last executing test programs:

11.680694752s ago: executing program 4 (id=1981):
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x7c, 0x5, 0x6, 0xdd5, 0x1, 0x4})
close(0xffffffffffffffff)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x1200008, &(0x7f0000000400)=ANY=[])
read$FUSE(r1, &(0x7f000000c3c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000002c0)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x102080}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000061c0)="c0f61a5fb77193bea0c6599de09cf570067192ff7d5bf191681878eb121895cd4c4052feb0a5196b61ab6e28d35aec54bb2aee6802a27f50c4e8f36a2b1bb12d93dbcd320ed338fd1a8ed43a2dcb2bf11c773ae982800321c7dcd67fa8930472eee2990090cc2a92f3373d898573a2cd1712c18ea624e82422c96f0d8895bfc4541911ff3662cd28fd55d795d1a5f31c92defbed88d48db688f899fe88997b057ce3e898eaf9eb2e76a59c1d2c10610768b3296595221c2b063ca2aa664fa0a5456c4e2bcddc7f856e2e29ce1b8852997a4d24f918408bfa9969074de495dd4cc9591e48287d78a2b3e0de09b48eb5b6bf78c6afd134b09770c164000d1f300c92877afe8be5d381c38da3b5fb9bd540c2f43c7dd2ec8dcff2af3517ba839c827866d10608964445bdead091df1264f5591e91d2f31b2015dff1b3b7ff0a5dc8b15748278849ddf4389ca7112ec1ca45957e2809b3d763e336f7051ac4e832ec61d1b95b9266565293806933dd8e3b65eaa1b4fe7946056703426674379ccec7abff1c459b91248f3a1d9e8103ae395aa86dd4235a5c16d9bd12dcb1ea9565a7c3d58d247a51db6d9077ecf47152d0733d79a5c449480c40b1cf8e115df4de3404b73ad06ac4c0d03f3b51d1b89b05ded082a5db1f5fbd8d351015b93862b2cc0995fb318609237e404e8d78d8982af761c27ad1fbc8f4693194c5e6b99edcb7a6e9dd261a386d8ed4420a7c12cbdcc86ab19f4e7a6c0c9b80fa3f0549ae57b38a93f669a87584b81e56211b34263db87c2d244e422878aa93e2c24260c71d06f75da33079b48b7072859669c128ba03d1487336a4a04167f2a3fa928d002c8b3cafdedf7a479604aa8f94e6b7ba58395df3d136b783f7be6b0b6b7b4b735c88a53da064a493b16713726b39ce23f08af19a671fe81be1e9772d87ca9cb5dccc35759fe3f7935a3167924d0a7d1586821ffebe0fa57e72a24967f7958875c4bf56d779369074db0077ee58138400c2f646c645e0f453e9e39aaf48da67775f59f8e282db3dec88bbe20ca6e65e2c7e44ab0583840513bfab76d94d1512549ea6db4a5a64cbe6f76b0ecdb2f1f71aa6446bcf4f7249366474cb77ed70ccb2702134b9dc6c2bfaf27ac9a9c85b8d9c48d100ae8c0eaa34701d2125a405b1117307119b754ccbbbcb2c8b71eb76d1157ddc7fbe0c75652a4cfc31d785a489f2344d8b4c47ff1b772104f49658f62d6241ef7f782db0cc071788b3dfa74e69533cd0a02ffadacdfbc8b5a83b9d4b8db068b5a7370f947fc4a99158c6296a442beba2e23ac1ef68c50f19851f3fb68b67fb714a5e7e53bb5a7690286cac12f2b002e854d8595075fbd00622b29bd423c3dbaf600ad6f37c96dcde43de6290b053c76df5620ce17118e2230039304c88a0d207c7cd05dd3854c545cdbebe907cc4d3411a382afed5e080502363cebe68e2c8dc1f800ea4add827a83a9cdf0fe6d54eabfca5a0ba370a06a4af1c49a60cd19141a4d994fbcce888278ade6300bd40685267fcdf1317cdb3b06cae9e7d9edb08d5c98b6d7115c025fcc05058a515adcc23c65ce526aed3b8203f3c54986f65ba9ffe2a9bc26b2813a1fe339ba2a58515cb8375e2d62550bf35dfd4fbdb75a70bb9fdc47d3d0346a65b986b7efd12aab760124b6888480b341b16ef2fea93fe2fbdeb55706690aa2c02bd80b1ccb7b8f23720283df89b515e2020bc5364cc4aea5fdc250f10d46db93c128e2de7477f4c80ec016f7a872efdef50ae1730b3a1deb8085d82f4fd53015a518803cd02646c087d67b0fd7092852dd81ac93ca60346f23fd847cf7c4883cab81af956342da21fb399b69e1988d89f9693b0630fa8cc95714285940d20eda153f8f7b01e6b2b892327b5d1e754a36a3430c5c22c3b841357eb80e526d7792a8ab9c4b1d23d82e31f23ef38580c2b33ca72424fbfbbf237f315cf2e5d134783982cad204be087ef58da96c6bc5da2dc4bc78f293eed56157a10848c0a956de15b83daacede9ae1c54731149f9ce7231cd84e14f128f87361e1fc0cdb2940766f39c93b9ddc74bba0a32548cddb1ae20981576de2ef8a772b04ed90900b2da11ffc70bbdb7091b8b8ed600dc0c9d236277afd9bb97b035f3b8fc95ef3f30c056b67a195c5c9f44c0f2ca4debba0d6d8779903e8e34fdd6b766fbba6b57e722ad9a852dbbeca8eb9acb9929bdcb4d4fa57d54ef1c1a0fdc032a898d3334f5671c7df82361b7d616c1f87e23f7adf043edda83458051f073f2562904ed25ad9a7129f3c14286007c9e4c81ea56c6a7289d8e58782d949a19a2642dc89d107fb465d0a98128250e66eedd93cf063963b7f7a0e1d3b9f1dd212cc9edd662af45852dbbaec84c69a640be115a239b5abd46d990fa007988f6be78a8c1e426091ecb33822529f7fddfb34d9304466ea06bb546a34735021e98674ae4a5f5c0b4f153ad5434b81c6343c42ae79224fe5abfe8b9e6fba38164c3c318500c130323b2f9bbcdf6aceb664e10483e2084defa744cd745e565ac5a8b5c30166330dd95e70f2a072a5cf5462635f7e0a4f455bcb607426aede9fa06d708c7c0daaafe2b84896134ab3b379c6690c9049903156232e5b7ca9529d602968f1e1f7a73214aaf4a9575dd5147e5bef8f05907267580abdb728cf32f6845cdf3bc779451669e4972e0b787afac5a36bacc3c1bcce125e91e4bf9810d91d1f1a3d8316328dd2626040af09892f1241c6645537ebfbeb752afba5e8171f487edba97aa92404973d4e8d09254abd2b70bdadd9b98fa3c33355295a5c474e9b2f017a6636233a382e8ef4e73506880e2a588bf257b6bb11e57cd9e75e45ef609ba583f3a6b1f2f94c7a0443dc0a8906a13e0188b61550cd296e4c63faf45bf7aed852f68ffed377302da3f73d89e4274a64667636bf00e8e4408a8407e098aeeed98e545b9aef40896c8070a76aaa0042162979ec0b7b69b4ee701100d66d3e7d25a48c59989424522889b32e4f18676475782e86d652d2eb836c326b46b8544bb755eeb14727e5ca25875f7b9ae1c113068be55a1521cb4edefef34a7a4cabc3639e456c94f01d78c059c441ce2c468e7b39b56555ad5cd6a14df8e3518e4e1970fbd6f586ce46c51c4d9ad20c3f7f5048c071994e807f19b7176290a82406dd0ad3f0b64350bbce79b223f27ed99f819def43a33696c0739e09030460a5a5d04d251adfbde1af7a485894d3d30c79d49796a9a5e077aeddba1303f3e3a3187298c88da70885e2a9dc966eb69a6439e2d3b1934ae6e8ea328497d87a9dbbddbdbf12b0c582ca4ffe1f25cdcf89a6ccdb31880776ab808b4f050ae02adf70f64c73ab2a3b1c4da69950ab4f7bcf9cc22f81b99694a7783b792facd8197904c12d3776de5184afa143ee23eee82aab2ac79b25503e0692f3463e5c363e0b4b5f31af82898009f7da13d4f249a70de40314c003e7e59dfb233bc44d0316df3e45af806d216ca76a58417ff8abcdf7cfea2da8868c496cdec8f47c451ccdc8908c5e8c1039b6bfa8751637c29fdd9b7dc76279dea5ad7455af4db3394a34cb9be8b9bf1105862108f920c44d029c3372e77c44a25d06cba956da65ee40abe32b8b557e123fddaa87b4ed5ab3485eb11f13c61072720d4adbb937c336f2b60525933b6d49e7c6751f0769377bdcef02abe63639b17a6780a4afccc8067403aeea42726f253ec97994dcf55358e6faa3e622344dfc613f8be96714d5c49633d7b74b9a72883985782ea8691d26da620d905f3583adbd9d527d93f1ce623bcf70d98a0455ff80fb1d472c6fc6bf0390e81b8d755b196e94fb73bcc883f5f310043c5138c95c5d7079c24d5bc5876b422f46a2bb17aee407bf7a55dbbdb253e2865c1b91839737c37142a8fe8bdbc0a7bf89a392da717a5ed87af754052b1d0a1a37313b00cf3b4aad91ce7fa7777b1851121a63e374865b238ddf9a7ebd20641a719c68682b97e3c5126e732800c04cdb627bd415efbb7e5e19917bf4bd53f072b7ec2eaa0128b56e069a32e9f729718fa4a7212ab0fd1e5d3582a5723a704d84a88c235b44812849301ee8155cea471028beea1918cb1f4118728718674cca9dcc58bafcdb9379c57e9333ab348b30a801aa2f5c05c3107e52613cf0f591781ddb5e1e4844633057a26bb3179c31b5664db4bb8c6d762c7b9886317ab6e9e301de67f12085547ad2a20d1d63d361c2bcd66be2e25fe104f8b53b7cf89d90d456f063da31f60078b760ce340f9c9a8e8da113b6c6e3c53e666488d75ab209dbe31ecb531553f17446a29edc465ed22aee2d4c013ee8a4d935c0cd92bcba9e5a56a6c19ac114d12db58bcf5f931a7b282404af34fee464f4c28e16dab834de98dd57b107e45fa66b26c32fd94e848aef6e4a2a65fd4fbead1b1d445d6c343bf50d785e664220371e27566646e284c6a3b07c14c0c5b84b5cd1a01a84d655f8dd72ab8e3d0c48e67596f605cd4a50b5fde9b182792d7ee8ee457eb6666aadea80563b4d176933cc482f75cb98a8dde4a414041187cfb2abe3e5077f23c98bafd0afb8b023e0cb26efc1488dd98a51a19dc93412b5fd91c4e06439b6d2d20a174989f860de6b1be55923a11e5893d30fae74a625f777ef9362e64b529c964b5c0b5817a579a647ded28582c45f965e52e1f76084267c73f8fce8037b22c2496ee6674f56056d9c691eab831c831a27fccd90f961e949a51c90a80b677d11e70d01744f9632cc26b7e6476b8c92a688ec8e1280ea8b795eae7ee61e2735045b9ea516af752b35388a6c3ed98cfbc4e74c8d0717dc31eac87b6a9c06f0d4f412e8e1155ce48cec6d9c106f3013329596a2d43ffe7f942cb7b7449f38620a8a9e5138b5d5d03c8a563446e4dfb1905d841f7a350d6c67d85652297db21b3dd3291b795c90276ccc50eaf513f3ff9480b3d2c0096e92c93cbbea680833cfa630d72c4f5a21ef0f81910b8a5ef77d62175d3abf5b3417cce43e3c53bb84ee1f5e354b2d79c2b46e3bdb2ffb15420e7a28c800c2591cd331d71c645a6b1bc43f06703164c05f61b4abc0fecbaee510def6340c2bbcc32248655e9161c3e6f01520bb0c53be04c3a3ef4a2dc401663f6719ac758aa297f65d1681652e4ad042d754b054df9cede3ffef7ad2f52184ea6d93d6867cc262b0a413da11c02d0c7c49a663319333d8b29d56cbf630e66b6683ff7f3b1ce5c481d37151626eae761adb77642f802bf0f663f3c322ee17cf01a09f058dbf82d04bdd7c48f34f54392d1dd489891ce28373ae980f74897fe3f90db2a9ccdbe56160fd2517adbc953e88c5fa8981456b87ab9f122321816e0df119f6f6c505f0dcab1c8e6a7f4109055dd80001dd90ea984b80f0b0766bd9772d96ed42d95f219b4a8420d7cf04f28475d7f5d8a8a07b0930c40d0dfc2592f8f54e90a80e0a98d3055f4660b1530565c7f2d91d7d96142da19d644aa7c512e24f83e8305970f9d3fc3b9382ad141f63f2d5b265b7cda258119ca4f553fab11f2fd925a7a24c4021045073d867bb089ca7bcb702bcedbc28781e408cf8bd43498f8661a320d28c95c1fc42635c9e4c4de8787afc70bf5c8bf75e0a2937a9ca2b08c15453f24211168c7fb2a24218fc3f04160c2daaa46ef7fb710606a53228e134f20511169034cec55e77037a108060b8fd10ab9ae228d9ee4d5ab1380cfcb8611e6c9d5dc143db2bc856d967b0b9d0187ba8483f7adbd1092562b2b16420baa5ab6c1f7c02ae56f013e752d9f41df4b4f0b008bc25ff58f816e50bdce308e