1056.448069][ T6554] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25701, setting to 1024
[ 1056.468080][ T6554] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1056.477172][ T6554] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1056.502125][ T6554] usb 8-1: config 0 descriptor??
[ 1056.507395][T12570] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1056.528893][ T6554] hub 8-1:0.0: USB hub found
[ 1056.559637][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1056.579625][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1056.593385][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1056.606819][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1056.615960][T12556] device veth0_vlan entered promiscuous mode
[ 1056.630915][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1056.641112][T12556] device veth1_macvtap entered promiscuous mode
[ 1056.653335][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1056.671948][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1056.735667][ T6554] hub 8-1:0.0: 1 port detected
[ 1057.121284][  T576] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1057.308143][  T576] usb 9-1: Using ep0 maxpacket: 16
[ 1057.315739][  T576] usb 9-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1057.412720][  T576] usb 9-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1057.474390][  T576] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1057.499520][  T576] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1057.515823][  T576] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1057.528095][  T576] usb 9-1: Product: syz
[ 1057.534388][  T576] usb 9-1: Manufacturer: syz
[ 1057.544499][  T576] usb 9-1: SerialNumber: syz
[ 1057.664601][ T6554] usb 8-1-port1: config error
[ 1061.362294][  T366] usb 8-1: USB disconnect, device number 2
[ 1061.404865][  T576] usb 9-1: 0:2 : does not exist
[ 1061.439631][  T576] usb 9-1: USB disconnect, device number 2
[ 1061.719503][T12619] udevd[12619]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1062.493270][   T28] audit: type=1400 audit(1751886439.916:1095): avc:  denied  { bpf } for  pid=12625 comm="syz.1.3624" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1062.535960][T12632] loop8: detected capacity change from 0 to 2048
[ 1062.559930][T12636] device veth1_macvtap left promiscuous mode
[ 1062.566055][T12636] device macsec0 entered promiscuous mode
[ 1062.573715][   T28] audit: type=1400 audit(1751886439.916:1096): avc:  denied  { read write } for  pid=11725 comm="syz-executor" name="loop7" dev="devtmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1062.614757][T12632] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1062.660523][T12649] overlayfs: failed to clone upperpath
[ 1062.666190][   T28] audit: type=1400 audit(1751886439.916:1097): avc:  denied  { open } for  pid=11725 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1062.691033][   T28] audit: type=1400 audit(1751886439.916:1098): avc:  denied  { ioctl } for  pid=11725 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=125 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1062.722455][   T28] audit: type=1400 audit(1751886439.916:1099): avc:  denied  { prog_load } for  pid=12627 comm="syz.7.3626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1062.759353][   T28] audit: type=1400 audit(1751886439.916:1100): avc:  denied  { name_bind } for  pid=12627 comm="syz.7.3626" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[ 1062.795172][   T28] audit: type=1400 audit(1751886439.916:1101): avc:  denied  { node_bind } for  pid=12627 comm="syz.7.3626" saddr=255.255.255.255 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 1062.818588][   T28] audit: type=1400 audit(1751886439.946:1102): avc:  denied  { map_create } for  pid=12625 comm="syz.1.3624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1062.839812][   T28] audit: type=1400 audit(1751886439.946:1103): avc:  denied  { map_read map_write } for  pid=12625 comm="syz.1.3624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1062.869363][   T28] audit: type=1400 audit(1751886439.946:1104): avc:  denied  { create } for  pid=12629 comm="syz.4.3625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1063.367673][T12556] EXT4-fs (loop8): unmounting filesystem.
[ 1063.552322][T12679] device wg2 entered promiscuous mode
[ 1063.587756][T12689] loop8: detected capacity change from 0 to 128
[ 1063.638252][T12689] support for the xor transformation has been removed.
[ 1064.275336][T12715] device bridge0 entered promiscuous mode
[ 1064.326968][T12715] bridge0: port 3(vlan2) entered blocking state
[ 1064.344654][T12715] bridge0: port 3(vlan2) entered disabled state
[ 1064.708778][T12714] device bridge0 left promiscuous mode
[ 1064.978741][T12730] SELinux:  Context Ü is not valid (left unmapped).
[ 1065.060415][T12731] SELinux: failed to load policy
[ 1065.127941][T12741] device syzkaller0 entered promiscuous mode
[ 1066.671823][T12771] loop8: detected capacity change from 0 to 2048
[ 1066.686062][T12773] loop7: detected capacity change from 0 to 1024
[ 1066.736902][T12773] EXT4-fs: Ignoring removed nobh option
[ 1066.745934][T12771] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1066.787410][T12773] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1066.833255][T12556] EXT4-fs (loop8): unmounting filesystem.
[ 1066.859173][T12773] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1067.022528][T11725] EXT4-fs (loop7): unmounting filesystem.
[ 1067.149173][T12797] overlayfs: failed to clone upperpath
[ 1067.196601][T12795] overlayfs: failed to clone upperpath
[ 1067.437316][T12810] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1067.444666][T12810] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1067.453822][T12810] device bridge_slave_0 entered promiscuous mode
[ 1067.473417][T12810] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1067.480702][T12810] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1067.490953][T12810] device bridge_slave_1 entered promiscuous mode
[ 1068.218736][ T1880] device bridge_slave_1 left promiscuous mode
[ 1068.224960][ T1880] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1068.263077][ T1880] device bridge_slave_0 left promiscuous mode
[ 1068.282885][ T1880] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1068.304147][ T1880] device veth0_vlan left promiscuous mode
[ 1068.693835][   T28] kauditd_printk_skb: 58 callbacks suppressed
[ 1068.693853][   T28] audit: type=1400 audit(1751886446.116:1163): avc:  denied  { read write } for  pid=12830 comm="syz.8.3699" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1068.759547][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1068.768566][   T28] audit: type=1400 audit(1751886446.116:1164): avc:  denied  { open } for  pid=12830 comm="syz.8.3699" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1068.771605][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1068.818079][   T28] audit: type=1400 audit(1751886446.116:1165): avc:  denied  { ioctl } for  pid=12830 comm="syz.8.3699" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1068.844745][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1068.858992][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1068.876078][  T349] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1068.883237][  T349] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1068.906706][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1068.923306][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1068.940879][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1068.958124][ T6555] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1068.965997][  T349] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1068.973097][  T349] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1068.987480][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1069.010295][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1069.042071][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1069.064343][T12810] device veth0_vlan entered promiscuous mode
[ 1069.075557][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1069.088748][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1069.108339][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1069.124792][  T349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1069.150263][T12810] device veth1_macvtap entered promiscuous mode
[ 1069.158513][ T6555] usb 9-1: Using ep0 maxpacket: 16
[ 1069.165148][ T6555] usb 9-1: config 0 has an invalid interface number: 251 but max is 0
[ 1069.181438][ T6555] usb 9-1: config 0 has no interface number 0
[ 1069.195382][ T6555] usb 9-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1069.205631][   T28] audit: type=1400 audit(1751886446.616:1166): avc:  denied  { mounton } for  pid=12810 comm="syz-executor" path="/root/syzkaller.sXwl4F/syz-tmp" dev="sda1" ino=2055 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1069.230273][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1069.251788][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1069.269881][T12840] overlayfs: failed to clone upperpath
[ 1069.270759][ T6555] usb 9-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1069.286087][ T1880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1069.294702][   T28] audit: type=1400 audit(1751886446.616:1167): avc:  denied  { mount } for  pid=12810 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1069.328658][   T28] audit: type=1400 audit(1751886446.616:1168): avc:  denied  { mounton } for  pid=12810 comm="syz-executor" path="/root/syzkaller.sXwl4F/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1069.359628][ T6555] usb 9-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1069.369373][ T6555] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1069.377747][ T6555] usb 9-1: Product: syz
[ 1069.383130][ T6555] usb 9-1: Manufacturer: syz
[ 1069.394929][ T6555] usb 9-1: SerialNumber: syz
[ 1069.399849][   T28] audit: type=1400 audit(1751886446.616:1169): avc:  denied  { mounton } for  pid=12810 comm="syz-executor" path="/root/syzkaller.sXwl4F/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=48639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1069.428577][   T28] audit: type=1400 audit(1751886446.616:1170): avc:  denied  { mounton } for  pid=12810 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=570 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1069.451870][   T28] audit: type=1400 audit(1751886446.616:1171): avc:  denied  { mount } for  pid=12810 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1069.475464][   T28] audit: type=1400 audit(1751886446.616:1172): avc:  denied  { mounton } for  pid=12810 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 1069.507439][ T6555] usb 9-1: config 0 descriptor??
[ 1069.513342][T12831] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1069.526569][T12831] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1070.387600][T12865] hub 6-0:1.0: USB hub found
[ 1070.406000][T12865] hub 6-0:1.0: 1 port detected
[ 1070.572516][ T6555] asix: probe of 9-1:0.251 failed with error -71
[ 1070.580598][ T6555] usb 9-1: USB disconnect, device number 3
[ 1070.622505][T12870] SELinux: failed to load policy
[ 1070.733683][T12880] hub 8-0:1.0: USB hub found
[ 1070.745473][T12880] hub 8-0:1.0: 1 port detected
[ 1071.138886][ T6555] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[ 1071.329181][ T6555] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1071.331239][T12917] input: syz1 as /devices/virtual/input/input32
[ 1071.349141][ T6555] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1071.361837][ T6555] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1071.371472][ T6555] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1071.379715][ T6555] usb 9-1: Product: syz
[ 1071.383993][ T6555] usb 9-1: Manufacturer: syz
[ 1071.388819][ T6555] usb 9-1: SerialNumber: syz
[ 1071.398117][T12884] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1072.139736][T12949] overlayfs: failed to clone upperpath
[ 1072.464524][ T6555] cdc_ncm 9-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1072.501141][ T6555] cdc_ncm 9-1:1.0: setting tx_max = 184
[ 1072.793378][T12972] input: syz1 as /devices/virtual/input/input33
[ 1073.631465][ T6555] cdc_ncm 9-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.8-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[ 1073.663882][ T6555] usb 9-1: USB disconnect, device number 4
[ 1073.677708][ T6555] cdc_ncm 9-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.8-1, CDC NCM (NO ZLP)
[ 1073.777227][   T28] kauditd_printk_skb: 30 callbacks suppressed
[ 1073.777244][   T28] audit: type=1400 audit(1751886451.196:1203): avc:  denied  { read } for  pid=13007 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=494 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1073.807050][   T28] audit: type=1400 audit(1751886451.206:1204): avc:  denied  { open } for  pid=13007 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=494 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1073.832913][   T28] audit: type=1400 audit(1751886451.206:1205): avc:  denied  { getattr } for  pid=13007 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=494 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1073.882741][T13010] loop9: detected capacity change from 0 to 128
[ 1073.891875][T13010] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1073.898695][T13010] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1073.949313][T13010] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1074.154767][T13010] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1074.164690][T13010] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1074.192528][   T28] audit: type=1400 audit(1751886451.616:1206): avc:  denied  { create } for  pid=12999 comm="syz.9.3769" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1074.666582][   T28] audit: type=1400 audit(1751886451.656:1207): avc:  denied  { write } for  pid=12999 comm="syz.9.3769" path="/13/mnt/file1" dev="loop9" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1074.808330][   T28] audit: type=1400 audit(1751886452.126:1208): avc:  denied  { create } for  pid=13018 comm="syz.8.3774" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1074.856539][   T28] audit: type=1400 audit(1751886452.126:1209): avc:  denied  { write } for  pid=13018 comm="syz.8.3774" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1074.877785][   T28] audit: type=1400 audit(1751886452.256:1210): avc:  denied  { mount } for  pid=13033 comm="syz.4.3777" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1074.901629][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1074.934621][   T28] audit: type=1400 audit(1751886452.356:1211): avc:  denied  { write } for  pid=13001 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=493 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1074.973456][   T28] audit: type=1400 audit(1751886452.356:1212): avc:  denied  { add_name } for  pid=13001 comm="dhcpcd-run-hook" name="resolv.conf.usb0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1075.328996][T13071] overlayfs: failed to clone upperpath
[ 1075.434629][T13107] overlayfs: failed to clone upperpath
[ 1075.525540][T13113] device pim6reg1 entered promiscuous mode
[ 1075.579690][ T6555] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1075.948770][T13124] device pim6reg1 entered promiscuous mode
[ 1076.039192][ T6555] usb 9-1: config 6 has an invalid interface number: 57 but max is 0
[ 1076.047402][ T6555] usb 9-1: config 6 has no interface number 0
[ 1076.082655][T13128] loop9: detected capacity change from 0 to 2048
[ 1076.162271][T13128] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1077.115704][ T6555] usb 9-1: config 6 interface 57 has no altsetting 0
[ 1077.138880][ T6555] usb 9-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 0.00
[ 1077.158311][ T6555] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1077.166368][ T6555] usb 9-1: Product: syz
[ 1077.170618][ T6555] usb 9-1: Manufacturer: syz
[ 1077.175239][ T6555] usb 9-1: SerialNumber: syz
[ 1077.266585][T13135] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.3809: bg 0: block 234: padding at end of block bitmap is not set
[ 1077.281518][T13135] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1077.295507][T13135] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1077.295507][T13135] 
[ 1077.306529][T13135] EXT4-fs (loop9): Total free blocks count 0
[ 1077.312923][T13135] EXT4-fs (loop9): Free/Dirty block details
[ 1077.319978][T13135] EXT4-fs (loop9): free_blocks=0
[ 1077.325064][T13135] EXT4-fs (loop9): dirty_blocks=8192
[ 1077.340871][T13135] EXT4-fs (loop9): Block reservation details
[ 1077.367535][T13135] EXT4-fs (loop9): i_reserved_data_blocks=512
[ 1077.392688][ T6555] usb-storage 9-1:6.57: USB Mass Storage device detected
[ 1077.403493][  T349] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1077.478850][ T6555] usb 9-1: USB disconnect, device number 5
[ 1077.540314][T13156] bridge0: port 3(vlan2) entered blocking state
[ 1077.546664][T13156] bridge0: port 3(vlan2) entered disabled state
[ 1078.987826][T13175] loop9: detected capacity change from 0 to 128
[ 1078.995125][T13175] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1079.001852][T13175] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1079.059125][T13175] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1079.262481][T13175] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1079.271277][T13175] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1079.731198][T13186] loop8: detected capacity change from 0 to 128
[ 1079.737950][T13186] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1079.744667][T13186] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1079.756594][T13186] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1079.807535][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1079.898232][T13186] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1079.907830][T13186] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1080.383347][   T28] kauditd_printk_skb: 7 callbacks suppressed
[ 1080.383364][   T28] audit: type=1400 audit(1751886457.806:1220): avc:  denied  { unlink } for  pid=13196 comm="syz.9.3829" name="#1b" dev="tmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1080.587426][T12556] EXT4-fs (loop8): unmounting filesystem.