219068bc898a21f1dd26d7fe7760459629f3615bcf7582c87d296f041fb005a72c7ef4013ccd8ca3bea85db90ae6349f101adb9235dd343be423816b37db2661dde2b9db33800da7599e8a9194fcf06755e2659670c62aba1d5a01172a416a0296bade0b32e69b0ee60dd6cd1eecca4335eb0416df6ded75049a14660276df47bb4f224e087235742e90ddf6f57827a0cf26d71b9338f2ff5166bea85a7639de6ac97ec829a7d071fac1f4b27c6c23e952adb5536b45a68e75c1c1a6d44508be6f4b87c5bb880a6baad5faecd1fd6730783d8729c2d89b23a3f2f9b79b78f7fcb70a7812607b25b17ae857e65f205ad5dd87a34e52c6e9611f588236bdc59d816f277aa8cd4a19750461d3e82c8621181b803900d1df439babcf4909168d4125a7c962ceac2f834d79460f17f92f415a85ad7e12da4b76105bceb4641fc87da7797fee092828f6e9e42631fd5c87046ebe5c4044663a31a1b39a6f6a53ee2b7fbc3eede57619535b1011c10d2d5a97c781c44bb6e493287528bc5281496f1aee3c746e09aeef0b2d38bdd33e37446c1f7516767ecbe298b78ef8e03336a08a1a9e62805140573b034459a445240aff04593539aa97056957f3dec9c43e50a1bce1b9c8e860940e03ae39e8f76fb80ae746f7fa4ed0b050c9e08a788e666e9f18bc8e83c64ee3ea04eb9f1c1dd92b3be73d18cc53bca76ba4688b48c13982ae6d25fdd9b5b85612d5b706c9b9d7c6cca91141313356f0d7b859da0de669fb52a829014a0fdde51df658303ce085222a42ad624ee6c659ec94e0d0713b2d3c3becb53c6f76d30530e6129943e20361a7c9f7847f79cb871d866b5277eecc8c1626fe2719c9cf872c0fc78a98e6ca998555721e9abd5bf9e2d1848016e0bd3202c44575c688837136e71e85765d677e0f2b081707a4e7e22bef50b9280a1a5ea549022ef2a9fed989f156198975302608dffd03f8f1186a12585d4670ce868f0c96be37416b9132144f65c9abe8b00894d7a7e6d0a8554e09139ec2a0eb6d4f00c637684602c106257f5abe816e068e0f6f3e94a916ff41e23b6baa4876931209a6b0bce1f6fa8d1965665d3dc42e5c6b011bdb5144fa5fe4879779ac9dffe0843cf49806ecbb615b818e54c6dfe4d12ccae5b12b0ce87909c1e852e8d7587d1ee24c2575af61eb0b667c37b6d15b88121974598ac23cbc66503f95cf01a7a1e217f0712c4cc4e5fc22e83e3aa375eda531a73828eba91223d7de1194af730bbf2c1ed5ec47ecdf465b1794971010ff8c8771c488a1d3f98292b5d2ea9625e52589aaf7212fcdddcc0f1681b785911fcc64a6427358e4307a3d8bc583dd635ba5c41eeae96e0b6bc5236a1f539d291e568d5a0aee25ffbaa73d0cb84bf558cbf6d04b16ef7e97617b42d07100d82fda6f75dcade611e459bdb4773bf2b70e90a8add2bfe6ea6d3a4427940fef6c81931762dbea6678fc63e50c4430227b15cf184dbae4c3b2d8096292c17f701c560ac7cb33efe7d79d0c2a3c0c06e22d4e84e9e959697879f0d27df460046fc20394655cfa19793256cd9074f1c5f8ef530af537164e0e43184f921d56094fa7c7744af35821a5833c9b9d56fcf525a39fc795cf33f14705d0c7087c081bf11ad29e4d6c8f6cbbb3a0d873262b89cfc54d4cec42c3e13a5ba604df942bf8b4eef7cdae1c0e2970edb7ea6437618e6f8312a745ca8bbf0c42df103f42c824ab4e77e8b118e2b9a84568ed3d4aa3800011d02be29c032192719635a1c6c28315b27368f6ffe852bbd661c351cbfbf97b1b36d52371a4ce57e5eb6e4b13cd01b022de1770a5b1cab0fe548092a16e04de76fb8d29d69a1c55f8aa11b34bd6f018d283a9a7c0338b8c1900e21c0054616ade6b56d0fe3379f1a8dec38b85fa8e74e9bb5df4287d037f77bad30de89ea87b03d40c3a1618db1073c07032f6d22f8a264cbf0c1113689308a2fcd7299603a64f884cb03f8c5f0e61e4981d2baac3d50975cb917b815efe2f7eda88f1cef1f34997f0819a92051c1d9eac3ef05de25a2b4d5f65619b4ea377180c541f2afbfa5c8fdae59f8e3a7635d2b30c4c759c32e570b8d9ec03b4aab65503e81e545dd41f593615cfedcf009424ae4854de3a9111115cb254608bc2666b18c85698ac193a9799f1a1f6098288b42dd2684db37e0d3b023ac9b417263b1566acd6d951df147e83db8e909b39bb6a1aa3fcc1c1a20795521b84e0884254b2524ebf0321e5709e7a79f2d62309247b7b24ec71553a9ab9daccacac1a8bd6019b7703c0ed468379640ac6e764ededb2fefaa2f88e15fc97ec6f16007f540cd7a57c7726f4aa9ff6640cc7f5d71a6c12048f98a9071ffd594f17e42e7336ab6d0fd429328df1238e5eb4ebe4f9d8ef01fbcfe8f53eb3f6defd4c7cb40b3772ea2f2130b655d2ad3643977cafa991bbc6aa2aaa2879a3c2d1dace3ec034beb3d06f0a09429b3fd1ac06870dde4ab97b7d5d7ff1394577a6bea7a3a53ca883a16c98d574ddad00de5dfe9f75369be7686a4badf44f4d9b110846b6ffca67f63973186433f6bc3691b580cdc689c159064c55a974fb849f56fd2f9cbe4738e0a1a8a764467dc1d3723278ee1ea573fad98a5318104218d359d89579614592fa6ae7cc4720e6ed71706fdc4c707b03ff77454daf4505700f249aea0abc909763416d44a069a6d605118ac0c20a325577fe1d8af053673fc72e489d24405281f01b4e2e05e4fa14e68a53294e4b5d201c146ff994cfb7a776ad80828732ee647092c20fe46d917142880318136557c47ff7e31d26f35f407c1e6d4254aae442b233b89dd4c0adcfc92b0f821a5a9dce95a24bed9bb5cd17a5b59d3e82086cdd7a3755064e4de22d8f0f973f4235aa58c6214dab89325638d94d3dc25f3ac4d912ff74be6ad8ef49aa2becede5453a409cc8ed8065dacf28a1a7498f6dd07a3478af093574fdd2d0a4f98d12fe898e47cd0550f1fc42810ed2e4cfe5cc4faa67d965f252aab1bd5c536bf2c936706bc71aae98b93494d364faac72a9a60188a23f15ddf1238896e4848da876789b57ca53cd5b1041612a49de9a64a545a39375aa2a516c4af4744daf65a9c28ffb635ba56b96731b763934afa0651fd6fb65e9f71eb0e6fd54bcfd2bf0118b486e97db512290bdb1dcfca76ed974722e13e5acd0569d5f944de70adf728379094981ffaec43848367ec8cdcc227b266649ced47a03b22016ce42be3a33135229670244cc7b3325ee448c95236d0de4bbf641e1cbb0516edb3f8829e60f91d43f0fe45595d8a99e699252930c7b05ba2ba679f8f46c38f789a7750ffa4eaed19c4c1a33aff60c8926ae42497662a130b83b3211e9399e2565d9f082ec30e26e5b02ea91cf43b0a046f9fe596e5bb2a9c800d761008dc7fced2a510af6b02d3f702fc3e1a98c6a87661f0d353b81bc4435c0d4376cfc74c057bf23febb101252c4eb168d4e347e697c8d0c48a687fb2224d58e5dc68c38de930164aba51e7cb19051fe64603c6b602c02c5cc22c6da1c47d906fa1cbf67312658b201b8f89a377d61695daaeee18eb2fb8caf38280fa8b95cca721afdf33d2c3092af57204bca72c46aeae9e9fc46f0ce76b96bbbb59a8517cb72d68f8b189280b6ce1e2686204913bac1d9aecd77623b7f05475352e57f245197894d767e5f17611bbf1bfe2015c9750e9b3f5ad4ad57be1ac4988c30d90829946b05fc5bd709dbd2590da2e3666294f83336e52758bc12c9d02af342a91fdcfc9144021a783643a9845a4898ee03417329ee0e2dd7bd53f3b23f3f9a10ea643b91b3c2df8438efb22fc894bbcdc408a13dbded7002d9cef6e38bf6dfa16f52f0f24087281a3ae95fb4995131938f9ca80c5f466c7367665e5717c823b318f43e7a3e2e8fe9c2e74959ca3d53b79fa45ac778d0a99351a1919b1c9ddfda10d61487fc5a2b8227493b14e2ea9fa41db870deb1700eb46665424fbc3f21c5d7ad61089ad0f99aadcca2a97d46fd091cf21d95674c3cf48f2724a89299b5342ebf8b18770e61c449455f77cacc5b2e0123005cc296acfc28e42e3d3b426469e39def114d6071a3f015f94dd8eab597dc4cf6109f2aeba0639ffe3f66f15ddaa74460a884a5c067e1e6f8d961ff32518e7571d53ae36badcaca50258a15743e67fb35e062e697d44ccd4e416010dbe62a1d13319d3ce88dc7826514d0f84cf7ffd5f1dbdbe3534af35bba26c5f951e18b012234a3e1cd22199358ba66421a326af09d36d45c3497c4725c0e8557395376fa9dcbe4c595aef7f822cb160e72138cd610563c382769b64f5da2ae6f62cbf09d24490565d7b88f6fefc30f050e74327b7efc168f040f18110a61cc6ecf73c43c0e9e73fafcfc6079ee68839a8ed710160fdcfd987394a790e01c42c916169e8c6a7af905c15d51f87e88877386b8f8743efe4fffc2dc8fd73b4e8905b428d4cd87d90e93513f19a981b5037370cd634f23859cb7bd6b5632bd25c6873b7195691e0f76fb07fce6e72d4b2b467e57a325febf4bb842820fe6896b23aa2a3eb37697753a3693ee936692e6cd91eae410bf89192df913f2689adc73b7b35eaf8bf80928c0023b105cbd2be51a08a371be88926636bd590466c218b203fe311d73dd1a8b440133f1ebb8249b4e1f6723b7b18b508dc34acd9da927ea60d2dc361c2d14cd43ad3b0137ac32e8988d11d11de19065d02e8012a2ee24891541989d11da87de4383036b757769222af022e86803b64ccd03e4bfe3a9d3b8a5d6522d7b6ade88aca72bc436382cfcba22a426ecb21366d42588e9a68c0d61722617a4706852ef6e5eb42842d127f88dabcb8cd635d621a9082efe0cbb52fffb017c8cbf80e48ad1d8ac4c927bda50be7bbb6a302081951dd7c05142465ef8188774807ba482c155f7b56b663d24c4ad88140ddba388e4d6abda83048db46ad18328c63006d02844189a769167d94265148e06f3eca08dcd81691df655968de44c5931e62f5dcc4aa16b24ceb6e7a2c8783d9918a9be7c72dcd57fbf39f985ac29069241cbe3298d7651124f03bef8e2adcadb0c0e08efb096f72e5df2d3f8e2ea6f9cd2401533469e5099a6faa98acc2f73028eae115b3a771bc7ddd186ee7a634398e206ce9b1262b1dbb80575eac718eade048bc01ac1d410e21393dada6c1ced94c411fc19ccacdd175996501d66819b491fef65697f736ecc3a4c32f3675d1f90c8e4d44a1ba6048e77fa24d6998ad88da3cf5de223446d53dd72981c19d5915af69b9a7b9bdf35114ac1cee66b9f3f6df4b9a2d2c017d44443a28badca61b1e8db627d967827ebf32c8642b7de41508c15538b6cdf0284f1a94e8d9fcaa086236f11fb1689d57d500423a0c1d362a4fd57e5efa8858c237a0b58210b4df2b6f10fb01ff8b305cb69e65120c716970e1752cae51022a068b9ac2b7775ac415c56d31536c9f1eca654ec89d7ed00855b2d2564a74bf1a0a3b75cbeadad89fd4ce7e0a83a565c6d69077f026dd40ee186fb496d575c5f5d2f4f84e0efd6bca34f070b185903c7fcd6478f467b73687dee0b765477cc474cbe7f067d1f655efe1fac24a6cda9ed82dee343a36f5ce3894587937f31a14dff66e8384bb3c9adebb753f782570a894e09a38c096f523fbdfb7e0c09026fa023c8dc9e5822410d8343afd647a91130744017166a9b195996ee871eb284279fa725f7af7f853eb85bce100cfade5d458c4e166c839e4c1a86", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
pivot_root(0x0, &(0x7f00000000c0)='./file0\x00')
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x20000023896)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TCSETSF(r5, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "7a58beca39ed2d5a99bbc4bff0ebd3e9bd5a8e"})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='devices.list\x00', 0x0, 0x0)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r8, 0xc0045520, &(0x7f0000000040)=""/112)
fchdir(r0)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

11.114970756s ago: executing program 4 (id=1987):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
syz_io_uring_setup(0x6d0c, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000000c0), &(0x7f0000000140))
syz_io_uring_setup(0x1866, &(0x7f00000003c0), &(0x7f0000000040), &(0x7f0000000100))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="02c8002d0029000100040d1300000000000409000000000000000000020200000a060300"], 0x32)
capset(&(0x7f00000002c0)={0x19980330}, &(0x7f0000000300))
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x5f, 0x0, 0x419}}}, 0x7)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfffffffb})
bind$alg(0xffffffffffffffff, 0x0, 0x0)
eventfd(0xee)
socket$nl_xfrm(0x10, 0x3, 0x6)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvlan0\x00'})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000900)={'filter\x00', 0x104, 0x4, 0x3f0, 0x1f8, 0x110, 0x1f8, 0x308, 0x308, 0x308, 0x7fffffe, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @broadcast, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'rose0\x00', 'ipvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @mac=@dev, @multicast1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x1, @time})
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0xc0a85320, &(0x7f0000000900)={{0x80}})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0xc08c5335, &(0x7f0000000180))
tkill(r1, 0x7)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
remap_file_pages(&(0x7f00003e4000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r4, 0x0, 0x10, &(0x7f0000000140)="170000000200020000ffbe8c5ee17688a2003c000202000afdff02a257fc5ad90a00bb6a880000d6c9db0000db00000200df0180060000ebfc0607bd0200100ac45761547a681f009cee4a5acba400001f02ec194a29efec199ee9b700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000003315d3bab0840024f0298e9e905390603000000007f71174ab498a30b3e5a0b47b63a6323ded2aa084cd36276a3afff00000000000000", 0xb8)

10.55808056s ago: executing program 2 (id=1990):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f00000006c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xbc}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

9.751881907s ago: executing program 3 (id=1992):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000a40)='i', 0x1}, {&(0x7f0000001200)="a68d4a0af973f288cfd1d0a139c2e9b3ae7bc4aba493b7d6c9ba81b97b3e00"/46, 0x2e}], 0x2}, 0x0)

9.533949827s ago: executing program 2 (id=1993):
unshare(0x600)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000210c0), 0x2, 0x0)
ioctl$VHOST_GET_FEATURES(r0, 0x4008af25, &(0x7f0000000140))

9.351872519s ago: executing program 3 (id=1995):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_SEND_PRIO(r1, 0x6b, 0x3, &(0x7f0000000640), 0x4)