[ 1080.612971][   T28] audit: type=1400 audit(1751886458.036:1221): avc:  denied  { connect } for  pid=13203 comm="syz.9.3833" lport=256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1080.672675][   T28] audit: type=1400 audit(1751886458.066:1222): avc:  denied  { write } for  pid=13203 comm="syz.9.3833" laddr=172.20.20.10 lport=256 faddr=172.20.20.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1080.723283][   T28] audit: type=1400 audit(1751886458.146:1223): avc:  denied  { setopt } for  pid=13203 comm="syz.9.3833" laddr=172.20.20.10 lport=256 faddr=172.20.20.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1080.773371][   T28] audit: type=1400 audit(1751886458.176:1224): avc:  denied  { setattr } for  pid=13211 comm="syz.8.3835" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[ 1080.977704][T13231] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13231 comm=syz.9.3844
[ 1081.039980][T13235] loop8: detected capacity change from 0 to 2048
[ 1081.069490][T13235] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1081.378104][T13242] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[ 1081.898622][T12556] EXT4-fs (loop8): unmounting filesystem.
[ 1082.151266][T13294] loop8: detected capacity change from 0 to 128
[ 1082.165510][T13294] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1082.172515][T13294] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1082.727818][T13294] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1083.013016][T13294] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1083.022939][T13294] ext4 filesystem being mounted at /31/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1083.558629][T12556] EXT4-fs (loop8): unmounting filesystem.
[ 1083.693337][   T28] audit: type=1400 audit(1751886461.116:1225): avc:  denied  { create } for  pid=13334 comm="syz.8.3880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1083.713483][   T28] audit: type=1400 audit(1751886461.116:1226): avc:  denied  { ioctl } for  pid=13334 comm="syz.8.3880" path="socket:[50527]" dev="sockfs" ino=50527 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1083.738753][   T28] audit: type=1400 audit(1751886461.116:1227): avc:  denied  { bind } for  pid=13334 comm="syz.8.3880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1083.761802][   T28] audit: type=1400 audit(1751886461.116:1228): avc:  denied  { setopt } for  pid=13334 comm="syz.8.3880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1083.796834][   T28] audit: type=1400 audit(1751886461.116:1229): avc:  denied  { read } for  pid=13334 comm="syz.8.3880" path="socket:[50527]" dev="sockfs" ino=50527 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1083.860088][T13339] loop9: detected capacity change from 0 to 128
[ 1083.892455][T13339] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1083.902223][T13339] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1083.940974][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1083.998925][T13353] input: syz1 as /devices/virtual/input/input34
[ 1084.209577][T13352] input: syz1 as /devices/virtual/input/input35
[ 1084.824675][T13399] loop9: detected capacity change from 0 to 2048
[ 1084.850242][T13403] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13403 comm=syz.1.3907
[ 1084.888332][T13399] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1085.508620][T13299] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[ 1086.038518][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1086.497291][   T28] kauditd_printk_skb: 10 callbacks suppressed
[ 1086.497308][   T28] audit: type=1400 audit(1751886463.916:1240): avc:  denied  { read } for  pid=13444 comm="syz.1.3921" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1086.596786][T13454] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3925'.
[ 1087.047388][T13469] input: syz1 as /devices/virtual/input/input36
[ 1087.968545][   T28] audit: type=1400 audit(1751886465.396:1241): avc:  denied  { bind } for  pid=13477 comm="syz.1.3934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1088.267265][   T28] audit: type=1400 audit(1751886465.686:1242): avc:  denied  { write } for  pid=13491 comm="syz.2.3940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1088.293608][   T28] audit: type=1400 audit(1751886465.686:1243): avc:  denied  { nlmsg_write } for  pid=13491 comm="syz.2.3940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1088.558514][T13512] loop9: detected capacity change from 0 to 128
[ 1088.567285][T13512] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1088.574057][T13512] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1088.583616][T13512] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1088.738389][T13512] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1088.748273][T13512] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1089.634245][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1089.641784][T13528] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3954'.
[ 1090.819231][T13552] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3962'.
[ 1091.941003][   T28] audit: type=1326 audit(1751886469.366:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13565 comm="syz.9.3967" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd16578e929 code=0x0
[ 1092.164007][   T28] audit: type=1400 audit(1751886469.586:1245): avc:  denied  { create } for  pid=13578 comm="syz.2.3969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1092.270746][T13585] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1092.279807][   T28] audit: type=1400 audit(1751886469.586:1246): avc:  denied  { connect } for  pid=13578 comm="syz.2.3969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1092.330510][   T28] audit: type=1400 audit(1751886469.586:1247): avc:  denied  { write } for  pid=13578 comm="syz.2.3969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1092.405048][   T28] audit: type=1400 audit(1751886469.796:1248): avc:  denied  { ioctl } for  pid=13590 comm="syz.9.3973" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=51567 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1092.696365][T13619] overlayfs: failed to clone upperpath
[ 1092.925843][T13627] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3989'.
[ 1093.015891][   T28] audit: type=1400 audit(1751886470.436:1249): avc:  denied  { relabelto } for  pid=13630 comm="syz.2.3991" name="857" dev="tmpfs" ino=4702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1093.093321][   T28] audit: type=1400 audit(1751886470.436:1250): avc:  denied  { associate } for  pid=13630 comm="syz.2.3991" name="857" dev="tmpfs" ino=4702 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1093.206311][   T28] audit: type=1400 audit(1751886470.586:1251): avc:  denied  { write } for  pid=286 comm="syz-executor" name="857" dev="tmpfs" ino=4702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1093.278164][   T28] audit: type=1400 audit(1751886470.586:1252): avc:  denied  { remove_name } for  pid=286 comm="syz-executor" name="binderfs" dev="tmpfs" ino=4706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1093.348084][   T28] audit: type=1400 audit(1751886470.586:1253): avc:  denied  { rmdir } for  pid=286 comm="syz-executor" name="857" dev="tmpfs" ino=4702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1094.501316][T13673] tipc: Started in network mode
[ 1094.506352][T13673] tipc: Node identity ac14140f, cluster identity 4711
[ 1094.513617][T13673] tipc: New replicast peer: 172.30.1.10
[ 1094.519611][T13673] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1094.875708][T13682] SELinux:  Context @ is not valid (left unmapped).
[ 1095.606720][T13706] input: syz1 as /devices/virtual/input/input37
[ 1095.638130][  T576] tipc: Node number set to 2886997007
[ 1096.968770][T13748] device wireguard0 entered promiscuous mode
[ 1097.130819][   T28] kauditd_printk_skb: 8 callbacks suppressed
[ 1097.130836][   T28] audit: type=1400 audit(1751886474.556:1262): avc:  denied  { write } for  pid=13745 comm="syz.1.4039" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1097.570531][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1098.583910][T13804] bridge0: port 3(vlan2) entered blocking state
[ 1098.608420][T13804] bridge0: port 3(vlan2) entered disabled state
[ 1098.656897][T13809] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4063'.
[ 1098.702320][T13809] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[ 1098.869040][T13827] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13 sclass=netlink_route_socket pid=13827 comm=syz.4.4070
[ 1099.402682][T13853] bridge: RTM_NEWNEIGH with invalid ether address
[ 1099.428715][T13855] bridge: RTM_NEWNEIGH with invalid ether address
[ 1099.541415][T13866] overlayfs: failed to clone upperpath
[ 1099.600696][T13872] bridge: RTM_NEWNEIGH with invalid ether address
[ 1099.705281][T13879] loop9: detected capacity change from 0 to 1024
[ 1100.056880][T13879] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1100.071545][T13879] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1100.109355][   T28] audit: type=1400 audit(1751886477.536:1263): avc:  denied  { rename } for  pid=13877 comm="syz.9.4091" name="file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1100.132204][T13879] EXT4-fs error (device loop9): ext4_map_blocks:745: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 15)
[ 1100.148754][T13879] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[ 1100.161360][T13879] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1100.161360][T13879] 
[ 1100.173528][T13879] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1100.190141][T13879] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.204294][   T28] audit: type=1400 audit(1751886477.616:1264): avc:  denied  { map } for  pid=13877 comm="syz.9.4091" path="/81/file1/file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1100.207368][T13879] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.228990][   T28] audit: type=1400 audit(1751886477.616:1265): avc:  denied  { execute } for  pid=13877 comm="syz.9.4091" path="/81/file1/file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1100.242183][T13877] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.279133][T13877] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.293468][T13879] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.307905][T13877] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.322300][T13877] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.336758][T13879] EXT4-fs error (device loop9): ext4_map_blocks:635: inode #15: block 1: comm syz.9.4091: lblock 1 mapped to illegal pblock 1 (length 3)
[ 1100.351947][   T28] audit: type=1400 audit(1751886477.776:1266): avc:  denied  { ioctl } for  pid=13877 comm="syz.9.4091" path="/81/file1/file1" dev="loop9" ino=15 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1100.385844][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1100.750186][T13911] loop9: detected capacity change from 0 to 256
[ 1100.759106][T13911] exfat: Deprecated parameter 'utf8'
[ 1100.764682][T13911] exfat: Deprecated parameter 'utf8'
[ 1100.770070][T13911] exfat: Deprecated parameter 'utf8'
[ 1100.775422][T13911] exfat: Deprecated parameter 'utf8'
[ 1100.780837][T13911] exfat: Deprecated parameter 'utf8'
[ 1100.963830][T13911] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xa18d3b1e, utbl_chksum : 0xe619d30d)
[ 1101.520777][   T28] audit: type=1400 audit(1751886478.946:1267): avc:  denied  { unmount } for  pid=12810 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1101.879753][T13929] bridge: RTM_NEWNEIGH with invalid ether address
[ 1101.997891][   T28] audit: type=1400 audit(1751886479.416:1268): avc:  denied  { create } for  pid=13949 comm="syz.9.4117" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_dgram_socket permissive=1
[ 1102.331178][   T28] audit: type=1400 audit(1751886479.426:1269): avc:  denied  { write } for  pid=13949 comm="syz.9.4117" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_dgram_socket permissive=1
[ 1102.360320][   T28] audit: type=1400 audit(1751886479.426:1270): avc:  denied  { sendto } for  pid=13949 comm="syz.9.4117" scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_dgram_socket permissive=1
[ 1102.411041][T13958] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1103.341308][   T28] audit: type=1400 audit(1751886480.766:1271): avc:  denied  { bind } for  pid=13976 comm="syz.8.4128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1103.375958][   T28] audit: type=1400 audit(1751886480.786:1272): avc:  denied  { setopt } for  pid=13976 comm="syz.8.4128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1103.427543][T13982] input: syz1 as /devices/virtual/input/input38
[ 1104.727908][T14016] overlayfs: failed to clone upperpath
[ 1104.727939][   T28] audit: type=1400 audit(1751886482.146:1273): avc:  denied  { watch } for  pid=14013 comm="syz.2.4143" path="/886/file0" dev="tmpfs" ino=4855 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1107.353931][T14076] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[ 1108.475966][T14106] overlayfs: failed to clone upperpath
[ 1111.494511][   T28] audit: type=1400 audit(1751886488.916:1274): avc:  denied  { read } for  pid=14152 comm="syz.9.4193" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1111.667983][   T28] audit: type=1400 audit(1751886489.046:1275): avc:  denied  { open } for  pid=14152 comm="syz.9.4193" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1111.722851][   T28] audit: type=1400 audit(1751886489.046:1276): avc:  denied  { ioctl } for  pid=14152 comm="syz.9.4193" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1111.752930][   T28] audit: type=1400 audit(1751886489.046:1277): avc:  denied  { write } for  pid=14152 comm="syz.9.4193" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1111.800788][   T28] audit: type=1400 audit(1751886489.056:1278): avc:  denied  { map } for  pid=14152 comm="syz.9.4193" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1111.864987][   T28] audit: type=1400 audit(1751886489.056:1279): avc:  denied  { set_context_mgr } for  pid=14152 comm="syz.9.4193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 1111.948423][T14162] device wireguard0 entered promiscuous mode
[ 1112.078125][T14179] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4204'.