9.319615563s ago: executing program 4 (id=1997):
syz_mount_image$jfs(&(0x7f0000005d00), &(0x7f0000005d40)='./file0\x00', 0x0, &(0x7f0000005d80), 0x1, 0x5ce8, &(0x7f0000005dc0)="$eJzs3U1vHVcZB/Dnvvj6pbSNKlSFiEWaQmkpzXsC5a0pCxawAAllTSLXrQIpoMQgWlnElReIFV8BNt2w6FfgA/QzID4AkWxWXVAGjX1OMh5f5zokvnPt8/tJzswz547vmfw9nns9M/cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/+uHPLvQi4sbv0oITEV+IQUQ/YrGuT0c9cy0/fhgRJ2O7OV6MiMF8RL3+9j/PR1yOiE+fi9jcWluuF188YD+unF+98/mPf/CPP/554+Qv3vn5x+32n37x0id/uhdx4idvfvL5vaez7QAAAFCKqqqqXnqbfyq9v+933SkAYCry8b9K8nK1Wq1Wq9XHr26qxrvXLCJivblO/ZrB6XgAOGLW47Ouu0CH5F+0YUQ803UngJnW67oDHIrNrbXlXsq31zwenN5pz9eC7Mp/vffg/o79ppO0rzGZ1s/XRgzihX36szilPsySnH+/nf+NnfZRetxh5z8t++U/2rn1qTg5/0E7/5bjk39/bP6lyvkPHyv/gfwBAAAAAGCG5b//n+j4/O/8k2/KgTzq/O/pKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/7y3MNl+30WW738ei/i2dbjgcKkm2WWuu4HAAAAAAAAAAAAAJRkuHMN7/VexFxEPLu0VFVV/dXUrh/Xk65/1JW+/VCyrn/JAwDAjk+fa93L34tYiIjr6bP+5paWlqpqYXGpWqoW5/Pr2dH8QrXYeF+bp/Wy+dEBXhAPR1X9zRYa6zVNer88qb39/ernGlWDA3RsOjoMHAAiYudotOmIdMxU1fPR9ascjgb7//Fj/+cguv45BQAAAA5fVVVVL32c96l0zr/fdacAgKnIx//2eQG1Wq1Wq9XHr26qxrvXLCJivblO/ZrBcPwAcMSsx2ddd4EOyb9ow4g42XUngJnW67oDHIrNrbXlXsq31zwepPHd87Ugu/Jf722vl9cfN52kfY3JtH6+NmIQL+zTnxen1IdZkvPvt/O/sdM+So877PynZb/86+080UF/upbzH7Tzbzk++ffH5l+qnP/wsfIfyB8AAAAAAGZY/vv/Ced/8yYDAAAAAAAAwJGzubW2nO97zef/vzzmce7/PJ5y/j35Fynn32/n37ogZ9CYv//2w/z/vbW2/PHqv76UpzOf/9xgVD/3XK8/GKZrfqq5d+NW3I6VOL/n8cNd7Rf2tM/tar84of3SnvZR3b6Y28/Gcvw6bsc7D9rnJ1wYtTChvZrQnvMf2P+LlPMfNr7q/JdSe681rd3/qL9nv29Oxz3Ptb/955W9e9f0bcTgwbY11dt3poP+bP+fPDOK395duXP29zdXV+9ciDTZtfRipMlTlvOfS185/1df3mnPv/eb++v9j0aPnf+s2Ijhvvm/3Jivt/e1KfetCzn/UfrK+ecj0Pj9/yjnv//+/3oH/QEAAAAAAAAAAAAAAIBHqapq+xbRaxFxNd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49f3VSN91aziIi/N9epXzP8Ydw3AwBm2X8j4p9dd4LOyL9g+fP+6ulXuu4MMFV3P/jwlzdv3165c7frngAAAAAAAAAA/688/ufpxvjP29cBtcaN3jX+69tx+siO/9kfDbbHOk8b9FI8evzvM/Ho8b+HE55vbkL7aEL7/IT2hQntY2/0aMj5v5QyzvmfShtW0vivr3bQn67l/M+ksZ5z/l9rPa6Zf/XXo5x/f1f+51bf/825ux98+Mat92++t/Leyq8unL96+dKVy5euXDn37q3bK+d3/u2wx4cr55/HvnYdaFly/jlz+Zcl5//VVMu/LDn/V1It/7Lk/PPrPfmXJeef3/vIvyw5/9dSLf+y5Py/nmr5lyXn/3qq5V+WnP83Ui3/suT830i1/MuS8z+bavmXJed/LtXyL0vOP5/hkn9Zcv75ygb5lyXnfzHV8i9Lzv9SquVflpz/5VTLvyw5/yupln9Zcv5XUy3/suT8v5lq+Zcl5/+tVMu/LDn/N1Mt/7Lk/L+davmXJef/nVTLvyw5/++mWv5lyfl/L9XyL0vO//upln9Zcv5vpVr+ZXn4+f9mzJgxk2e6/s0EAAAAAAAAAAAAALRN43LirrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO/cWI2d53w/83ZO9NgT8D2figG1OBhZ21ydwiMEkIX9KeqAkpE1Lahx7bZz4VO8up6KyKbQlClKR2gt60TSJ0ihSW4GqSE0lGiE1UnvXXDXiJmqlXPgCKgcllVIFtnpnnufxzOx63jVmYOZ9Pp8I/+ydd2aeeeeZ2f1u9B0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAVhs/PvOnQ0VRlP81/lhXFOeXf19T7C7/ubDj/V4hAAAAcK7eavz5dxemL+xewZVajvnXq/79u4uLi4vFF948+fafLy6mCzYUxcjqomhcFv3bL36+2HpM8EwxPjTc8u/hirsfqbh8tOLysYrLV1Vcvrri8vGKy5ecgCXWNH8f07ixaxt/Xdc8pcXFxVjjsmuXudYzQ6uHh+PvchqGGtdZHDtQHCoOFzPF1JLrDDX+VxSvbCzv694i3tdwy32tL4ri1E+f2hfXMBTO8bVF2501tD53b9xdbHjzp0/t+/bc61csNytPw5KVFsXmTeU6ny2K07+uKoaK1emcxHUOt6xz/TLrHGlb51DjeuXfO9d5aoXrjI97PKzzh13WuT587fFriqJYKM54TKdniuFibce9pvM93twR5W2UT+UHi9Gz2icbV7BPyuv85Jr2fdK5J+P53xjOyegZ1tD6dLzx5VVLzvs73Sflo+6HvVre9v3lnY6Pt/5qtW2vlsc8dd2Z98Cyz90yeyDt5ZY9sKlqDwyvGmnsgeHTa97Utgeml1xnuBhq3NfJ67rvgcm5I8cnZ5948pZDR/YenDk4c3R6ase2rdu3bd2+ffLAocMzU80/z+6UDpC1xXDag5vCe03cgzd0HNu6JRe/8e69Dsb75HVQPvbPXF8u6Pzh4gx7vDzm2c3n/jpI3/dbXgejLa+DZd9Tl3kdjK7gdVAec2rzyr5njrb8t9waevVeuK5lD7yf3w/L+3zoxjO/F64P63ruprP9fjiyZA/EhzUUXnvlV9LPe+O3h/OydF9cWV5w3qpifnbmxK2P752bOzFdhPGeuKjluercL2tbHlOxZL8Mn/V+2f23v7z+ymW+vi6cq/Gbuz9X5THbJro/V4139+XPZ9tXtxRhvMve6/O53Hez8nymLNHlfJbHPHvLuf8smHJJy/vfWNX738jYaPP9bySdjbG297+lT81IY2VFceqWlb3/jYX/3uv3v4v75P2vPFcP3dp9D5THPDd5tntgtOv73zVhDoX13BgSw3hL7n+7cflCc5u2PJeV+2Z0dCzsm9F4j+37ZuuS65S3Vt735ql3tm82X9P+XLX93FLDfVOeq7+Y6r5vymNenT7394418a8t7x2rqvbA2Miqcr1jaRM03+8W18Q9cGuxrzhWHC72p+uUz3J5XxNbVrYHVoX/3uv3jsv7ZA+U5+rFLd33QHnMD7a+uz87bQ5fSce0/OzU+fuFM2X+K0dP317naXu3M3+5zk9s6/67ofKY17edbc7ofp5uDl85b5nz1Pn6OdOe3l+8N+fp8rDOw9u7/26qPObiHSvcT7uLonht+rXG77vC73f/Yf4/vtv2e9/lfqf82vRr900+8KOzWT8AAO/c240/F1Y1f9Zs+X+sV/L//wMAAAADIeb+4TAT+R8AAABqI+b+kTAT+R8AAABqI+b+0TCTTPL/I7fvfOmtp4v0aYCLQbw8nob772weFzveC+HfGxZPK7/+sW+NvfSVp1d238NFUfzyvg8te/wjd8Z1NR2P6/xI+9eXuPzqFd3/ww+ePq718xNO7Wzefnw8K90Gsav8yuSWxu1ueGK6MV+9r2jMBxaee6Z5+81/x+NPbm0e/1fhQ0t2Hxhqu/7msJ5rw9wQPlPm/t2nz0M54/VeWn/Vv1z02dP3F683tOmCxsN88Q+btxs/I+qFi5rHx8d9pvX/81e/81J5/OPXLb/+p4eXX//JcLs/CfMXu5rHt57zr7Ss/4/D+uP9xevd+s3vL7v+ly9rHv9y2BdfD7Nz/Xf/2YffWu75ivez+47m9eL9T/3Ptsb14u3F2+9c//jT023no/P2X32zeTu7Hv3ZSOvx8evxfqKH72jf30Ph+W3rkRdF8Z0/KdrOc/HR5vX+qWP98faO37H8+m/uWOfxoasb1z/9eNa1Pa6v/c2WZR9vXM/uv1/X9nheuCecvzcnf1De7skHwn4Ml//vD5u31/lZpi/f0/5+E4//+rrm6zbe3mTH+l/oWP/C1eW5q17/vW821//yXavb1r/7k2E/3ducVes/+NcXtl3/G99uPh8nHps4emx2/tD+lrPa+jpePb5m7Xnnf+CCC8N7aee/9xybe2TmxIapDVNFsWEAPzKw1+v/Zpj/3RwL7/49NP3oZ8199/ynmt+3bvh5898vhK8/HJ7P+P3xa3851rZfO5/3hbua81zXf1NYx0pd9tX/unpFB578/Cvz//hHr3f+XBAfz/FLxhuP78WNlzYuG3q1eXnn+1WV/7yk/XX949GpxvxeOK+L4ZOZN13avL/O24+fTfL8p5uv3/iTXLx+0fF5IutG2h/Hua7/x+HnmO9f3v7+F/fH957u+DTndcVQuYSF8P5QLDQvj0fF8/38qUuXvb/4OTzFwhVns8wzmn1idvLwoaPzj0/OzczOTc4+8eSeI8fmj87taXx26Z4vVl3/9Ot7beP1vX9mx7ai8Wo/1hw99n6v//iD+/bfNnX9/pkDe+cPzD14fObEwX2zs/tm9s9ev/fAgZnHqq5/aP+u6S07t962ZeLgof27bt+5c+vOiUNHj5XLaC6qwo6pL00cPbGncZXZXdt2Tm/fvm1q4six/TO7bpuampivun7je9NEee1HJ07MHN47d+jIzMTsoSdndk3v3LFjS+WnPx45fmB2w+SJ+aOT87MzJyabj2XDXOPL5fe+quuTh9lj4f2uw1D46fxzN+9In49b+taXz3hTzUPafzwt3gifBRW/v1X9O+b+sTCTTPI/AAAA5CDm/vDB/6cvkP8BAACgNmLuXx1mIv8DAABAbcTcPx5mkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/WuKIsv8DwAAADmIuX9tmIn8DwAAALURc/95YSbyPwAAANRGzP3nh5lkkv/1//X/9f/1//X/9f97Sf9f/78b/X/9/0Fev/6//j/V+q3/H3P/B8JMMsn/AAAAkIOY+y8IM5H/AQAAoDZi7r8wzET+BwAAgNqIuX9dmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/Mff/vzCTTPI/AAAA5CDm/g+Gmcj/AAAAUBsx918UZiL/AwAAQG3E3H9xmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/MfdfEmaSSf4HAACAHMTcf2mYifwPAAAAtRFz/2VhJvI/AAAA1EbM/ZeHmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc/8VYSaZ5H8AAADIQcz9V4aZyP8AAABQGzH3fyjMRP4HAACA2oi5f32YSSb5X/9f/1//X/9f/1//v5f0//X/u9H/1/8f5PXr/+v/U63f+v8x9384zCST/A8AAAA5iLn/qjAT+R8AAABqI+b+q8NM5H8AAACojZj7N4SZZJL/9f/1//X/9f/1//X/e0n/X/+/G/1//f9BXr/+v/4/1fqt/x9z/8Ywk0zyPwAAAOQg5v5NYSbyPwAAANRGzP3XhJnI/wAAAFAbMfdfG2aSSf7X/9f/1//X/9f/1//vJf1//f9u9P/1/wd5/fr/+v9U67f+f8z914WZZJL/AQAAIAcx918fZiL/AwAAQG3E3H9DmIn8DwAAALURc//mMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+6/Mcwkk/wPAAAAOYi5/6YwE/kfAAAAaiPm/pvDTOR/AAAAqI2Y+yfCTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf+WMJNM8j8AAADkIOb+W8NM5H8AAACojZj7J8NM5H8AAACojZj7p8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5fzrMJJP8DwAAADmIuX9LmIn8DwAAALURc//WMBP5HwAAAGoj5v5tYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9G/1//f5DXr/+v/0+1fuv/x9y/Pcwkk/wPAAAAOYi5f0eYifwPAAAAtRFz/21hJvI/AAAA1EbM/beHmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc//OMJNM8j8AAADkIOb+j4SZyP8AAABQGzH33xFmIv8DAABAbcTc/9Ewk0zyv/6//r/+v/6//r/+fy/p/+v/d6P/r/8/yOvX/9f/p1q/9f9j7t8VZpJJ/gcAAIAcxNx/Z5iJ/A8AAAC1EXP/XWEm8j8AAADURsz9u8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/+4wk0zyPwAAAOQg5v6PhZnI/wAAAFAbMfd/PMxE/gcAAIDaiLn/E2EmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fcf0+YSSb5HwAAAHIQc/8nw0zkfwAAAKiNmPv/f5iJ/A8AAAC1EXP/vWEmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/ythJpnkfwAAAMhBzP33hZnI/wAAAFAbMfd/KsxE/gcAAIDaiLn/V8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/9fCTDLJ/wAAAJCDmPt/PcxE/gcAAIDaiLn/N8JM5H8AAACojZj77w8zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t8MM8kk/wMAAEAOYu5/IMxE/gcAAIDaiLn/02Em8j8AAADURsz9nwkzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/gfDTDLJ/wAAAJCDmPs/G2Yi/wMAAEBtxNz/W2Em8j8AAADURsz9vx1mkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/Z8LM8kk/wMAAEAOYu7/nTAT+R8AAABqI+b+3w0zkf8BAACgNmLufyjMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+z8fZpJJ/gcAAIAcxNz/e2Em8j8AAADURsz9e8JM5H8AAACojZj7Hw4zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/r1hJpnkfwAAAMhBzP1fCDOR/wEAAKA2Yu7fF2Yi/wMAAEBtxNy/P8wkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7Z8JMMsn/AAAAkIOY+w+Emcj/AAAAUBsx9x8MM5H/AQAAoDZi7n8kzCST/K//r/+v/6//r/+v/99L+v/6/93o/+v/D/L69f/1/6nWb/3/mPsPhZlkkv8BAAAgBzH3fzHMRP4HAACA2oi5/0thJvI/AAAA1EbM/YfDTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf9ImEkm+R8AAAByEHP/0TAT+R8AAABqI+b+Y2Em8j8AAADURsz9x8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5//fDTDLJ/wAAAJCDmPtPhJnI/wAAAFAbMffPhpnI/wAAAFAbMffPhZlkkv/1//X/9f/1//X/9f97Sf9f/78b/X/9/0Fev/6//j/V+q3/H3P/fJhJJvkfAAAAchBz/6NhJvI/AAAA1EbM/Y+Fmcj/AAAAUBsx9z8eZpJJ/tf/1//X/9f/1//X/+8l/X/9/270//X/B3n9+v/6/1Trt/5/zP1PhJlkkv8BAAAgBzH3PxlmIv8DAABAbcTc/wdh/h/79qwF4NKDYfTGf9u2bdu2bRzbVnGaJOU31aw1M9m7SZv2LZ5i/wMAAMAxcvc/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+58YtTfY/AAAAdJC7/3lxi/0PAAAAx8jd//y4xf4HAACAY+Tuf0Hc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/S+MW5rsfwAAAOggd/+L4hb7HwAAAI6Ru//FcYv9DwAAAMfI3f+SuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/uftfGrc02f8AAADQQe7+l8Ut9j8AAAAcI3f/y+MW+x8AAACOkbv/FXFLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3vzJuabL/AQAAoIPc/a+KW+x/AAAAOEbu/lfHLfY/AAAAHCN3/2vilib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7n9t3NJk/wMAAEAHuftfF7fY/wAAAHCM3P2vj1vsfwAAADhG7v43xC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/xrilyf4HAACADnL3vylusf8BAADgGLn73xy32P8AAABwjNz9b4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/61xS5P9DwAAAB3k7n9b3GL/AwAAwDFy9789brH/AQAA4Bi5+98RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8745Ym+x8AAAA6yN3/rrjF/gcAAIBj5O5/d9xi/wMAAMAxcve/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+98YtTfY/AAAAdJC7/31xi/0PAAAAx8jd//64xf4HAACAY+Tu/0Dc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/R+MW5rsfwAAAOggd/+H4hb7HwAAAI6Ru//DcYv9DwAAAMfI3f+RuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/ufs/Grc02f8AAADQQe7+j8Ut9j8AAAAcI3f/x+MW+x8AAACOkbv/E3FLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3fzJuabL/AQAAoIPc/Z+KW+x/AAAAOEbu/k/HLfY/AAAAHCN3/2filib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7v9s3NJk/wMAAEAHufs/F7fY/wAAAHCM3P2fj1vsfwAAADhG7v4vxC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/xbilyf4HAACADnL3fylusf8BAADgGLn7vxy32P8AAABwjNz9X4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/6txS5P9DwAAAB3k7v9a3GL/AwAAwDFy9389brH/AQAA4Bi5+78RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBj5O7/dtxi/wMAAMAxcvd/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+78YtTfY/AAAAdJC7/3txi/0PAAAAx8jd//24xf4HAACAY+Tu/0Hc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/T+MW5rsfwAAAOggd/+P4hb7HwAAAI6Ru//HcYv9DwAAAMfI3f+TuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/uft/Grc02f8AAADQQe7+n8Ut9j8AAAAcI3f/z+MW+x8AAACOkbv/F3FLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3/zJuabL/AQAAoIPc/b+KW+x/AAAAOEbu/l/HLfY/AAAAHCN3/2/ilib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7v9t3NJk/wMAAEAHuft/F7fY/wAAAHCM3P2/j1vsfwAAADhG7v4/xC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/x7ilyf4HAACADnL3/ylusf8BAADgGLn7/xy32P8AAABwjNz9f4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/69xS5P9DwAAAB3k7v9b3GL/AwAAwDFy9/89brH/AQAA4Bi5+/8RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8/45Ym+x8AAAA6yN3/r7jF/gcAAIBj5O7/d9xi/wMAAMAxcvf/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+/8YtTfY/AAAAdJC7/39xi/0PAAAAx8jd//+4xf4HAACAY+TuvyFuabL/9f/6f/2//l//r/+fSf+v/7+i/9f/7/y//l//z9hq/X/u/hvjlib7HwAAADrI3X9T3GL/AwAAwDFy998ct9j/AAAAcIzc/bfELU32v/5f/6//1//r//X/M+n/9f9X9P/6/53/1//r/xlbrf/P3X9r3NJk/wMAAEAHuftvi1vsfwAAADhG7v7b4xb7HwAAAI6Ru/+OuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/ufvvjFua7H8AAADoIHf/XXGL/Q8AAADHyN1/d9xi/wMAAMAxcvffE7c02f/6f/2//l//r//X/8+k/9f/X9H/6/93/l//r/9nbLX+P3f/vXFLk/0PAAAAHeTuvy9usf8BAADgGLn7749b7H8AAAA4Ru7+B+KWJvtf/6//1//r//X/+v+Z9P/6/yv6f/3/zv/r//X/jK3W/+fufzBuabL/AQAAoIPc/Q/FLfY/AAAAHCN3/8Nxi/0PAAAAx8jd/0jc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/Y/GLU32PwAAAHSQu/+xuMX+BwAAgGPk7n88brH/AQAA4Bi5+5+IW5rsf/2//l//r//X/+v/Z9L/6/+v6P/1/zv/r//X/zO2Wv+fu//JuKXJ/gcAAIAOcvc/FbfY/wAAAHCM3P1Pxy32PwAAABwjd/8zcUuT/a//1//r//X/+n/9/0z6f/3/Ff2//n/n//X/+n/GVuv/c/c/GwAA//9/h0Q1")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fchown(r0, 0x0, 0x0)