[ 1112.198620][   T28] audit: type=1400 audit(1751886489.626:1280): avc:  denied  { write } for  pid=14186 comm="syz.9.4206" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1112.245819][   T28] audit: type=1400 audit(1751886489.626:1281): avc:  denied  { add_name } for  pid=14186 comm="syz.9.4206" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1112.276907][T14190] loop9: detected capacity change from 0 to 512
[ 1112.302381][   T28] audit: type=1400 audit(1751886489.626:1282): avc:  denied  { associate } for  pid=14186 comm="syz.9.4206" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1112.346160][T14190] EXT4-fs: Ignoring removed nobh option
[ 1112.360633][T14190] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1112.388170][T14190] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.4207: invalid indirect mapped block 256 (level 2)
[ 1112.402083][T14190] EXT4-fs (loop9): 2 truncates cleaned up
[ 1112.407895][T14190] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1112.502270][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1113.095698][T14225] 9pnet_fd: Insufficient options for proto=fd
[ 1114.740037][T14262] loop9: detected capacity change from 0 to 2048
[ 1114.775226][T14264] device wg2 entered promiscuous mode
[ 1114.785770][T14262] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1115.152974][T14276] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.4233: bg 0: block 234: padding at end of block bitmap is not set
[ 1115.168292][T14276] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1115.180867][T14276] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1115.180867][T14276] 
[ 1115.190896][T14276] EXT4-fs (loop9): Total free blocks count 0
[ 1115.197043][T14276] EXT4-fs (loop9): Free/Dirty block details
[ 1115.203048][T14276] EXT4-fs (loop9): free_blocks=0
[ 1115.208045][T14276] EXT4-fs (loop9): dirty_blocks=8192
[ 1115.213399][T14276] EXT4-fs (loop9): Block reservation details
[ 1115.219446][T14276] EXT4-fs (loop9): i_reserved_data_blocks=512
[ 1115.569778][ T1880] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1115.653585][T14300] loop9: detected capacity change from 0 to 2048
[ 1115.680317][T14300] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1115.803350][T14310] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14310 comm=syz.8.4246
[ 1116.012445][T14325] 9pnet_fd: Insufficient options for proto=fd
[ 1116.087681][T14307] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.4243: bg 0: block 234: padding at end of block bitmap is not set
[ 1116.126357][T14307] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1116.391898][T14307] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1116.391898][T14307] 
[ 1116.407527][T14307] EXT4-fs (loop9): Total free blocks count 0
[ 1116.413896][T14307] EXT4-fs (loop9): Free/Dirty block details
[ 1116.419998][T14307] EXT4-fs (loop9): free_blocks=0
[ 1116.425045][T14307] EXT4-fs (loop9): dirty_blocks=8192
[ 1116.430524][T14307] EXT4-fs (loop9): Block reservation details
[ 1116.436607][T14307] EXT4-fs (loop9): i_reserved_data_blocks=512
[ 1116.490166][ T1880] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1116.649605][T14348] loop9: detected capacity change from 0 to 2048
[ 1116.676926][T14348] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1116.816598][T14368] device veth1_macvtap left promiscuous mode
[ 1116.822863][T14368] device macsec0 entered promiscuous mode
[ 1116.966039][T14365] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.4256: bg 0: block 234: padding at end of block bitmap is not set
[ 1116.980884][T14365] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1116.993856][T14365] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1116.993856][T14365] 
[ 1117.003885][T14365] EXT4-fs (loop9): Total free blocks count 0
[ 1117.010453][T14365] EXT4-fs (loop9): Free/Dirty block details
[ 1117.016574][T14365] EXT4-fs (loop9): free_blocks=0
[ 1117.021772][T14365] EXT4-fs (loop9): dirty_blocks=8192
[ 1117.027244][T14365] EXT4-fs (loop9): Block reservation details
[ 1117.038120][T14365] EXT4-fs (loop9): i_reserved_data_blocks=512
[ 1117.474192][ T7071] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1117.881874][T14398] loop9: detected capacity change from 0 to 40427
[ 1117.912687][T14398] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[ 1117.928296][T14398] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[ 1117.960240][T14398] F2FS-fs (loop9): invalid crc value
[ 1117.985283][T14398] F2FS-fs (loop9): Found nat_bits in checkpoint
[ 1118.058308][T14398] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[ 1118.065568][T14398] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 1118.214069][T14398] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4272'.
[ 1118.351706][   T28] audit: type=1326 audit(1751886495.776:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.376777][   T28] audit: type=1326 audit(1751886495.776:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.400700][   T28] audit: type=1326 audit(1751886495.776:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.431478][   T28] audit: type=1326 audit(1751886495.776:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.486896][   T28] audit: type=1326 audit(1751886495.776:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.514418][   T28] audit: type=1326 audit(1751886495.776:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.515422][T14432] overlayfs: failed to clone upperpath
[ 1118.547339][   T28] audit: type=1326 audit(1751886495.776:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.732842][   T28] audit: type=1326 audit(1751886495.776:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.810817][   T28] audit: type=1326 audit(1751886495.796:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1118.894191][   T28] audit: type=1326 audit(1751886495.816:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fdd8b98e929 code=0x7ffc0000
[ 1119.709867][T14464] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4294'.
[ 1120.141809][T14475] loop9: detected capacity change from 0 to 2048
[ 1120.251665][T14475] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1121.601506][T14486] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.4297: bg 0: block 234: padding at end of block bitmap is not set
[ 1121.779474][T14486] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1121.880045][T14486] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1121.880045][T14486] 
[ 1121.960216][T14486] EXT4-fs (loop9): Total free blocks count 0
[ 1122.011135][T14486] EXT4-fs (loop9): Free/Dirty block details
[ 1122.017188][T14486] EXT4-fs (loop9): free_blocks=0
[ 1122.058562][T14486] EXT4-fs (loop9): dirty_blocks=8192
[ 1122.101818][T14486] EXT4-fs (loop9): Block reservation details
[ 1122.151239][T14486] EXT4-fs (loop9): i_reserved_data_blocks=512
[ 1122.238233][ T7071] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1122.318912][T14510] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14510 comm=syz.2.4308
[ 1123.263250][T14542] loop9: detected capacity change from 0 to 2048
[ 1123.298155][T14542] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 1124.179144][T14542] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.4321: bg 0: block 234: padding at end of block bitmap is not set
[ 1124.298761][T14542] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 564 with error 28
[ 1124.332411][T14563] overlayfs: failed to resolve './file1': -2
[ 1124.340438][T14542] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1124.340438][T14542] 
[ 1124.350475][T14542] EXT4-fs (loop9): Total free blocks count 0
[ 1124.356621][T14542] EXT4-fs (loop9): Free/Dirty block details
[ 1124.362822][T14542] EXT4-fs (loop9): free_blocks=0
[ 1124.367835][T14542] EXT4-fs (loop9): dirty_blocks=576
[ 1124.373608][T14542] EXT4-fs (loop9): Block reservation details
[ 1124.388025][T14542] EXT4-fs (loop9): i_reserved_data_blocks=36
[ 1124.420675][   T28] kauditd_printk_skb: 14 callbacks suppressed
[ 1124.420692][   T28] audit: type=1400 audit(1751886501.846:1307): avc:  denied  { lock } for  pid=14571 comm="syz.4.4329" path="socket:[53625]" dev="sockfs" ino=53625 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[ 1124.455097][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1124.816020][T14600] loop9: detected capacity change from 0 to 128
[ 1124.824976][T14600] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1124.831757][T14600] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1124.840850][T14600] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1124.982658][T14600] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1125.008687][T14600] ext4 filesystem being mounted at /125/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1126.008944][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1127.087527][T14629] device pim6reg1 entered promiscuous mode
[ 1128.479860][T14650] loop9: detected capacity change from 0 to 128
[ 1128.494970][T14650] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1128.501873][T14650] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1129.670986][T14650] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1130.294149][T14650] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 1130.304418][T14650] ext4 filesystem being mounted at /129/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1130.683457][T12810] EXT4-fs (loop9): unmounting filesystem.
[ 1132.092273][T14687] loop9: detected capacity change from 0 to 256
[ 1132.133980][T14687] exfat: Deprecated parameter 'utf8'
[ 1132.167456][T14687] exfat: Deprecated parameter 'namecase'
[ 1132.193741][T14687] exfat: Deprecated parameter 'utf8'
[ 1132.224154][T14687] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d)
[ 1132.319615][   T28] audit: type=1400 audit(1751886509.746:1308): avc:  denied  { setattr } for  pid=14686 comm="syz.9.4367" name="file0" dev="loop9" ino=1048688 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1132.378065][   T28] audit: type=1400 audit(1751886509.776:1309): avc:  denied  { write } for  pid=14686 comm="syz.9.4367" name="file0" dev="loop9" ino=1048688 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1132.416536][T14697] device ip6erspan0 entered promiscuous mode
[ 1132.438189][   T28] audit: type=1400 audit(1751886509.776:1310): avc:  denied  { open } for  pid=14686 comm="syz.9.4367" name="file0" dev="loop9" ino=1048688 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1132.546320][   T28] audit: type=1400 audit(1751886509.966:1311): avc:  denied  { wake_alarm } for  pid=14700 comm="syz.8.4373" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1133.452781][T14727] syz.8.4381[14727] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1133.452870][T14727] syz.8.4381[14727] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1134.772060][   T28] audit: type=1400 audit(1751886512.196:1312): avc:  denied  { mount } for  pid=14748 comm="syz.2.4387" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1134.893903][T14749] overlayfs: failed to clone upperpath
[ 1135.051805][T14755] overlayfs: failed to clone upperpath
[ 1136.028127][   T28] audit: type=1400 audit(1751886513.236:1313): avc:  denied  { mount } for  pid=14753 comm="syz.2.4389" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1139.330496][   T28] audit: type=1400 audit(1751886516.756:1314): avc:  denied  { getopt } for  pid=14803 comm="syz.2.4405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1139.350905][T14804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4405'.
[ 1141.178654][T14845] overlayfs: failed to clone upperpath
[ 1141.709372][T14849] xt_CT: No such helper "snmp"
[ 1145.125216][T15016] xt_l2tp: missing protocol rule (udp|l2tpip)
[ 1145.262951][T15021] netlink: 136 bytes leftover after parsing attributes in process `syz.2.4440'.
[ 1145.272617][T15021] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[ 1145.830992][   T28] audit: type=1326 audit(1751886523.256:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.9.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16578e929 code=0x7fc00000
[ 1147.134498][   T28] audit: type=1400 audit(1751886524.556:1316): avc:  denied  { create } for  pid=15180 comm="syz.8.4450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1147.149844][T15181] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4450'.
[ 1147.154321][   T28] audit: type=1400 audit(1751886524.556:1317): avc:  denied  { setopt } for  pid=15180 comm="syz.8.4450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1147.183218][   T28] audit: type=1400 audit(1751886524.556:1318): avc:  denied  { bind } for  pid=15180 comm="syz.8.4450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1148.725233][   T28] audit: type=1326 audit(1751886526.146:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.9.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd16578e929 code=0x7fc00000
[ 1148.923686][T15217] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1151.176858][T15255] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1152.089939][T15257] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4469'.
[ 1152.571364][T15274] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1156.795908][T15335] 9pnet_fd: Insufficient options for proto=fd
[ 1158.831433][T15374] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1158.840908][T15374] FAT-fs (loop17): unable to read boot sector
[ 1158.880629][   T28] audit: type=1400 audit(1751886536.256:1320): avc:  denied  { create } for  pid=15373 comm="syz.8.4499" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1158.913260][   T28] audit: type=1400 audit(1751886536.256:1321): avc:  denied  { mounton } for  pid=15373 comm="syz.8.4499" path="/148/file0" dev="tmpfs" ino=823 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1158.994889][   T28] audit: type=1400 audit(1751886536.296:1322): avc:  denied  { unlink } for  pid=12556 comm="syz-executor" name="file0" dev="tmpfs" ino=823 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1161.292018][   T28] audit: type=1400 audit(1751886538.716:1323): avc:  denied  { setattr } for  pid=15409 comm="syz.8.4507" name="NETLINK" dev="sockfs" ino=54798 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1161.986700][T15415] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1166.389061][T15458] netlink: 104 bytes leftover after parsing attributes in process `syz.9.4521'.
[ 1166.389073][   T28] audit: type=1400 audit(1751886543.816:1324): avc:  denied  { nlmsg_read } for  pid=15452 comm="syz.9.4521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1169.734715][T15522] futex_wake_op: syz.1.4537 tries to shift op by -1; fix this program
[ 1170.829174][T15529] 9pnet_fd: Insufficient options for proto=fd
[ 1172.420072][T15542] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1177.755775][   T28] audit: type=1400 audit(1751886555.086:1325): avc:  denied  { mount } for  pid=15612 comm="syz.8.4559" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1178.079153][   T28] audit: type=1400 audit(1751886555.226:1326): avc:  denied  { bind } for  pid=15614 comm="syz.4.4558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1178.428652][   T28] audit: type=1400 audit(1751886555.226:1327): avc:  denied  { node_bind } for  pid=15614 comm="syz.4.4558" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1181.010778][   T28] audit: type=1326 audit(1751886557.606:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15631 comm="syz.9.4563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16578e929 code=0x7fc00000
[ 1184.033668][T15671] overlayfs: failed to resolve './file1': -2
[ 1185.920930][T15702] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1185.949640][T15685] xt_bpf: check failed: parse error
[ 1188.004205][T15731] overlayfs: failed to resolve './file1': -2
[ 1189.507067][T15738] 9pnet_fd: Insufficient options for proto=fd
[ 1189.610540][T15738] syz.9.4591[15738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1189.610654][T15738] syz.9.4591[15738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1189.625749][T15738] fuse: Unknown parameter '00000000000000000006'
[ 1189.645010][T15738] syz.9.4591[15738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1189.645113][T15738] syz.9.4591[15738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1189.775828][T15749] tipc: Started in network mode
[ 1189.792243][T15749] tipc: Node identity ac14140f, cluster identity 4711
[ 1189.799637][T15749] tipc: New replicast peer: 172.30.1.9
[ 1189.805618][T15749] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1190.028533][T15750] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1190.038291][T15750] FAT-fs (loop9): unable to read boot sector
[ 1190.919540][ T1999] tipc: Node number set to 2886997007
[ 1190.929281][T15760] xt_bpf: check failed: parse error
[ 1192.354132][T15772] overlayfs: failed to resolve './file1': -2
[ 1193.945646][   T28] audit: type=1400 audit(1751886571.366:1329): avc:  denied  { create } for  pid=15784 comm="syz.1.4605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1194.052348][T15790] netlink: 60 bytes leftover after parsing attributes in process `syz.8.4603'.
[ 1197.751491][   T28] audit: type=1400 audit(1751886575.176:1330): avc:  denied  { execute_no_trans } for  pid=15798 comm="syz.9.4607" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1198.842210][   T28] audit: type=1400 audit(1751886576.266:1331): avc:  denied  { connect } for  pid=15823 comm="syz.1.4614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1199.651892][   T28] audit: type=1326 audit(1751886577.076:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15838 comm="syz.8.4619" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x0
[ 1202.001303][T15880] fuse: Unknown parameter 'use'
[ 1202.340235][T15882] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1203.987574][   T28] audit: type=1400 audit(1751886581.406:1333): avc:  denied  { setopt } for  pid=15871 comm="syz.2.4628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1205.113067][T15913] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4639'.
[ 1205.382396][T15911] netlink: 'syz.1.4638': attribute type 4 has an invalid length.
[ 1205.732350][T15919] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1205.741706][T15919] FAT-fs (loop9): unable to read boot sector
[ 1209.668817][T15959] overlayfs: failed to resolve './file1': -2
[ 1213.403859][   T28] audit: type=1400 audit(1751886590.426:1334): avc:  denied  { write } for  pid=15984 comm="syz.8.4660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1217.219505][T16028] fuse: Unknown parameter '0xffffffffffffffff'
[ 1218.072269][T16036] device veth1_macvtap left promiscuous mode
[ 1218.079581][T16036] device macsec0 entered promiscuous mode
[ 1221.088776][T16050] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1221.098526][T16050] FAT-fs (loop3): unable to read boot sector
[ 1222.039541][T16061] netlink: 'syz.4.4680': attribute type 3 has an invalid length.
[ 1222.047439][T16061] netlink: 'syz.4.4680': attribute type 3 has an invalid length.
[ 1222.055279][T16061] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4680'.
[ 1222.193576][T16054] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1222.200974][T16054] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1222.210029][T16054] device wg2 left promiscuous mode
[ 1222.224834][T16054] device veth1_macvtap entered promiscuous mode
[ 1222.231395][T16054] device macsec0 left promiscuous mode
[ 1223.204389][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1223.538473][T16075] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4682'.
[ 1223.733104][T16078] overlayfs: failed to clone upperpath
[ 1223.939470][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1223.951983][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1223.970815][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1223.988484][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1224.006067][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1224.095737][T16075] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1224.105179][T16075] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1225.225722][T16098] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1225.889505][T16105] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1225.898990][T16105] FAT-fs (loop17): unable to read boot sector
[ 1227.578125][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1227.807661][T16140] syz.1.4697[16140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1227.808474][T16140] syz.1.4697[16140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1229.776148][T16149] netlink: 'syz.2.4702': attribute type 4 has an invalid length.
[ 1233.208644][T16190] xt_NFQUEUE: number of queues (256) out of range (got 65538)
[ 1233.406669][T16196] overlayfs: failed to clone upperpath
[ 1238.403091][T16254] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1238.437230][T16254] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1238.489682][T16254] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1238.600710][T16254] device veth1_macvtap entered promiscuous mode
[ 1238.607124][T16254] device macsec0 left promiscuous mode
[ 1238.754872][T14969] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1238.766710][T15821] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1239.528552][T16262] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1239.536058][T16262] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1239.828555][T15821] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1240.037825][T16269] syz.1.4733[16269] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1240.037906][T16269] syz.1.4733[16269] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1242.148342][   T28] audit: type=1400 audit(1751886847.508:1335): avc:  denied  { watch_reads } for  pid=16267 comm="syz.4.4734" path="/1038" dev="tmpfs" ino=5695 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1244.237738][T16292] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1245.259816][T16305] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4740'.
[ 1246.158083][   T28] audit: type=1400 audit(1751886852.568:1336): avc:  denied  { mounton } for  pid=16310 comm="syz.1.4746" path="/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 1248.109110][   T28] audit: type=1400 audit(1751886854.538:1337): avc:  denied  { create } for  pid=16344 comm="syz.4.4753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[ 1248.149409][   T28] audit: type=1400 audit(1751886854.558:1338): avc:  denied  { sys_admin } for  pid=16344 comm="syz.4.4753" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1250.833398][T16391] syz.2.4764[16391] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1250.833849][T16391] syz.2.4764[16391] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1253.912679][T16434] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1253.934145][T16434] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1255.533497][T16439] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1255.540789][T16439] IPv6: NLM_F_CREATE should be set when creating new route
[ 1255.726301][  T488] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1257.078030][T16447] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4777'.
[ 1257.208084][  T488] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1259.938226][T16474] netlink: 'syz.8.4784': attribute type 4 has an invalid length.
[ 1264.941556][T16530] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4792'.
[ 1265.607585][   T28] audit: type=1326 audit(1751886871.378:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1265.634708][   T28] audit: type=1326 audit(1751886871.378:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1265.660056][   T28] audit: type=1326 audit(1751886871.378:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1265.734669][   T28] audit: type=1326 audit(1751886871.378:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1265.847992][   T28] audit: type=1326 audit(1751886871.378:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1266.109538][T16542] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=16542 comm=syz.1.4802
[ 1269.395921][   T28] audit: type=1326 audit(1751886871.378:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1269.452219][   T28] audit: type=1326 audit(1751886871.378:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1269.510854][   T28] audit: type=1326 audit(1751886871.378:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1269.547478][   T28] audit: type=1326 audit(1751886871.378:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1272.633746][   T28] audit: type=1326 audit(1751886871.378:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1272.676122][   T28] audit: type=1326 audit(1751886871.378:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16501 comm="syz.8.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd63658e929 code=0x7ffc0000
[ 1272.916874][T16580] ip6t_REJECT: ECHOREPLY is not supported
[ 1275.826279][T16600] netlink: 'syz.8.4815': attribute type 27 has an invalid length.
[ 1275.916535][T16600] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1275.923879][T16600] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1277.349371][T16607] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1277.397686][T16607] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1277.441995][T16607] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1277.449133][T16607] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1277.478287][T16607] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1277.485385][T16607] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1277.501054][T16607] device veth0_vlan left promiscuous mode
[ 1277.507461][T16607] device veth0_vlan entered promiscuous mode
[ 1277.515503][T16607] device veth1_macvtap left promiscuous mode
[ 1277.522754][T16607] device veth1_macvtap entered promiscuous mode
[ 1277.529952][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1277.537781][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1277.568296][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1277.576880][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1277.592553][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1277.601279][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1277.618470][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1277.637087][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1277.657309][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1277.667258][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1277.685528][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1277.701763][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1277.718401][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1277.743649][T15147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1277.956278][   T28] audit: type=1400 audit(1751886884.378:1350): avc:  denied  { connect } for  pid=16643 comm="syz.9.4830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1280.142229][   T28] audit: type=1400 audit(1751886885.298:1351): avc:  denied  { create } for  pid=16645 comm="syz.2.4831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 1280.208202][   T28] audit: type=1326 audit(1751886886.628:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1280.254294][T16655] xt_bpf: check failed: parse error
[ 1280.310261][   T28] audit: type=1326 audit(1751886886.628:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1280.334001][   T28] audit: type=1326 audit(1751886886.628:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1280.357614][   T28] audit: type=1326 audit(1751886886.628:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1280.381562][   T28] audit: type=1326 audit(1751886886.668:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1280.405363][   T28] audit: type=1326 audit(1751886886.668:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1280.743530][   T28] audit: type=1326 audit(1751886886.668:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1280.767462][   T28] audit: type=1326 audit(1751886886.668:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.9.4832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16578e929 code=0x7ffc0000
[ 1282.046759][T16689] netlink: 'syz.1.4845': attribute type 13 has an invalid length.
[ 1283.433590][T16689] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1283.440877][T16689] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1286.073336][T16692] netlink: 'syz.4.4842': attribute type 3 has an invalid length.
[ 1286.081907][T16692] netlink: 'syz.4.4842': attribute type 3 has an invalid length.
[ 1286.089736][T16692] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4842'.
[ 1286.184530][T16711] 9pnet_fd: p9_fd_create_tcp (16711): problem connecting socket to 127.0.0.1
[ 1287.745828][T16719] netlink: 9 bytes leftover after parsing attributes in process `syz.9.4849'.
[ 1287.909133][T16719] device gretap0 entered promiscuous mode
[ 1287.916538][T16720] netlink: 5 bytes leftover after parsing attributes in process `syz.9.4849'.
[ 1287.925732][T16720] 0ªX¹¦D: renamed from gretap0
[ 1287.931868][T16720] device 
30ªX¹¦D left promiscuous mode
[ 1287.938436][T16720] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[ 1295.890340][T16750] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1295.901184][T16750] device batadv_slave_1 left promiscuous mode
[ 1295.916013][T14969] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1296.195306][T16768] overlayfs: failed to clone upperpath
[ 1296.308283][   T28] kauditd_printk_skb: 128 callbacks suppressed
[ 1296.308326][   T28] audit: type=1400 audit(1751886903.607:1488): avc:  denied  { ioctl } for  pid=16760 comm="syz.8.4860" path="socket:[57511]" dev="sockfs" ino=57511 ioctlcmd=0x943d scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1296.476835][   T28] audit: type=1326 audit(1751886903.897:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1296.481600][T16773] xt_bpf: check failed: parse error
[ 1296.518360][   T28] audit: type=1326 audit(1751886903.897:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1296.558034][   T28] audit: type=1326 audit(1751886903.897:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1296.606711][   T28] audit: type=1326 audit(1751886903.897:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1296.630600][   T28] audit: type=1326 audit(1751886903.897:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1296.654638][   T28] audit: type=1326 audit(1751886903.897:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1296.773142][T16777] overlayfs: failed to clone lowerpath
[ 1296.815563][   T28] audit: type=1326 audit(1751886903.897:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1297.858034][   T28] audit: type=1326 audit(1751886903.897:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1297.884892][   T28] audit: type=1326 audit(1751886903.897:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16772 comm="syz.2.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087cf8e929 code=0x7ffc0000
[ 1299.242388][T16805] overlayfs: failed to clone lowerpath
[ 1300.618195][T16806] overlayfs: failed to clone lowerpath
[ 1302.522869][T16823] overlayfs: failed to clone lowerpath
[ 1307.408387][T16841] overlayfs: failed to clone lowerpath
[ 1309.938518][T16861] overlayfs: failed to clone lowerpath
[ 1312.725514][T16888] overlayfs: failed to clone lowerpath
[ 1317.459343][T16926] overlayfs: failed to clone lowerpath
[ 1320.338173][T16938] overlayfs: failed to clone lowerpath
[ 1323.429193][T16942] overlayfs: failed to clone lowerpath
[ 1323.466579][T16940] overlayfs: failed to clone lowerpath
[ 1325.326075][T16968] overlayfs: failed to clone lowerpath
[ 1326.607442][T16974] overlayfs: failed to clone lowerpath
[ 1331.126291][T17008] overlayfs: failed to clone lowerpath
[ 1332.923681][T17016] overlayfs: failed to clone lowerpath
[ 1333.980732][T17026] netlink: 'syz.2.4924': attribute type 13 has an invalid length.
[ 1337.716065][T17057] overlayfs: failed to clone lowerpath
[ 1338.606725][T17060] overlayfs: failed to clone lowerpath
[ 1339.538835][T17066] overlayfs: failed to clone lowerpath
[ 1345.731811][T17072] overlayfs: failed to clone lowerpath
[ 1346.424376][T17092] overlayfs: failed to clone lowerpath
[ 1350.458664][T17119] overlayfs: failed to clone lowerpath
[ 1351.708246][T17150] syz.8.4955[17150] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1351.708326][T17150] syz.8.4955[17150] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1353.000235][T17152] syz.2.4956[17152] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1353.011857][T17152] syz.2.4956[17152] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1353.542589][T17158] syz.8.4957[17158] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1353.554242][T17158] syz.8.4957[17158] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1355.538896][T17178] syz.9.4962[17178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1355.550862][T17178] syz.9.4962[17178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1356.668490][T17179] overlayfs: failed to clone lowerpath
[ 1360.735199][T17216] overlayfs: failed to clone lowerpath
[ 1361.648959][T17227] overlayfs: failed to clone lowerpath
[ 1364.512745][T17267] overlayfs: failed to clone lowerpath
[ 1364.527054][T17266] overlayfs: failed to clone lowerpath
[ 1368.941604][T17295] overlayfs: failed to clone lowerpath
[ 1369.967353][T17298] overlayfs: failed to clone lowerpath
[ 1370.974036][T17311] overlayfs: failed to clone lowerpath
[ 1372.118199][T17329] syz.2.4999[17329] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1372.118284][T17329] syz.2.4999[17329] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1372.252235][T17334] overlayfs: failed to clone lowerpath
[ 1372.627220][T17339] overlayfs: failed to clone lowerpath
[ 1372.973227][T17343] syz.2.5002[17343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1372.973315][T17343] syz.2.5002[17343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1374.793151][T17358] syz.1.5005[17358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1374.804742][T17358] syz.1.5005[17358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1375.035244][T17361] overlayfs: failed to clone lowerpath
[ 1377.999553][T17392] overlayfs: failed to clone lowerpath
[ 1378.698704][T17407] syz.8.5016[17407] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1378.698793][T17407] syz.8.5016[17407] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1381.801384][T17431] overlayfs: failed to clone lowerpath
[ 1391.701908][T17519] overlayfs: failed to clone lowerpath
[ 1396.134378][T17582] overlayfs: failed to clone lowerpath
[ 1397.042429][T17597] overlayfs: failed to clone lowerpath
[ 1398.617575][T17616] overlayfs: failed to clone lowerpath
[ 1401.867079][T17633] overlayfs: failed to clone lowerpath
[ 1407.859527][T17672] syz.4.5085[17672] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1407.859620][T17672] syz.4.5085[17672] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1411.084598][T17698] overlayfs: failed to clone lowerpath
[ 1412.802811][T17706] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1413.795078][T17716] overlayfs: failed to clone lowerpath
[ 1417.978583][T17730] syz.1.5099[17730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1417.978672][T17730] syz.1.5099[17730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1419.687749][T17770] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5111'.