9.255344865s ago: executing program 2 (id=1998):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000, 0x400003c1}, 0xc1030040}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x0)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x23, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d2eaebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838079f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_ttl={{0x14}}, @ip_tos_u8={{0x11, 0x29, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x50}, 0x0)

9.167974371s ago: executing program 3 (id=2000):
syz_emit_ethernet(0x9e, &(0x7f0000000280)={@local, @local, @val, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x60, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa1d3", 0x0, 0x0, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @loopback}, [@routing={0x2b}, @srh={0x0, 0x3, 0x4, 0x1, 0x0, 0x0, 0x0, [@ipv4={'\x00', '\xff\xff', @remote}]}, @srh={0x0, 0x20000000000000a1}, @dstopts]}}}}}}}, 0x0)

9.042809138s ago: executing program 2 (id=2001):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x0, 0x300)
preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='sched_switch\x00', r4}, 0x10)
unshare(0x42000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000ecff0000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='file_check_and_advance_wb_err\x00', r6}, 0x10)
syz_emit_ethernet(0xae, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x78, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @loopback, @local, [@srh={0x0, 0x8, 0x4, 0x4, 0x0, 0x0, 0x0, [@empty, @rand_addr=' \x01\x00', @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}]}}}}}}}, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ptrace$peeksig(0x4209, 0x0, &(0x7f0000000040)={0x8, 0x0, 0x1}, &(0x7f0000000740)=[{}])
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

9.012825961s ago: executing program 3 (id=2003):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r1)
socket(0x10, 0x803, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})

8.229996124s ago: executing program 0 (id=2004):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x30004001)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
setsockopt$sock_attach_bpf(r3, 0x6, 0x4, &(0x7f0000000000)=r4, 0x4)

6.925233807s ago: executing program 0 (id=2007):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mq_open(&(0x7f00000002c0)='\x00', 0x40, 0x68, &(0x7f0000000300)={0x8e, 0x4, 0x7, 0x400000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='host1x_channel_submit\x00', r0}, 0xfffffffffffffdc6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0)
syz_emit_vhci(0x0, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x20}}, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, 0x0, 0x0)
r5 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002d80)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x60, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x20008010}, 0x0)

6.80021007s ago: executing program 4 (id=2009):
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140))
r0 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000040)={'bond0\x00', 0x0})

5.8983329s ago: executing program 2 (id=2012):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x80, 0x0, 0x0, 0x8}}, 0x1c}}, 0x0)

5.509799434s ago: executing program 1 (id=2016):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000a40)='i', 0x1}, {&(0x7f0000001200)="a68d4a0af973f288cfd1d0a139c2e9b3ae7bc4aba493b7d6c9ba81b97b3e00"/46, 0x2e}], 0x2}, 0x0)

5.400762389s ago: executing program 1 (id=2017):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x30004001)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
setsockopt$sock_attach_bpf(r3, 0x6, 0x4, &(0x7f0000000000)=r4, 0x4)

4.286245913s ago: executing program 1 (id=2018):
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x50, 0x0, 0x0, 0x0, 0x0, {}, [{{@pci={{0x8}, {0x4}}, {0x8}}, {0x8}, {0x6}, {0x5}}]}, 0x50}}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000c00", 0x33fe0}], 0x1}, 0x0)

4.161747404s ago: executing program 1 (id=2019):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_lsm={0x1d, 0xa, &(0x7f0000001ac0)=ANY=[@ANYBLOB="15"], 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r1, &(0x7f0000001040)=""/4096, 0x1000)

3.947394292s ago: executing program 1 (id=2020):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000000)=0x5b2, 0x4)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)
bind$can_raw(r2, &(0x7f00000000c0), 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

710.792635ms ago: executing program 2 (id=2021):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_io_uring_submit(r0, 0x0, 0x0)
syz_io_uring_submit(r0, 0x0, 0x0)
read(r1, &(0x7f0000001600)=""/233, 0xe9)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/147, 0x93}], 0x1, 0x0, 0x0)

710.427326ms ago: executing program 4 (id=2022):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000d00850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)

657.485525ms ago: executing program 0 (id=2023):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x438, 0x240, 0x240, 0x0, 0x350, 0x370, 0x350, 0x4, 0x0, {[{{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_batadv\x00', 'batadv0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "bc2e329885ea3654891fbae8c6c66e07212432bde429bcda7deb48d85c6f5e269c2021c8f8dc09af0b3f2e10e8ac79cc67e264613c4be6838ee2daacf7926a6e"}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @broadcast}}}, {{@arp={@private, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'veth0_to_bond\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x488)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

598.447199ms ago: executing program 1 (id=2024):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010921"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000002c0)={0x18, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, &(0x7f0000000640)={0x0, 0x3, 0x2, @string}, 0x0, 0x0}, 0x0)

502.080287ms ago: executing program 3 (id=2025):
r0 = openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r0, 0x4004510d, 0x0)

461.231348ms ago: executing program 0 (id=2026):
syz_emit_ethernet(0x9e, &(0x7f0000000280)={@local, @local, @val, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x60, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa1d3", 0x0, 0x0, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @loopback}, [@routing={0x2b}, @srh={0x0, 0x3, 0x4, 0x1, 0x0, 0x0, 0x0, [@ipv4={'\x00', '\xff\xff', @remote}]}, @srh={0x0, 0x20000000000000a1}, @dstopts]}}}}}}}, 0x0)

459.961568ms ago: executing program 4 (id=2027):
ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800, &(0x7f0000000500)=ANY=[@ANYRES16], 0x5, 0x152e, &(0x7f00000037c0)="$eJzs3AuYTlX7MPD7XmvtMSQ9TXIY1lr35kkOiyTJIakckiRJkpwSkiZ5JSEx5JQ0JCE5DMlhCMlhYtI4n8/HJEmaJMkpp2R914RPvdX31vu9X/7fO/fvuvb1rPtZe6197+fez/PsvR/m206DqzescVd9IoJfO+0vgD8HLzwkAkAsAPQHgGsAIACAsnFl4zL7s0tM/JOzsb/FwylXOgN2JXH9szauf9bG9c/auP5ZG9c/a+P6Z21c/6yN689YVrZxav5recm6yx/f///zsgPf////E3///xfJKDn6y9Ulr+/8F4Zw/bM2rv9/reDPrMT1z9q4/lkb1z9r4/pnBdn+sIfrn7Vx/RnLyq70/ed/WmLgyueQpZYrffwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMsaTvvLFABcal/pvBhjjDHGGGOMMfaf47Nd6QwYY4wxxhhjjDH2/x6CAAkKAoiBbBAL2SEHCAC4GnLBNRCBayEOroPccD3kgbyQD/JDPBSAgqDBgAWCEApBYYjCDVAEboSiUAyKQwlwUBJKwU1QGm6GMnALlIVboRzcBuWhAlSESnA7VIY7oArcCXfB3VAVqkF1qAH3QE24F2rBfVAb7oc68ADUhQehHjwE9eFhaACPQEN4FBrBY9AYmkBTaAbN/63xL0I3eAm6Qw9IhJ7QC16G3tAH+kI/6A+vwAB4FQbCa5AEg2AwvA5D4A0YCm/CMBgOI+AtGAlvwygYDWNgLCTDOBgP78AEeBcmwiSYDFMgBabCNHgPpsMMmAnvwyz4AGbDHJgL8yAVPoT5sADS4CNYCB9DOiyCxbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAW2wjbYDjtgJ3wCu+BT2A2fwR74/C+OP/VP4zsjIKBAgQoVxmAMxmIs5sAcmBNzYi7MhRGMYBzGYW7MjXkwD+bDfBiP8VgQC6JBg4SEhbAQRjGKRbAIFsWiWByLo0OHpbAUlsabsQyWwbJYFsthOSyPFbACVsJKWBkrYxWsgnfhXVgVq2J1rI734D3YE2thLayNtbEO1rl0ewrrY31sgA2wITbERtgIG2NjbIpNsTk2xxbYAltiS2yNrbENtsG22BYTMAHbYTtsj+2xA3bAjtgRO2En7IxdsAu+mA3wJXwJe2BV0RN7YS/sjUnZ+mI/7Iev4AB8FV/F1zAJB+FgfB1fxzdwKJ7EYTgcR+AIrCzexlE4GkmMxWRMxvE4HifgBJyIk3ASTsEUnIrTcBpOxxk4A9/HWfgBfoBzcA7Ow1RMxfm4ANMwDRfiKUzHRbgYl+BSXIZLcQWuxBW4GtfgalyH63ADbsBNuAm34BbchttwByoA/AQ/xU8xCffgHtyLe3Ef7sP9uB8zMAMP4AE8iAfxEB7Cw3gYj+BRPIZH8QSewJN4Ck/jaTyLZ/EcPh//dYMdxVYlgcikhBIxIkbEiliRQ+QQOUVOkUvkEhEREXEiTuQWuUUekUfkE/lEvIgXBUVBYYQRJMIYABBRERVFRBFRVBQVxUVx4YQTpUQpUVqUFmVEGVFW3CrKidtEeVFBtHKVRCVRWbR2VcSd4i5xl6gqqonqooaoIWqKmqKWqCVqi9qijqgj6ooHRT3RE/viwyKzMg3FIGwkBmNj0UTIi59gLcRQbClaidbiSTEch2Fb0cIliGdEOzEK24t/iNH4nOgoxmIn8YLoLLqIruJF0U20dN1FDzERe4peYgr2Fn1EX9FPTMdq4n2clb26eE0kiUFisHhdzMM3xFDxphgmhosR4i0xUrwtRonRYowYK5LFODFevCMmiHfFRDFJTBZTRIqYKqaJ98R0MUPMFO+LWeIDMVvMEXPFPJEqPhTzxQKRJj4SC8XHIl0sEovFErFULBPLxQqxUqwSq8UasVasE+vFBrFRbBKbxRaxVWwT28UOsVN8InaJT8Vu8ZnYIz4Xe8UXYp/4UuwXX4kM8bU4IL4RB8W34pD4ThwW34sj4qg4Jo6LE+IHcVKcEqfFGXFW/CjOiZ/EeeEFSJRCSqlkIGNkNhkrs8sc8iqZUwYXX91rZZy8TuaW18s8Mq/MJ/PLeFlAFpRaGmklyVAWkoVlVN4gi8gbZVFZTBaXJaSTJWUpeZMsLW+WZeQtsqy8VZaTt8nysoKsKCvJ22VleYeEyIVtVJXVZHVZQ94ja8p7ZS15n6wt75d15AOyrnxQ1pMPyfryYdlAPiIbykdlI/mYbCybyKaymWwuH5ct5BOypWwlW8snZRv5lGwrn5YJ8hnZTvqLh8hzsqN8XnaSL8jOsovsKn+S56WX3WUPCdBT9pIvy96yj+wr+8n+8hU5QL4qB8rXZJIcJAfL1+UQ+YYcKt+Uw+RwOUK+JUfKt+UoOVqOkWNlshwnx8t35AT5rpwoJ8nJcopMkVNl34szzZTyX45/53fGD/x56xvkRrlJbpZb5Fa5TW6XO+ROuVPukrvkbrlb7pF75F65V+6T++R+uV9myAx5QB6QB+VBeUgekoflYXlEHpVn5HF5Qv4gT8pT8pQ8I8/Ks/LcxdcAFCqhpFIqUDEqm4pV2VUOdZXKqa5WudQ1KqKuVXHqOpVbXa/yqLwqn8qv4lUBVVBpZZRVpEJVSBVWUXUDXjxgVHFVQjlVUpVSN/2V8aqIulEVVcV+Nf5Sfol/kF9z1Vy1UC1US9VStVatVRvVRrVVbVWCSlDtVDvVXrVXHVQH1VF1VJ1UJ9VZdVZdVVfVTXVT3VV3lagSVS/1suqt+qi+qp/qr15RA9QANVANVEkqSQ1Wg9UQNUQNVUPVMDVMjVAj1Eg1Uo1So9QYNUYlq2Q1Xo1XE9QENVFNVJPVZJWiUtQ0NU1NV9PVTDVTzVKz1Gw1W81Vc1WqSlXz1XyVptLUQrVQpatFapFaopaoZWqZWqFWqFVqlVqj1qh1ap1KVxvVRrVZbVZb1Va1XW1XO9VOtUvtUrvVbrVH7VF71V61T+1T+9V+laEy1AF1QB1UB9UhdUgdVofVEXVEHVPH1Al1Qp1UJ9VpdVqdVWfVOXVOnVfnM0/7AhGIQAUqiAligtggNsgR5AhyBjmDXEGuIBJEgrggLsgdXB/kCfIG+YL8QXxQICgY6MAENhAXix4NbgiKBDcGRYNiQfGgROCCkkGp4KagdHBzUCa4JSgb3Bpc+qmpYlApuD2oHNwRVAnuDO4K7g6qBtWC6kGN4J6gZnBvUCu4L6gd3B/UCR4I6gYPBvWCh4L6wcNBg+CRoGHwaNAoeCxoHDQJmgbNgua/mL9ccFtQPqgQ/Pvze38y7xOuu+6hE3VP3Uu/rHvrPrqv7qf761f0AP2qHqhf00l6kB6sX9dD9Bt6qH5TD9PD9Qj9lh6p39aj9Gg9Ro/VyXqcHq/f0RP0u3qinqQn6yk6RU/V0/R7erqeoWfq9/Us/YGerefouXqeTtUf6vl6gU7TH+mF+mOdrhfpxXqJXqqX6eV6hV6pV+nVeo1eq9fp9XqD3qg36c16i96qt+nteofeqT/Ru/Snerf+TO/Rn+u9+gu9T3+p9+uvdIb+Wh/Q3+iD+lt9SH+nD+vv9RF9VB/Tx/UJ/YM+qU/p0/qMPqt/1Of0T/q89pkn95lf70YZZWJMjIk1sSaHyWFympwml8llIiZi4kycyW1ymzwmj8ln8pl4E28KmoImExkyhUwhEzVRU8QUMUVNUVPcFDfOOFPKlDKlTWlTxpQxZU1ZU86UM+VNeVPRVDS3m9vNHeYOc6e509xt7jbVTDVTw9QwNU1NU8vUMrVNbVPH1DF1TV1Tz9Qz9U1908A0MA1NQ9PINDKNTWPT1DQ1zU1z08K0MC1NS9PatDZtTBvT1rQ1CSbBtDPtTHvT3nQwHUxH09F0Mp1MZ9PZdDVdTTfTzXQ33U2iSTS9TC/T2/Q2fU1f09/0NwPMADPQDDRJJskMNoPNEDPEDDVDzTAz3IzIPLjN22aUGW3GmLEm2SSb8Wa8mWAmmIlmoplsJpsUk2KmmWlmupluZpqZZpaZZWab2WaumWtSTaqZb+abNJNmFpqFJt2km8VmsVlqlprlZrlZaVaa1Wa1WQtrzXqz3mw0G81ms9lsNVvNdrPd7DQ7zS6zy+w2u80es8fsNXvNPrPP7Df7TYbJMAfMAXPQHDSHzCFz2Bw2R8wRc8wcMyfMCXPSnDSnzWlz1uS9+H3pTazNbnPYq2xOe7XNZa+x/xzns/ltvPe2oNU2j817IbYFfo6NtbaoLWaL2xLW2ZK2lL3pN3F5W8FWtJXs7bayvcNW+U1c095ra9n7bG17v61h7/lVXMc+YOvaR209RADbxDawzWxD+6htZB+zjW0T29Q2s23sU7atfdom2GdsO/vsb+L5doFdaVfZ1XaN3WU/taftGXvQfmvP2h9td9vD9rev2AH2VTvQvmaT7KDfxCPsW3akfduOsqPtGDv2N/FkO8Wm2Kl2mn3PTrczfhOn2g/tLJtmZ9s5dq6d93OcmVOa/cgutB/bdLvILrZL7FK7zC63K/53rkvsOrvebrA77Sd2s91it9ptdrvd8XOcuR+77Wd2j/3cHrDf2H32S7vfHrIZ9uuf48z9O2S/s4ft9/aIPWqP2eP2hP3BnrSnft7/zH0/bn+y5623QEhAkhQFFEPZKJayUw66inLS1ZSLrqEIXUtxdB3lpuspD+WlfJSf4qkAFSRNhiwRhVSIClOUbqBL5+nFqQQ5Kkml6CYqTTdTGbqFytKtVI5uo/JUgSpSJbqdKtMdVIXupLvobqpK1ag61aB7qCbdS7XoPqpN91MdeoDq0oNUjx6i+vQwNaBHqCE9So3oMWpMTagpNaPm9Di1oCeoJbWi1vQktaGnqC09TQn0DLWjZ6k9/YM60HPUkZ6nTvQCdaYu1JVepG70EnWnHpRIPakXvUy9qQ/1pX7Un16hAfQqDaTXKIkG0WB6nYbQGzSU3qRhNJxG0Fs0kt6mUTSaxtBYSqZxNJ7eoQn0Lk2kSTSZplAKTaVp9B5Npxk0k96nWfQBzaY5NJfmUSp9SPNpAaXRR7SQPqZ0WkSLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+oR20ae0mz6jPfQ57aUvaB99SfvpK8qgr+kAfUMH6Vs6RN/5HvQ9HaGjdIyO0wn6gU7SKTpNZ+gs/Ujn6Cc6T54gxFCEMlRhEMaE2cLYMHuYI7wqzBleHeYKrwkj4bVhXHhdmDu8PswT5g3zhfnD+LBAWDDUoQltSGEYFgoLh9HwhrBIeGNYNCwWFg9LhC4sGZYKbwpLhzeHZcJbwrLhrWG58LawfFghfPT+SuHtYeXwjrBKeGfYOrw7rBpWC6uHNcJ7wprhvWGt8L6wdnh/WCZ8IKwbPhjWCx8K64cPhw3CR8KG4aNho/CxsHHYJGwaNgubh4+HLcInwpZhq7B1+GTYJnwqbBs+HSaEz4Ttwmd/7n9gwR/3J4Y9w17hy+HLoff3ybnRedHU6IfR+dEF0bToR9GF0Y+j6dFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRDVHva2QDh0446ZQLXIzL5mJddpfDXeVyuqtdLneNi7hrXZy7zuV217s8Lq/L5/K7eFfAFXTaGWcdudAVcoVd1N3girgbXVFXzBV3JZxzJV0p18w1d81dC/eEa+laudbuSfeke8o95Z52T7tnXDv3rGvv/uE6uOdcR/e8e9694Dq7Lq6re9F1c+NyXXhPJrperpfr7Xq7vq6v6+/6uwFugBvoBrokl+QGu8FuiBvihrqhbpgb5ka4EW6kG+lGuVFujBvjkl2yG+/GuwlugpvoJrrJbrJLcSlumpvmprvprvKMC1uZ7Wa7uW6uS3Wpbr7LPGdMcwvdQpfu0t1it9gtdUvdcrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e10O90uf82FzAFgr9vr9rl9br/7ymW4r90B94076L51h9x37rD73h1xR90xd9ydcD+4k+6UO+3OuLPuR3fO/eTOO++SI+Mi4yPvRCZE3o1MjEyKTI5MiaREpkamRd6LTI/MiMyMvB+ZFfkgMjsyJzI3Mi+SGvkwMj+yIJIW+SiyMPJxJD2yKLI4siSyNLIs4n2BzaEv5Av7qL/BF/E3+qK+mC/uS3jnS/pS/iZf2t/sy/hbfFl/qy/nb/PlfQVf0T/mG/smvqlv5pv7x30L/4Rv6Vv51v5J38Y/5dv6p32Cf8a388/69v4fvoN/znf0z/tO/gXf2XfxXf2Lvpt/yXf3PXyi7+l7+Zd9b9/H9/X9fH//ih/gX/UD/Ws+yQ/yg/3rfoh/ww/1b/phfrgfEfOWH3npEhnG+mQ/zo/37/gJ/l0/0U/yk/0Un+Kn+mn+PT/dz/Az/ft+lv/Az/Zz/Fw/z6f6D/18v8Cn+Y/8Qv+xT/eLLt1U9sv9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Q6/03/id/lP/W7/md/jP/d7/Rd+n//S7/df+Qz/tT/gv/EH/bf+kP/OH/bf+yP+qD/mj/sT/gd/0p/yp/0Zf9b/6M/5n/x5/j9rjDHGGGN/yrjLTfF7/T1/5znxi5V7AcDVW/Jn/LI/84xybZ4L7T4ivk0EAJ7p0enhS0vVqomJiRfXTZcQFJ4DcOmXoEwxcDleBK3hKUiAVlD6d/PvI7qcpX8xf/RWgBy/GBMLl+PL83/xB/M//uSI+eXC03H/h/nnABQtfHlMdrgcL4LWKvOxFZT5g/nztvgX+Wf/Mhmg5S/G5ITL8eX8S8ET8Cwk/GpNxhhjjDHGGGPsgj6iYodL15+X/sXn712fx6vLY7LB5fhfXZ8zxhhjjDHGGGPsynuuS9enH09IaNXhrzeq/FujuPE/teE9wKVnFAD8X04I8Lfvxaa/ZVtJF986/9y19IwP4H9GKf8Tjd/7tMC/98OJMcYYY4wx9h91+aT/18+rK5UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWBf0df07sSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9rwAAAP//h3AVmQ==")
unlink(&(0x7f0000000640)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000140)=[@in={0x2, 0x4e1c, @remote}, @in={0x2, 0x4e02, @private=0x8a010102}, @in={0x2, 0x4e22, @private=0xa010102}, @in6={0xa, 0x0, 0x4, @mcast2, 0xfff}], 0x4c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @loopback}]}, &(0x7f00000002c0)=0x10)
getpeername$inet6(r0, 0x0, &(0x7f0000000040))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = dup2(r1, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000700))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000009a850000002d00000018110000", @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, &(0x7f0000000200), 0x43400)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, 0x0, &(0x7f0000000100))