[ 1419.739218][T17764] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1423.805153][T17806] overlayfs: failed to clone lowerpath
[ 1429.854826][T17836] overlayfs: failed to clone lowerpath
[ 1430.057769][   T28] kauditd_printk_skb: 64 callbacks suppressed
[ 1430.057786][   T28] audit: type=1400 audit(1751887037.477:1562): avc:  denied  { setopt } for  pid=17832 comm="syz.1.5127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1430.085255][T17835] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5127'.
[ 1430.166519][T17841] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5130'.
[ 1430.379173][T17850] overlayfs: failed to clone lowerpath
[ 1434.009340][T17880] overlayfs: failed to clone lowerpath
[ 1441.323958][T17946] incfs: Backing dir is not set, filesystem can't be mounted.
[ 1441.331628][T17946] incfs: mount failed -2
[ 1441.350530][T17946] overlayfs: failed to clone lowerpath
[ 1443.511556][T17960] incfs: Backing dir is not set, filesystem can't be mounted.
[ 1443.519243][T17960] incfs: mount failed -2
[ 1443.525741][T17960] overlayfs: failed to clone lowerpath
[ 1443.572621][T17958] overlayfs: failed to clone lowerpath
[ 1448.729485][T17993] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5168'.
[ 1449.472434][T18003] netlink: 68 bytes leftover after parsing attributes in process `syz.9.5170'.
[ 1449.963994][T18014] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5173'.
[ 1450.062559][T18023] overlayfs: failed to clone lowerpath
[ 1452.928324][T18031] overlayfs: failed to clone lowerpath
[ 1454.386509][T18045] overlayfs: failed to clone lowerpath
[ 1459.781321][T18065] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5188'.
[ 1461.348326][T18074] overlayfs: failed to clone lowerpath
[ 1471.108454][T18125] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5203'.
[ 1472.886244][T18153] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5209'.
[ 1478.661832][T18197] overlayfs: unrecognized mount option "/" or missing value
[ 1487.969724][T18259] overlayfs: failed to clone lowerpath
[ 1491.992027][T18270] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5240'.
[ 1497.391754][T18351] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5261'.
[ 1502.714155][T18402] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5275'.
[ 1508.226459][T18452] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5287'.
[ 1513.631970][T18489] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5297'.
[ 1514.025787][T18497] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5300'.
[ 1517.806479][T18537] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5309'.
[ 1531.286634][T18673] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5348'.
[ 1532.079253][T18690] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5352'.
[ 1532.555515][   T28] audit: type=1400 audit(1751887139.977:1563): avc:  denied  { getopt } for  pid=18703 comm="syz.9.5355" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1532.740203][T18707] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5356'.
[ 1544.319989][T18825] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5384'.
[ 1544.958321][T18835] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5388'.
[ 1557.095213][T18965] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5420'.
[ 1563.697205][T19020] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5433'.
[ 1563.711203][T19020] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5433'.
[ 1563.720286][T19020] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1569.319033][T19049] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5442'.
[ 1571.939196][T19094] syz.8.5452[19094] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1571.939672][T19094] syz.8.5452[19094] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.775026][T19107] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5457'.
[ 1574.795636][T19107] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5457'.
[ 1574.804702][T19107] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1582.854613][T19162] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5470'.
[ 1593.961326][T19241] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5494'.
[ 1594.005273][T19249] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5495'.
[ 1594.016666][T19249] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5495'.
[ 1594.025836][T19249] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1598.363578][T19284] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5501'.
[ 1617.457876][T19415] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5537'.
[ 1618.777552][T19418] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5536'.
[ 1618.788484][T19418] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5536'.
[ 1618.797571][T19418] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1627.843433][T19490] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5558'.
[ 1627.852553][T19490] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5558'.
[ 1627.861592][T19490] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1628.748841][T19492] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5559'.
[ 1634.275394][T19534] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5569'.
[ 1636.649006][   T28] audit: type=1400 audit(1751887243.437:1564): avc:  denied  { getopt } for  pid=19535 comm="syz.1.5571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1642.638446][T19570] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5579'.
[ 1648.272098][T19634] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5594'.
[ 1648.281340][T19634] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5594'.
[ 1648.290359][T19634] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1648.343003][T19631] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5595'.
[ 1650.207937][T19650] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5597'.
[ 1651.657848][T19654] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5598'.
[ 1651.666864][T19654] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5598'.
[ 1651.675951][T19654] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1663.042566][T19736] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5621'.
[ 1667.826600][T19777] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5629'.
[ 1667.835839][T19777] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5629'.
[ 1667.845008][T19777] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1669.015294][T19781] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5631'.
[ 1670.185764][T19789] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5633'.
[ 1675.505021][T19852] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5648'.
[ 1675.514146][T19852] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5648'.
[ 1675.523232][T19852] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1683.577031][T19905] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5662'.
[ 1684.957892][T19914] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5664'.
[ 1688.063498][T19937] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5670'.
[ 1693.973495][T19964] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5678'.
[ 1693.983131][T19964] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5678'.
[ 1693.992276][T19964] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1706.457807][    C1] ------------[ cut here ]------------
[ 1706.463340][    C1] refcount_t: addition on 0; use-after-free.
[ 1706.469546][    C1] WARNING: CPU: 1 PID: 20015 at lib/refcount.c:25 refcount_warn_saturate+0x104/0x1a0
[ 1706.479083][    C1] Modules linked in:
[ 1706.483001][    C1] CPU: 1 PID: 20015 Comm: syz.2.5692 Tainted: G        W          6.1.141-syzkaller-00037-gfa7e0538663e #0
[ 1706.494428][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1706.504540][    C1] RIP: 0010:refcount_warn_saturate+0x104/0x1a0
[ 1706.510773][    C1] Code: 05 01 48 c7 c7 60 a6 a9 85 e8 38 fb dd fe 0f 0b eb df e8 6f b5 0c ff c6 05 cf ab 0b 05 01 48 c7 c7 a0 a5 a9 85 e8 1c fb dd fe <0f> 0b eb c3 e8 53 b5 0c ff c6 05 b4 ab 0b 05 01 48 c7 c7 00 a6 a9
[ 1706.530428][    C1] RSP: 0018:ffffc900001b09e0 EFLAGS: 00010246
[ 1706.536532][    C1] RAX: cf0174cf18afb700 RBX: 0000000000000002 RCX: ffff888138635100
[ 1706.544562][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1706.552579][    C1] RBP: ffffc900001b09f0 R08: dffffc0000000000 R09: fffff520000360b9
[ 1706.560597][    C1] R10: fffff520000360b9 R11: 1ffff920000360b8 R12: ffffc900001b0ba0
[ 1706.568608][    C1] R13: dffffc0000000000 R14: 0000000000000002 R15: ffff88810a201600
[ 1706.576606][    C1] FS:  00007f087ddfb6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1706.585609][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1706.592244][    C1] CR2: 00002000000ab030 CR3: 000000011928a000 CR4: 00000000003506a0
[ 1706.600281][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1706.608312][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1706.616333][    C1] Call Trace:
[ 1706.619650][    C1]  <IRQ>
[ 1706.622515][    C1]  tipc_crypto_xmit+0x1822/0x2220
[ 1706.627582][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 1706.632999][    C1]  ? __copy_skb_header+0x49f/0x630
[ 1706.638167][    C1]  tipc_bearer_xmit_skb+0x226/0x380
[ 1706.643392][    C1]  ? __skb_clone+0x47a/0x790
[ 1706.648038][    C1]  ? __cfi_tipc_bearer_xmit_skb+0x10/0x10
[ 1706.653793][    C1]  ? skb_clone+0x228/0x380
[ 1706.658251][    C1]  tipc_disc_timeout+0x6a2/0x830
[ 1706.663214][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1706.668717][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1706.674201][    C1]  call_timer_fn+0x46/0x2a0
[ 1706.678754][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1706.684236][    C1]  __run_timers+0x639/0x9a0
[ 1706.688801][    C1]  ? calc_index+0x200/0x200
[ 1706.693334][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 1706.698586][    C1]  run_timer_softirq+0x6a/0xf0
[ 1706.703378][    C1]  handle_softirqs+0x1d7/0x600
[ 1706.708182][    C1]  ? irqtime_account_irq+0xc4/0x240
[ 1706.713411][    C1]  __irq_exit_rcu+0x52/0xf0
[ 1706.717962][    C1]  irq_exit_rcu+0x9/0x10
[ 1706.722230][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1706.727905][    C1]  </IRQ>
[ 1706.730849][    C1]  <TASK>
[ 1706.733793][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1706.739823][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x60
[ 1706.745929][    C1] Code: 8b 3d 4c 2a 02 06 48 89 de e8 d4 9f 43 00 5b 5d c3 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 48 8b 45 08 <65> 48 8b 0d 40 76 92 7e 65 8b 15 41 76 92 7e 81 e2 00 01 ff 00 74
[ 1706.765604][    C1] RSP: 0018:ffffc900167576f8 EFLAGS: 00000246
[ 1706.771828][    C1] RAX: ffffffff82344d3c RBX: ffff88811b2efc00 RCX: 0000000000080000
[ 1706.779957][    C1] RDX: ffffc900021ed000 RSI: 000000000002c767 RDI: 000000000002c768
[ 1706.788006][    C1] RBP: ffffc900167576f8 R08: 0000000000000004 R09: 0000000000000003
[ 1706.796033][    C1] R10: fffff52002ceaea6 R11: 1ffff92002ceaea4 R12: ffffffff8648e280
[ 1706.804079][    C1] R13: dffffc0000000000 R14: ffff88811b2ef840 R15: 0000000000000000
[ 1706.812107][    C1]  ? security_unix_may_send+0x8c/0xb0
[ 1706.817534][    C1]  security_unix_may_send+0x8c/0xb0
[ 1706.822819][    C1]  unix_dgram_sendmsg+0xad0/0x16d0
[ 1706.827987][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1706.833580][    C1]  ? security_socket_sendmsg+0x93/0xb0
[ 1706.839091][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1706.844678][    C1]  ____sys_sendmsg+0x5a9/0x990
[ 1706.849487][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[ 1706.854549][    C1]  ? import_iovec+0x7c/0xb0
[ 1706.859115][    C1]  ___sys_sendmsg+0x21c/0x290
[ 1706.863825][    C1]  ? __sys_sendmsg+0x270/0x270
[ 1706.868637][    C1]  ? up_read+0x56/0x1d0
[ 1706.872844][    C1]  __sys_sendmmsg+0x274/0x460
[ 1706.877548][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 1706.882799][    C1]  ? fpregs_restore_userregs+0x128/0x260
[ 1706.888567][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1706.893444][    C1]  x64_sys_call+0x3f5/0x9a0
[ 1706.898010][    C1]  do_syscall_64+0x4c/0xa0
[ 1706.902447][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1706.907146][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1706.911865][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1706.917808][    C1] RIP: 0033:0x7f087cf8e929
[ 1706.922251][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1706.941995][    C1] RSP: 002b:00007f087ddfb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1706.950461][    C1] RAX: ffffffffffffffda RBX: 00007f087d1b5fa0 RCX: 00007f087cf8e929
[ 1706.958475][    C1] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000005
[ 1706.966471][    C1] RBP: 00007f087d010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1706.974481][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1706.982491][    C1] R13: 0000000000000000 R14: 00007f087d1b5fa0 R15: 00007ffd66c04548
[ 1706.990510][    C1]  </TASK>
[ 1706.993546][    C1] ---[ end trace 0000000000000000 ]---
[ 1706.999048][    C1] ------------[ cut here ]------------
[ 1707.004517][    C1] refcount_t: underflow; use-after-free.
[ 1707.010295][    C1] WARNING: CPU: 1 PID: 20015 at lib/refcount.c:28 refcount_warn_saturate+0x120/0x1a0
[ 1707.019808][    C1] Modules linked in:
[ 1707.023724][    C1] CPU: 1 PID: 20015 Comm: syz.2.5692 Tainted: G        W          6.1.141-syzkaller-00037-gfa7e0538663e #0
[ 1707.035149][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1707.045262][    C1] RIP: 0010:refcount_warn_saturate+0x120/0x1a0
[ 1707.051527][    C1] Code: 05 01 48 c7 c7 a0 a5 a9 85 e8 1c fb dd fe 0f 0b eb c3 e8 53 b5 0c ff c6 05 b4 ab 0b 05 01 48 c7 c7 00 a6 a9 85 e8 00 fb dd fe <0f> 0b eb a7 e8 37 b5 0c ff c6 05 95 ab 0b 05 01 48 c7 c7 40 a5 a9
[ 1707.071184][    C1] RSP: 0018:ffffc900001b09e0 EFLAGS: 00010246
[ 1707.077276][    C1] RAX: cf0174cf18afb700 RBX: 0000000000000003 RCX: ffff888138635100
[ 1707.085311][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1707.093335][    C1] RBP: ffffc900001b09f0 R08: dffffc0000000000 R09: fffff520000360b9
[ 1707.101343][    C1] R10: fffff520000360b9 R11: 1ffff920000360b8 R12: 00000000c0000000
[ 1707.109351][    C1] R13: dffffc0000000000 R14: 0000000000000003 R15: ffff88810a201600
[ 1707.117342][    C1] FS:  00007f087ddfb6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1707.126307][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1707.132931][    C1] CR2: 00002000000ab030 CR3: 000000011928a000 CR4: 00000000003506a0
[ 1707.140948][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1707.148958][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1707.156951][    C1] Call Trace:
[ 1707.160260][    C1]  <IRQ>
[ 1707.163127][    C1]  tipc_crypto_xmit+0x195e/0x2220
[ 1707.168208][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 1707.173613][    C1]  ? __copy_skb_header+0x49f/0x630
[ 1707.178784][    C1]  tipc_bearer_xmit_skb+0x226/0x380
[ 1707.184012][    C1]  ? __skb_clone+0x47a/0x790
[ 1707.188651][    C1]  ? __cfi_tipc_bearer_xmit_skb+0x10/0x10
[ 1707.194403][    C1]  ? skb_clone+0x228/0x380
[ 1707.198876][    C1]  tipc_disc_timeout+0x6a2/0x830
[ 1707.203857][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1707.209380][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1707.214871][    C1]  call_timer_fn+0x46/0x2a0
[ 1707.219413][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1707.224896][    C1]  __run_timers+0x639/0x9a0
[ 1707.229455][    C1]  ? calc_index+0x200/0x200
[ 1707.233986][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 1707.239237][    C1]  run_timer_softirq+0x6a/0xf0
[ 1707.244031][    C1]  handle_softirqs+0x1d7/0x600
[ 1707.248849][    C1]  ? irqtime_account_irq+0xc4/0x240
[ 1707.254105][    C1]  __irq_exit_rcu+0x52/0xf0
[ 1707.258645][    C1]  irq_exit_rcu+0x9/0x10
[ 1707.262912][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1707.268588][    C1]  </IRQ>
[ 1707.271531][    C1]  <TASK>
[ 1707.274477][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1707.280506][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x60
[ 1707.286602][    C1] Code: 8b 3d 4c 2a 02 06 48 89 de e8 d4 9f 43 00 5b 5d c3 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 48 8b 45 08 <65> 48 8b 0d 40 76 92 7e 65 8b 15 41 76 92 7e 81 e2 00 01 ff 00 74
[ 1707.306264][    C1] RSP: 0018:ffffc900167576f8 EFLAGS: 00000246
[ 1707.312374][    C1] RAX: ffffffff82344d3c RBX: ffff88811b2efc00 RCX: 0000000000080000
[ 1707.320385][    C1] RDX: ffffc900021ed000 RSI: 000000000002c767 RDI: 000000000002c768
[ 1707.328393][    C1] RBP: ffffc900167576f8 R08: 0000000000000004 R09: 0000000000000003
[ 1707.336409][    C1] R10: fffff52002ceaea6 R11: 1ffff92002ceaea4 R12: ffffffff8648e280
[ 1707.344421][    C1] R13: dffffc0000000000 R14: ffff88811b2ef840 R15: 0000000000000000
[ 1707.352436][    C1]  ? security_unix_may_send+0x8c/0xb0
[ 1707.357964][    C1]  security_unix_may_send+0x8c/0xb0
[ 1707.363314][    C1]  unix_dgram_sendmsg+0xad0/0x16d0
[ 1707.368476][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1707.374050][    C1]  ? security_socket_sendmsg+0x93/0xb0
[ 1707.379551][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1707.385156][    C1]  ____sys_sendmsg+0x5a9/0x990
[ 1707.389970][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[ 1707.395023][    C1]  ? import_iovec+0x7c/0xb0
[ 1707.399585][    C1]  ___sys_sendmsg+0x21c/0x290
[ 1707.404287][    C1]  ? __sys_sendmsg+0x270/0x270
[ 1707.409113][    C1]  ? up_read+0x56/0x1d0
[ 1707.413316][    C1]  __sys_sendmmsg+0x274/0x460
[ 1707.418061][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 1707.423298][    C1]  ? fpregs_restore_userregs+0x128/0x260
[ 1707.428972][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1707.433844][    C1]  x64_sys_call+0x3f5/0x9a0
[ 1707.438388][    C1]  do_syscall_64+0x4c/0xa0
[ 1707.442829][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1707.447531][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1707.452244][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1707.458182][    C1] RIP: 0033:0x7f087cf8e929
[ 1707.462707][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1707.482445][    C1] RSP: 002b:00007f087ddfb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1707.490920][    C1] RAX: ffffffffffffffda RBX: 00007f087d1b5fa0 RCX: 00007f087cf8e929
[ 1707.498927][    C1] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000005
[ 1707.506922][    C1] RBP: 00007f087d010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1707.514934][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1707.522946][    C1] R13: 0000000000000000 R14: 00007f087d1b5fa0 R15: 00007ffd66c04548
[ 1707.530965][    C1]  </TASK>
[ 1707.534000][    C1] ---[ end trace 0000000000000000 ]---
[ 1707.539782][    C1] ------------[ cut here ]------------
[ 1707.545254][    C1] refcount_t: saturated; leaking memory.
[ 1707.551032][    C1] WARNING: CPU: 1 PID: 20015 at lib/refcount.c:22 refcount_warn_saturate+0x158/0x1a0
[ 1707.560628][    C1] Modules linked in:
[ 1707.564541][    C1] CPU: 1 PID: 20015 Comm: syz.2.5692 Tainted: G        W          6.1.141-syzkaller-00037-gfa7e0538663e #0
[ 1707.575973][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1707.586094][    C1] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
[ 1707.592311][    C1] Code: 05 01 48 c7 c7 40 a5 a9 85 e8 e4 fa dd fe 0f 0b eb 8b e8 1b b5 0c ff c6 05 7a ab 0b 05 01 48 c7 c7 40 a5 a9 85 e8 c8 fa dd fe <0f> 0b e9 6c ff ff ff e8 fc b4 0c ff c6 05 5f ab 0b 05 01 48 c7 c7
[ 1707.611964][    C1] RSP: 0018:ffffc900001b09e0 EFLAGS: 00010246
[ 1707.618074][    C1] RAX: cf0174cf18afb700 RBX: 0000000000000001 RCX: ffff888138635100
[ 1707.626066][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1707.634078][    C1] RBP: ffffc900001b09f0 R08: dffffc0000000000 R09: fffff520000360b9
[ 1707.642093][    C1] R10: fffff520000360b9 R11: 1ffff920000360b8 R12: ffffc900001b0ba0
[ 1707.650106][    C1] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff88810a201600
[ 1707.658118][    C1] FS:  00007f087ddfb6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1707.667076][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1707.673700][    C1] CR2: 00002000000ab030 CR3: 000000011928a000 CR4: 00000000003506a0
[ 1707.681721][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1707.689725][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1707.697719][    C1] Call Trace:
[ 1707.701033][    C1]  <IRQ>
[ 1707.703894][    C1]  tipc_crypto_xmit+0x1822/0x2220
[ 1707.709059][    C1]  ? __cfi_tipc_crypto_xmit+0x10/0x10
[ 1707.714464][    C1]  ? __copy_skb_header+0x49f/0x630
[ 1707.719653][    C1]  tipc_bearer_xmit_skb+0x226/0x380
[ 1707.724906][    C1]  ? __skb_clone+0x47a/0x790
[ 1707.729562][    C1]  ? __cfi_tipc_bearer_xmit_skb+0x10/0x10
[ 1707.735318][    C1]  ? skb_clone+0x228/0x380
[ 1707.739778][    C1]  tipc_disc_timeout+0x6a2/0x830
[ 1707.744745][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1707.750344][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1707.755834][    C1]  call_timer_fn+0x46/0x2a0
[ 1707.760386][    C1]  ? __cfi_tipc_disc_timeout+0x10/0x10
[ 1707.765871][    C1]  __run_timers+0x639/0x9a0
[ 1707.770423][    C1]  ? calc_index+0x200/0x200
[ 1707.774962][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 1707.780216][    C1]  run_timer_softirq+0x6a/0xf0
[ 1707.785008][    C1]  handle_softirqs+0x1d7/0x600
[ 1707.789815][    C1]  ? irqtime_account_irq+0xc4/0x240
[ 1707.795080][    C1]  __irq_exit_rcu+0x52/0xf0
[ 1707.799626][    C1]  irq_exit_rcu+0x9/0x10
[ 1707.803901][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1707.809579][    C1]  </IRQ>
[ 1707.812534][    C1]  <TASK>
[ 1707.815480][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1707.821537][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x60
[ 1707.827635][    C1] Code: 8b 3d 4c 2a 02 06 48 89 de e8 d4 9f 43 00 5b 5d c3 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 48 8b 45 08 <65> 48 8b 0d 40 76 92 7e 65 8b 15 41 76 92 7e 81 e2 00 01 ff 00 74
[ 1707.847285][    C1] RSP: 0018:ffffc900167576f8 EFLAGS: 00000246
[ 1707.853392][    C1] RAX: ffffffff82344d3c RBX: ffff88811b2efc00 RCX: 0000000000080000
[ 1707.861401][    C1] RDX: ffffc900021ed000 RSI: 000000000002c767 RDI: 000000000002c768
[ 1707.869410][    C1] RBP: ffffc900167576f8 R08: 0000000000000004 R09: 0000000000000003
[ 1707.877412][    C1] R10: fffff52002ceaea6 R11: 1ffff92002ceaea4 R12: ffffffff8648e280
[ 1707.885453][    C1] R13: dffffc0000000000 R14: ffff88811b2ef840 R15: 0000000000000000
[ 1707.893484][    C1]  ? security_unix_may_send+0x8c/0xb0
[ 1707.898920][    C1]  security_unix_may_send+0x8c/0xb0
[ 1707.904157][    C1]  unix_dgram_sendmsg+0xad0/0x16d0
[ 1707.909320][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1707.914896][    C1]  ? security_socket_sendmsg+0x93/0xb0
[ 1707.920406][    C1]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1707.925983][    C1]  ____sys_sendmsg+0x5a9/0x990
[ 1707.930788][    C1]  ? __sys_sendmsg_sock+0x40/0x40
[ 1707.935836][    C1]  ? import_iovec+0x7c/0xb0
[ 1707.940386][    C1]  ___sys_sendmsg+0x21c/0x290
[ 1707.945107][    C1]  ? __sys_sendmsg+0x270/0x270
[ 1707.950016][    C1]  ? up_read+0x56/0x1d0
[ 1707.954214][    C1]  __sys_sendmmsg+0x274/0x460
[ 1707.959114][    C1]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 1707.964346][    C1]  ? fpregs_restore_userregs+0x128/0x260
[ 1707.970019][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1707.974893][    C1]  x64_sys_call+0x3f5/0x9a0
[ 1707.979435][    C1]  do_syscall_64+0x4c/0xa0
[ 1707.983872][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1707.988584][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1707.993283][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1707.999217][    C1] RIP: 0033:0x7f087cf8e929
[ 1708.003661][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1708.023326][    C1] RSP: 002b:00007f087ddfb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1708.031802][    C1] RAX: ffffffffffffffda RBX: 00007f087d1b5fa0 RCX: 00007f087cf8e929
[ 1708.039819][    C1] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000005
[ 1708.047831][    C1] RBP: 00007f087d010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1708.055824][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1708.063839][    C1] R13: 0000000000000000 R14: 00007f087d1b5fa0 R15: 00007ffd66c04548
[ 1708.071893][    C1]  </TASK>
[ 1708.074956][    C1] ---[ end trace 0000000000000000 ]---
[ 1712.120299][T20037] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5695'.
[ 1712.129417][T20037] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5695'.
[ 1712.138438][T20037] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1712.438110][T20017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1712.499462][T20017] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1712.690157][T20017] device bridge_slave_0 entered promiscuous mode
[ 1713.762788][T20017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1713.777163][T20017] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1713.788370][T20017] device bridge_slave_1 entered promiscuous mode
[ 1713.853120][T20040] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5697'.
[ 1714.007130][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1714.015543][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1714.038400][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1714.082328][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1714.092395][T15068] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1714.099607][T15068] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1714.107369][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1714.116041][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1714.124624][T15068] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1714.131732][T15068] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1714.363080][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1715.261721][T20017] device veth0_vlan entered promiscuous mode
[ 1715.273567][T20074] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5703'.
[ 1715.282645][T20074] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5703'.
[ 1715.291755][T20074] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1715.308403][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1715.328279][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1715.349829][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1715.386330][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1715.394611][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1715.403207][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1715.417699][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1715.431506][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1715.493848][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1715.515955][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1715.549459][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1715.564859][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1715.636223][T20017] device veth1_macvtap entered promiscuous mode
[ 1715.707987][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1715.715784][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1715.740677][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1715.757508][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1716.008792][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1716.213153][  T304] tipc: Disabling bearer <udp:syz2>
[ 1716.479023][  T304] tipc: Left network mode
[ 1716.939853][  T304] ------------[ cut here ]------------
[ 1716.945413][  T304] refcount_t: saturated; leaking memory.
[ 1717.145138][  T304] WARNING: CPU: 0 PID: 304 at lib/refcount.c:19 refcount_warn_saturate+0x13c/0x1a0
[ 1717.154651][  T304] Modules linked in:
[ 1717.158624][  T304] CPU: 0 PID: 304 Comm: kworker/u4:3 Tainted: G        W          6.1.141-syzkaller-00037-gfa7e0538663e #0
[ 1717.170058][  T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1717.180332][  T304] Workqueue: netns cleanup_net
[ 1717.185200][  T304] RIP: 0010:refcount_warn_saturate+0x13c/0x1a0
[ 1717.191449][  T304] Code: 05 01 48 c7 c7 00 a6 a9 85 e8 00 fb dd fe 0f 0b eb a7 e8 37 b5 0c ff c6 05 95 ab 0b 05 01 48 c7 c7 40 a5 a9 85 e8 e4 fa dd fe <0f> 0b eb 8b e8 1b b5 0c ff c6 05 7a ab 0b 05 01 48 c7 c7 40 a5 a9
[ 1717.211199][  T304] RSP: 0018:ffffc9000db5f7c0 EFLAGS: 00010246
[ 1717.217317][  T304] RAX: 83da3605a4b22500 RBX: 0000000000000000 RCX: ffff88810c832880
[ 1717.225369][  T304] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 1717.233411][  T304] RBP: ffffc9000db5f7d0 R08: dffffc0000000000 R09: fffff52001b6be75
[ 1717.241463][  T304] R10: fffff52001b6be75 R11: 1ffff92001b6be74 R12: 1ffff92001b6bf04
[ 1717.249512][  T304] R13: ffffc9000db5f840 R14: 0000000000000000 R15: ffff88810ca3350c
[ 1717.257511][  T304] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1717.266532][  T304] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1717.273203][  T304] CR2: 0000001b2d913ff8 CR3: 0000000006e0f000 CR4: 00000000003506b0
[ 1717.281272][  T304] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1717.289310][  T304] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1717.297343][  T304] Call Trace:
[ 1717.300687][  T304]  <TASK>
[ 1717.303677][  T304]  nf_nat_masq_schedule+0x46b/0x4e0
[ 1717.308954][  T304]  ? __cfi_device_cmp+0x10/0x10
[ 1717.314066][  T304]  ? masq_device_event+0xd0/0xd0
[ 1717.319084][  T304]  ? nfqnl_rcv_dev_event+0x441/0x470
[ 1717.324444][  T304]  ? rtnl_is_locked+0x15/0x20
[ 1717.329226][  T304]  masq_device_event+0x9b/0xd0
[ 1717.334067][  T304]  raw_notifier_call_chain+0xa1/0x110
[ 1717.339527][  T304]  dev_close_many+0x32d/0x4d0
[ 1717.344265][  T304]  ? irqentry_exit+0x37/0x40
[ 1717.348937][  T304]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1717.354300][  T304]  ? __cfi_dev_close_many+0x10/0x10
[ 1717.359584][  T304]  unregister_netdevice_many+0x439/0x1820
[ 1717.365371][  T304]  ? __cfi_preempt_schedule_irq+0x10/0x10
[ 1717.371169][  T304]  ? __cfi_unregister_netdevice_many+0x10/0x10
[ 1717.377392][  T304]  ? irqentry_exit+0x37/0x40
[ 1717.382064][  T304]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1717.387434][  T304]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1717.393195][  T304]  ? ip6gre_exit_batch_net+0x316/0x5f0
[ 1717.398726][  T304]  ip6gre_exit_batch_net+0x5a8/0x5f0
[ 1717.404057][  T304]  ? irqentry_exit+0x37/0x40
[ 1717.408704][  T304]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1717.414042][  T304]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 1717.419989][  T304]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 1717.425869][  T304]  cleanup_net+0x62d/0xb00
[ 1717.430388][  T304]  ? __cfi_cleanup_net+0x10/0x10
[ 1717.435373][  T304]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 1717.440843][  T304]  process_one_work+0x71f/0xc40
[ 1717.445744][  T304]  worker_thread+0xa29/0x11f0
[ 1717.450536][  T304]  kthread+0x281/0x320
[ 1717.454652][  T304]  ? __cfi_worker_thread+0x10/0x10
[ 1717.459849][  T304]  ? __cfi_kthread+0x10/0x10
[ 1717.464492][  T304]  ret_from_fork+0x1f/0x30
[ 1717.469027][  T304]  </TASK>
[ 1717.472084][  T304] ---[ end trace 0000000000000000 ]---
[ 1719.148503][  T304] ------------[ cut here ]------------
[ 1719.154022][  T304] WARNING: CPU: 0 PID: 304 at lib/ref_tracker.c:77 ref_tracker_alloc+0x2ae/0x430
[ 1719.163337][  T304] Modules linked in:
[ 1719.167251][  T304] CPU: 0 PID: 304 Comm: kworker/u4:3 Tainted: G        W          6.1.141-syzkaller-00037-gfa7e0538663e #0
[ 1719.178856][  T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1719.189067][  T304] Workqueue: netns cleanup_net
[ 1719.193885][  T304] RIP: 0010:ref_tracker_alloc+0x2ae/0x430
[ 1719.199690][  T304] Code: f9 e5 fe 48 bb 00 00 00 00 00 fc ff df 4c 8b 74 24 08 48 8b 7c 24 10 48 8b 74 24 18 e8 1b 47 66 02 31 c0 eb 6d e8 52 f9 e5 fe <0f> 0b 4d 85 e4 0f 85 09 fe ff ff 4c 8b 64 24 10 4d 8d 74 24 0c 4c
[ 1719.219366][  T304] RSP: 0018:ffffc9000db5f6a0 EFLAGS: 00010293
[ 1719.225480][  T304] RAX: ffffffff8289fe1e RBX: dffffc0000000000 RCX: ffff88810c832880
[ 1719.233499][  T304] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000db5f760
[ 1719.241508][  T304] RBP: ffffc9000db5f7d0 R08: dffffc0000000000 R09: ffffc9000db5f6e0
[ 1719.249532][  T304] R10: fffff52001b6beec R11: 1ffff92001b6bedc R12: ffff8881117a92b8
[ 1719.257532][  T304] R13: ffff88810ca33520 R14: 0000000000000cc0 R15: ffff88810ca33510
[ 1719.265578][  T304] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1719.274566][  T304] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1719.281252][  T304] CR2: 00007f087ddd9f98 CR3: 0000000006e0f000 CR4: 00000000003506b0
[ 1719.289281][  T304] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1719.297280][  T304] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1719.305327][  T304] Call Trace:
[ 1719.308671][  T304]  <TASK>
[ 1719.311630][  T304]  ? __cfi_ref_tracker_alloc+0x10/0x10
[ 1719.317133][  T304]  ? kasan_save_alloc_info+0x25/0x30
[ 1719.322493][  T304]  ? __kasan_kmalloc+0x95/0xb0
[ 1719.327289][  T304]  ? nf_nat_masq_schedule+0x238/0x4e0
[ 1719.332728][  T304]  ? kmalloc_trace+0x40/0xb0
[ 1719.337362][  T304]  nf_nat_masq_schedule+0x338/0x4e0
[ 1719.342641][  T304]  ? __cfi_device_cmp+0x10/0x10
[ 1719.347553][  T304]  ? masq_device_event+0xd0/0xd0
[ 1719.352585][  T304]  ? nfqnl_rcv_dev_event+0x441/0x470
[ 1719.357953][  T304]  ? rtnl_is_locked+0x15/0x20
[ 1719.362673][  T304]  masq_device_event+0x9b/0xd0
[ 1719.367520][  T304]  raw_notifier_call_chain+0xa1/0x110
[ 1719.372993][  T304]  dev_close_many+0x32d/0x4d0
[ 1719.377713][  T304]  ? irqentry_exit+0x37/0x40
[ 1719.382386][  T304]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1719.387702][  T304]  ? __cfi_dev_close_many+0x10/0x10
[ 1719.392965][  T304]  unregister_netdevice_many+0x439/0x1820
[ 1719.398756][  T304]  ? __cfi_preempt_schedule_irq+0x10/0x10
[ 1719.404519][  T304]  ? __cfi_unregister_netdevice_many+0x10/0x10
[ 1719.410732][  T304]  ? irqentry_exit+0x37/0x40
[ 1719.415386][  T304]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1719.420730][  T304]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1719.426407][  T304]  ? ip6gre_exit_batch_net+0x316/0x5f0
[ 1719.431937][  T304]  ip6gre_exit_batch_net+0x5a8/0x5f0
[ 1719.437262][  T304]  ? irqentry_exit+0x37/0x40
[ 1719.441918][  T304]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1719.447240][  T304]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 1719.453120][  T304]  ? __cfi_ip6gre_exit_batch_net+0x10/0x10
[ 1719.459004][  T304]  cleanup_net+0x62d/0xb00
[ 1719.463457][  T304]  ? __cfi_cleanup_net+0x10/0x10
[ 1719.468465][  T304]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 1719.473876][  T304]  process_one_work+0x71f/0xc40
[ 1719.478790][  T304]  worker_thread+0xa29/0x11f0
[ 1719.483499][  T304]  kthread+0x281/0x320
[ 1719.487589][  T304]  ? __cfi_worker_thread+0x10/0x10
[ 1719.492765][  T304]  ? __cfi_kthread+0x10/0x10
[ 1719.497383][  T304]  ret_from_fork+0x1f/0x30
[ 1719.501887][  T304]  </TASK>
[ 1719.504956][  T304] ---[ end trace 0000000000000000 ]---
[ 1719.527635][ T6553] ------------[ cut here ]------------
[ 1719.533188][ T6553] WARNING: CPU: 0 PID: 6553 at lib/ref_tracker.c:110 ref_tracker_free+0x5de/0x7c0
[ 1719.542477][ T6553] Modules linked in:
[ 1719.546393][ T6553] CPU: 0 PID: 6553 Comm: kworker/0:2 Tainted: G        W          6.1.141-syzkaller-00037-gfa7e0538663e #0
[ 1719.557860][ T6553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1719.567975][ T6553] Workqueue: events iterate_cleanup_work
[ 1719.573655][ T6553] RIP: 0010:ref_tracker_free+0x5de/0x7c0
[ 1719.579365][ T6553] Code: 85 e8 2e 70 5b 02 43 0f b6 04 2c 84 c0 4c 8b 74 24 08 0f 85 c9 01 00 00 41 8b 3f e8 dc e8 ff ff 4c 89 f6 eb 84 e8 62 f1 e5 fe <0f> 0b 4d 85 ff 0f 85 d3 fa ff ff 4c 8b 24 24 4d 8d 74 24 0c 4c 89
[ 1719.599051][ T6553] RSP: 0018:ffffc90000f3fb20 EFLAGS: 00010293
[ 1719.605156][ T6553] RAX: ffffffff828a060e RBX: 1ffff920001e7f68 RCX: ffff88811bfb3cc0
[ 1719.613192][ T6553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90000f3fbe0
[ 1719.621218][ T6553] RBP: ffffc90000f3fc50 R08: dffffc0000000000 R09: ffffc90000f3fb60
[ 1719.629245][ T6553] R10: fffff520001e7f7c R11: 1ffff920001e7f6c R12: ffff88810ca33520
[ 1719.637247][ T6553] R13: dffffc0000000000 R14: ffffc90000f3fb60 R15: ffff8881117a92b8
[ 1719.645277][ T6553] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1719.654266][ T6553] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1719.660920][ T6553] CR2: 0000001b2c718ff8 CR3: 0000000006e0f000 CR4: 00000000003506b0
[ 1719.668946][ T6553] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1719.676939][ T6553] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1719.684962][ T6553] Call Trace:
[ 1719.688281][ T6553]  <TASK>
[ 1719.691233][ T6553]  ? __cfi_ref_tracker_free+0x10/0x10
[ 1719.696645][ T6553]  ? __cfi_device_cmp+0x10/0x10
[ 1719.701545][ T6553]  ? __kasan_check_read+0x11/0x20
[ 1719.706604][ T6553]  ? nf_ct_iterate_cleanup_net+0xe8/0x130
[ 1719.712378][ T6553]  iterate_cleanup_work+0x105/0x1f0
[ 1719.717607][ T6553]  ? __cfi_iterate_cleanup_work+0x10/0x10
[ 1719.723397][ T6553]  ? __schedule+0xb8f/0x14e0
[ 1719.728044][ T6553]  process_one_work+0x71f/0xc40
[ 1719.732918][ T6553]  worker_thread+0xa29/0x11f0
[ 1719.737623][ T6553]  kthread+0x281/0x320
[ 1719.741773][ T6553]  ? __cfi_worker_thread+0x10/0x10
[ 1719.746906][ T6553]  ? __cfi_kthread+0x10/0x10
[ 1719.751563][ T6553]  ret_from_fork+0x1f/0x30
[ 1719.756012][ T6553]  </TASK>
[ 1719.759063][ T6553] ---[ end trace 0000000000000000 ]---
[ 1720.395011][   T28] audit: type=1400 audit(1751887327.817:1565): avc:  denied  { getopt } for  pid=20150 comm="syz.0.5720" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1721.416817][T20146] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5717'.
[ 1721.425948][T20146] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5717'.
[ 1721.435135][T20146] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1721.456395][T20157] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5718'.
[ 1721.465975][T20157] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5718'.
[ 1721.475056][T20157] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1723.475259][  T304] device veth1_macvtap left promiscuous mode
[ 1723.485690][  T304] device veth0_vlan left promiscuous mode
[ 1729.581489][  T304] ==================================================================
[ 1729.589628][  T304] BUG: KASAN: use-after-free in tcp_metrics_flush_all+0xd3/0x210
[ 1729.597392][  T304] Read of size 4 at addr ffff88810ca3350c by task kworker/u4:3/304
[ 1729.605319][  T304] 
[ 1729.607671][  T304] CPU: 1 PID: 304 Comm: kworker/u4:3 Tainted: G        W          6.1.141-syzkaller-00037-gfa7e0538663e #0
[ 1729.619059][  T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1729.629140][  T304] Workqueue: netns cleanup_net
[ 1729.633951][  T304] Call Trace:
[ 1729.637252][  T304]  <TASK>
[ 1729.640198][  T304]  __dump_stack+0x21/0x24
[ 1729.644566][  T304]  dump_stack_lvl+0xee/0x150
[ 1729.649189][  T304]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1729.654253][  T304]  ? __cfi__printk+0x8/0x8
[ 1729.658696][  T304]  ? tcp_metrics_flush_all+0xd3/0x210
[ 1729.664092][  T304]  print_address_description+0x71/0x210
[ 1729.669672][  T304]  print_report+0x4a/0x60
[ 1729.674031][  T304]  kasan_report+0x122/0x150
[ 1729.678560][  T304]  ? tcp_metrics_flush_all+0xd3/0x210
[ 1729.683957][  T304]  kasan_check_range+0x280/0x290
[ 1729.688923][  T304]  __kasan_check_read+0x11/0x20
[ 1729.693828][  T304]  tcp_metrics_flush_all+0xd3/0x210
[ 1729.699052][  T304]  ? __cfi_tcp_net_metrics_exit_batch+0x10/0x10
[ 1729.705325][  T304]  tcp_net_metrics_exit_batch+0x10/0x20
[ 1729.710899][  T304]  cleanup_net+0x62d/0xb00
[ 1729.715348][  T304]  ? __cfi_cleanup_net+0x10/0x10
[ 1729.720316][  T304]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 1729.725725][  T304]  process_one_work+0x71f/0xc40
[ 1729.730690][  T304]  worker_thread+0xa29/0x11f0
[ 1729.735397][  T304]  kthread+0x281/0x320
[ 1729.739487][  T304]  ? __cfi_worker_thread+0x10/0x10
[ 1729.744619][  T304]  ? __cfi_kthread+0x10/0x10
[ 1729.749241][  T304]  ret_from_fork+0x1f/0x30
[ 1729.753694][  T304]  </TASK>
[ 1729.756731][  T304] 
[ 1729.759077][  T304] Allocated by task 288:
[ 1729.763353][  T304]  kasan_set_track+0x4b/0x70
[ 1729.767963][  T304]  kasan_save_alloc_info+0x25/0x30
[ 1729.773105][  T304]  __kasan_slab_alloc+0x72/0x80
[ 1729.777969][  T304]  slab_post_alloc_hook+0x4f/0x2d0
[ 1729.783090][  T304]  kmem_cache_alloc+0x16e/0x330
[ 1729.787949][  T304]  copy_net_ns+0x145/0x5c0
[ 1729.792375][  T304]  create_new_namespaces+0x3a2/0x660
[ 1729.797675][  T304]  unshare_nsproxy_namespaces+0x120/0x170
[ 1729.803408][  T304]  ksys_unshare+0x4ac/0x7b0
[ 1729.807927][  T304]  __x64_sys_unshare+0x38/0x40
[ 1729.812710][  T304]  x64_sys_call+0x767/0x9a0
[ 1729.817240][  T304]  do_syscall_64+0x4c/0xa0
[ 1729.821657][  T304]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1729.827552][  T304] 
[ 1729.829876][  T304] Freed by task 304:
[ 1729.833763][  T304]  kasan_set_track+0x4b/0x70
[ 1729.838353][  T304]  kasan_save_free_info+0x31/0x50
[ 1729.843387][  T304]  ____kasan_slab_free+0x132/0x180
[ 1729.848499][  T304]  __kasan_slab_free+0x11/0x20
[ 1729.853266][  T304]  slab_free_freelist_hook+0xc2/0x190
[ 1729.858673][  T304]  kmem_cache_free+0x12d/0x300
[ 1729.863444][  T304]  cleanup_net+0xa58/0xb00
[ 1729.867868][  T304]  process_one_work+0x71f/0xc40
[ 1729.872720][  T304]  worker_thread+0xa29/0x11f0
[ 1729.877399][  T304]  kthread+0x281/0x320
[ 1729.881472][  T304]  ret_from_fork+0x1f/0x30
[ 1729.885892][  T304] 
[ 1729.888222][  T304] Last potentially related work creation:
[ 1729.893949][  T304]  kasan_save_stack+0x3a/0x60
[ 1729.898647][  T304]  __kasan_record_aux_stack+0xb6/0xc0
[ 1729.904044][  T304]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1729.909869][  T304]  insert_work+0x51/0x300
[ 1729.914306][  T304]  __queue_work+0x9b1/0xd30
[ 1729.918855][  T304]  delayed_work_timer_fn+0x61/0x80
[ 1729.924080][  T304]  call_timer_fn+0x46/0x2a0
[ 1729.928603][  T304]  __run_timers+0x667/0x9a0
[ 1729.933132][  T304]  run_timer_softirq+0xb8/0xf0
[ 1729.937910][  T304]  handle_softirqs+0x1d7/0x600
[ 1729.942685][  T304]  __irq_exit_rcu+0x52/0xf0
[ 1729.947199][  T304]  irq_exit_rcu+0x9/0x10
[ 1729.951449][  T304]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1729.957092][  T304]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1729.963081][  T304] 
[ 1729.965407][  T304] Second to last potentially related work creation:
[ 1729.972015][  T304]  kasan_save_stack+0x3a/0x60
[ 1729.976696][  T304]  __kasan_record_aux_stack+0xb6/0xc0
[ 1729.982077][  T304]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1729.987905][  T304]  insert_work+0x51/0x300
[ 1729.992246][  T304]  __queue_work+0x9b1/0xd30
[ 1729.996757][  T304]  delayed_work_timer_fn+0x61/0x80
[ 1730.001870][  T304]  call_timer_fn+0x46/0x2a0
[ 1730.006376][  T304]  __run_timers+0x667/0x9a0
[ 1730.010881][  T304]  run_timer_softirq+0xb8/0xf0
[ 1730.015653][  T304]  handle_softirqs+0x1d7/0x600
[ 1730.020427][  T304]  __irq_exit_rcu+0x52/0xf0
[ 1730.024947][  T304]  irq_exit_rcu+0x9/0x10
[ 1730.029203][  T304]  sysvec_apic_timer_interrupt+0x58/0xc0
[ 1730.034852][  T304]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1730.040845][  T304] 
[ 1730.043171][  T304] The buggy address belongs to the object at ffff88810ca33480
[ 1730.043171][  T304]  which belongs to the cache net_namespace of size 4224
[ 1730.057484][  T304] The buggy address is located 140 bytes inside of
[ 1730.057484][  T304]  4224-byte region [ffff88810ca33480, ffff88810ca34500)
[ 1730.070844][  T304] 
[ 1730.073169][  T304] The buggy address belongs to the physical page:
[ 1730.079571][  T304] page:ffffea0004328c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ca30
[ 1730.089848][  T304] head:ffffea0004328c00 order:3 compound_mapcount:0 compound_pincount:0
[ 1730.098186][  T304] flags: 0x4000000000010200(slab|head|zone=1)
[ 1730.104283][  T304] raw: 4000000000010200 0000000000000000 dead000000000001 ffff8881002adb00
[ 1730.112872][  T304] raw: 0000000000000000 0000000000070007 00000001ffffffff 0000000000000000
[ 1730.121461][  T304] page dumped because: kasan: bad access detected
[ 1730.127870][  T304] page_owner tracks the page as allocated
[ 1730.133582][  T304] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 288, tgid 288 (syz-executor), ts 25902090681, free_ts 25648037045
[ 1730.154785][  T304]  post_alloc_hook+0x1f5/0x210
[ 1730.159561][  T304]  prep_new_page+0x1c/0x110
[ 1730.164068][  T304]  get_page_from_freelist+0x2c7b/0x2cf0
[ 1730.169708][  T304]  __alloc_pages+0x19e/0x3a0
[ 1730.174316][  T304]  alloc_slab_page+0x6e/0xf0
[ 1730.178915][  T304]  new_slab+0x98/0x3d0
[ 1730.183002][  T304]  ___slab_alloc+0x6f6/0xb50
[ 1730.187598][  T304]  __slab_alloc+0x5e/0xa0
[ 1730.191944][  T304]  kmem_cache_alloc+0x1b0/0x330
[ 1730.196803][  T304]  copy_net_ns+0x145/0x5c0
[ 1730.201226][  T304]  create_new_namespaces+0x3a2/0x660
[ 1730.206532][  T304]  unshare_nsproxy_namespaces+0x120/0x170
[ 1730.212265][  T304]  ksys_unshare+0x4ac/0x7b0
[ 1730.216780][  T304]  __x64_sys_unshare+0x38/0x40
[ 1730.221553][  T304]  x64_sys_call+0x767/0x9a0
[ 1730.226062][  T304]  do_syscall_64+0x4c/0xa0
[ 1730.230483][  T304] page last free stack trace:
[ 1730.235160][  T304]  free_unref_page_prepare+0x742/0x750
[ 1730.240624][  T304]  free_unref_page+0x8f/0x530
[ 1730.245313][  T304]  __free_pages+0x67/0x100
[ 1730.249730][  T304]  __free_slab+0xca/0x1a0
[ 1730.254066][  T304]  __unfreeze_partials+0x160/0x190
[ 1730.259186][  T304]  put_cpu_partial+0xa9/0x100
[ 1730.263877][  T304]  __slab_free+0x1c4/0x280
[ 1730.268305][  T304]  ___cache_free+0xbf/0xd0
[ 1730.272725][  T304]  qlist_free_all+0xc6/0x140
[ 1730.277327][  T304]  kasan_quarantine_reduce+0x14a/0x170
[ 1730.282800][  T304]  __kasan_slab_alloc+0x24/0x80
[ 1730.287652][  T304]  slab_post_alloc_hook+0x4f/0x2d0
[ 1730.292812][  T304]  kmem_cache_alloc+0x16e/0x330
[ 1730.297669][  T304]  getname_flags+0xb9/0x500
[ 1730.302182][  T304]  getname+0x19/0x20
[ 1730.306086][  T304]  do_sys_openat2+0xcb/0x7e0
[ 1730.310684][  T304] 
[ 1730.313010][  T304] Memory state around the buggy address:
[ 1730.318651][  T304]  ffff88810ca33400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1730.326714][  T304]  ffff88810ca33480: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1730.334778][  T304] >ffff88810ca33500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1730.342837][  T304]                       ^
[ 1730.347163][  T304]  ffff88810ca33580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1730.355228][  T304]  ffff88810ca33600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1730.363289][  T304] ==================================================================
[ 1730.371461][  T304] Disabling lock debugging due to kernel taint
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1730.468526][   T28] audit: type=1400 audit(1751887337.867:1566): avc:  denied  { write } for  pid=275 comm="syz-executor" path="pipe:[13753]" dev="pipefs" ino=13753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 1730.538845][   T28] audit: type=1400 audit(1751887337.917:1567): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1730.756377][   T28] audit: type=1400 audit(1751887337.917:1568): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1730.879523][   T28] audit: type=1400 audit(1751887337.917:1569): avc:  denied  { append } for  pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1730.978109][   T28] audit: type=1400 audit(1751887337.917:1570): avc:  denied  { open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1731.037781][   T28] audit: type=1400 audit(1751887337.917:1571): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1731.675578][  T304] tipc: Disabling bearer <udp:syz2>
[ 1731.680953][  T304] tipc: Left network mode
[ 1731.685650][  T304] tipc: Disabling bearer <udp:syz2>
[ 1731.691019][  T304] tipc: Left network mode
[ 1731.695652][  T304] tipc: Disabling bearer <udp:syz2>
[ 1731.701033][  T304] tipc: Left network mode
[ 1731.705675][  T304] tipc: Disabling bearer <udp:syz2>
[ 1731.711149][  T304] tipc: Left network mode
[ 1732.209231][  T304] device bridge_slave_1 left promiscuous mode
[ 1732.215371][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1732.222979][  T304] device bridge_slave_0 left promiscuous mode
[ 1732.229178][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.237949][  T304] device bridge_slave_1 left promiscuous mode
[ 1732.244081][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1732.251726][  T304] device bridge_slave_0 left promiscuous mode
[ 1732.257884][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.266671][  T304] device bridge_slave_1 left promiscuous mode
[ 1732.272838][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1732.280195][  T304] device bridge_slave_0 left promiscuous mode
[ 1732.286295][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.294557][  T304] device bridge_slave_1 left promiscuous mode
[ 1732.300748][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1732.308191][  T304] device bridge_slave_0 left promiscuous mode
[ 1732.314319][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.322708][  T304] device veth1_macvtap left promiscuous mode
[ 1732.328758][  T304] device veth0_vlan left promiscuous mode
[ 1732.334855][  T304] device veth1_macvtap left promiscuous mode
[ 1732.340921][  T304] device veth0_vlan left promiscuous mode
[ 1732.346989][  T304] device veth1_macvtap left promiscuous mode
[ 1732.353042][  T304] device veth0_vlan left promiscuous mode