348.719634ms ago: executing program 3 (id=2028):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r2, 0x0, &(0x7f0000000200))
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc00000000100070000", @ANYRES32=r3, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000940)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x2, r3}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6}]}}}]}, 0x40}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x34, 0x0, 0x800, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000001}, 0xc000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000004000000000000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000800"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xffffffffffffffff}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1c, 0x1}, 0x1c}}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0)

317.473992ms ago: executing program 0 (id=2029):
r0 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x10, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = syz_pidfd_open(r0, 0x0)
setns(r2, 0x10000000)

0s ago: executing program 0 (id=2030):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc1ffb}]})
openat$full(0xffffffffffffff9c, 0x0, 0x408701, 0x0)
syz_open_dev$vim2m(0x0, 0x8000000000000000, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000040)=@newpolicy={0xc4, 0x13, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@sec_ctx={0xc, 0x10, {0x8}}]}, 0xc4}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = memfd_create(&(0x7f0000000b40)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b \x00\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\xfe\xe6\xd2SLR\xa1\x00\x00\x17\x1f$^\xe1\x00\x00\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\x00\x00\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\x9b\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x14M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x1b1\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\xe7\xf6\t\x9dJ\xa4^m\xf3\xb5Y\f\x8f\r\xd5)>A\xe9\xf59\'G[\xf0`\xf3\'\xe4\xb2\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I?^\xf3,\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4u\xdaav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW', 0x6)
fallocate(r4, 0x0, 0x0, 0x0)
fcntl$addseals(r4, 0x409, 0xc)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000002c0))
vmsplice(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r6, &(0x7f0000000280)={&(0x7f0000000040)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14, &(0x7f0000000240)={&(0x7f0000000200)="fb8149d48c6596d63bea5e85b2111933a7b6c01b74ff57a776d30efe94379d", 0x1f}, 0x1, 0x0, 0x0, 0x80}, 0x4040000)
r7 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

10269] netlink: 'syz.2.1546': attribute type 3 has an invalid length.
[  442.257522][T10269] netlink: 'syz.2.1546': attribute type 3 has an invalid length.
[  442.297668][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.310493][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  442.358653][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state
[  442.365825][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  442.463978][ T5152] bridge0: port 2(bridge_slave_1) entered blocking state
[  442.471250][ T5152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  442.533239][T10040] veth0_vlan: entered promiscuous mode
[  442.628213][T10040] veth1_vlan: entered promiscuous mode
[  442.655499][ T9986] 8021q: adding VLAN 0 to HW filter on device batadv0
[  442.737146][T10280] sg_write: data in/out 93/14 bytes for SCSI command 0x0-- guessing data in;
[  442.737146][T10280]    program syz.3.1460 not setting count and/or reply_len properly
[  442.807842][T10040] veth0_macvtap: entered promiscuous mode
[  442.815280][T10284] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  442.852786][T10040] veth1_macvtap: entered promiscuous mode
[  442.925025][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  442.969836][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.986725][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  443.000982][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.016512][T10040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  443.054760][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  443.080330][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.103390][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  443.132005][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.161499][T10040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  443.197320][T10040] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  443.207228][T10040] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  443.226256][T10040] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  443.240871][T10040] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  443.288757][T10134] 8021q: adding VLAN 0 to HW filter on device batadv0
[  443.602036][ T2884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  443.615404][ T2884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  443.658970][T10134] veth0_vlan: entered promiscuous mode
[  443.728830][ T9986] veth0_vlan: entered promiscuous mode
[  443.744068][T10134] veth1_vlan: entered promiscuous mode
[  443.769704][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  443.792930][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  443.814635][ T9986] veth1_vlan: entered promiscuous mode
[  443.903081][T10134] veth0_macvtap: entered promiscuous mode
[  443.965617][T10134] veth1_macvtap: entered promiscuous mode
[  444.015557][ T9986] veth0_macvtap: entered promiscuous mode
[  444.057909][ T9986] veth1_macvtap: entered promiscuous mode
[  444.065497][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.065523][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.065536][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.065550][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.065563][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.065577][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.075021][T10134] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.097986][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.178488][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.178517][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.178534][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.178553][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.178567][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.178586][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.178599][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.181982][ T9986] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.281407][T10311] netlink: 'syz.2.1554': attribute type 29 has an invalid length.
[  444.285151][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.285176][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.285187][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.285200][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.285211][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.285223][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.286797][T10134] batman_adv: batadv0: Interface activated: batadv_slave_1
[  444.290644][T10314] netlink: 'syz.2.1554': attribute type 29 has an invalid length.
[  444.387625][T10134] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.410308][T10134] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.419071][T10134] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.436432][T10134] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.450552][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.479013][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.516623][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.549864][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.562110][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.572854][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.583319][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.594996][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.607124][ T9986] batman_adv: batadv0: Interface activated: batadv_slave_1
[  444.614862][T10315] netlink: 'syz.2.1554': attribute type 29 has an invalid length.
[  444.630265][T10311] netlink: 'syz.2.1554': attribute type 29 has an invalid length.
[  444.693430][ T9986] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.739800][ T9986] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.749074][ T9986] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.788947][ T9986] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.911500][T10329] loop1: detected capacity change from 0 to 16
[  444.925465][T10329] erofs: (device loop1): mounted with root inode @ nid 36.
[  445.207766][T10332] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  445.219127][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.294493][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.309211][T10334] loop2: detected capacity change from 0 to 128
[  445.328979][T10339] input: syz0 as /devices/virtual/input/input12
[  445.416381][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.471509][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.562775][T10340] syz.1.1561: attempt to access beyond end of device
[  445.562775][T10340] loop1: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[  445.591339][ T1058] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.636966][ T1058] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.681033][T10340] syz.1.1561: attempt to access beyond end of device
[  445.681033][T10340] loop1: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[  445.773542][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.797373][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  447.052602][T10362] loop0: detected capacity change from 0 to 8
[  447.144956][T10362] SQUASHFS error: lzo decompression failed, data probably corrupt
[  447.185853][T10362] SQUASHFS error: Failed to read block 0x91: -5
[  447.223783][T10362] SQUASHFS error: Unable to read metadata cache entry [8f]
[  447.279717][T10362] SQUASHFS error: Unable to read inode 0x11f
[  447.691801][T10362] loop0: detected capacity change from 0 to 256
[  447.962918][T10362] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  448.188021][T10376] loop2: detected capacity change from 0 to 2048
[  448.276816][T10376] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.419132][T10376] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  448.529257][T10376] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  448.604697][T10382] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  448.650642][T10376] EXT4-fs (loop2): This should not happen!! Data will be lost
[  448.650642][T10376] 
[  448.681765][T10386] input: syz0 as /devices/virtual/input/input13
[  448.699728][T10382] EXT4-fs (loop2): This should not happen!! Data will be lost
[  448.699728][T10382] 
[  448.739599][T10376] EXT4-fs (loop2): Total free blocks count 0
[  448.752156][T10382] EXT4-fs (loop2): Total free blocks count 0
[  448.784765][T10376] EXT4-fs (loop2): Free/Dirty block details
[  448.799719][T10382] EXT4-fs (loop2): Free/Dirty block details
[  448.819854][T10388] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1579'.
[  448.820751][T10382] EXT4-fs (loop2): free_blocks=2415919104
[  450.669400][T10374] loop3: detected capacity change from 0 to 40427
[  450.691081][T10374] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  450.735480][T10374] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  450.758837][T10420] loop4: detected capacity change from 0 to 2048
[  450.822097][T10374] F2FS-fs (loop3): Found nat_bits in checkpoint
[  450.833712][T10420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  451.033254][T10420] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  451.072771][T10374] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  451.083127][T10420] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  451.096212][T10430] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 1, id = 0
[  451.145868][T10374] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  451.174674][T10432] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  451.219861][T10420] EXT4-fs (loop4): This should not happen!! Data will be lost
[  451.219861][T10420] 
[  451.262021][T10432] EXT4-fs (loop4): This should not happen!! Data will be lost
[  451.262021][T10432] 
[  451.283837][T10420] EXT4-fs (loop4): Total free blocks count 0
[  451.297690][T10432] EXT4-fs (loop4): Total free blocks count 0
[  451.315212][T10420] EXT4-fs (loop4): Free/Dirty block details
[  451.357150][T10420] EXT4-fs (loop4): free_blocks=2415919104
[  451.375448][T10432] EXT4-fs (loop4): Free/Dirty block details
[  451.409798][ T5152] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  451.659382][ T5152] usb 2-1: Using ep0 maxpacket: 8
[  451.698909][ T5152] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  451.731470][ T5152] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  451.765455][T10438] IPv6: NLM_F_CREATE should be specified when creating new route
[  451.769579][ T5152] usb 2-1: config 1 has no interface number 1
[  451.797204][ T5152] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  451.806591][ T5152] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.814999][T10438] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1595'.
[  451.825694][ T5152] usb 2-1: Product: syz
[  451.838044][ T5152] usb 2-1: Manufacturer: syz
[  451.847870][ T5152] usb 2-1: SerialNumber: syz
[  451.978195][T10440] sg_write: data in/out 93/14 bytes for SCSI command 0x0-- guessing data in;
[  451.978195][T10440]    program syz.2.1596 not setting count and/or reply_len properly
[  453.145219][ T5152] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  453.194154][ T5152] usb 2-1: 2:1 : format type 0 is detected, processed as PCM
[  453.236749][ T5152] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  453.247634][ T5152] usb 2-1: 2:1 : invalid channels 0
[  453.292639][T10458] evm: overlay not supported
[  453.382216][ T5152] usb 2-1: USB disconnect, device number 10
[  453.440014][T10455] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  453.684064][ T5284] udevd[5284]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  454.089159][T10479] io-wq is not configured for unbound workers
[  454.324494][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length.
[  454.364304][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length.
[  454.401055][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length.
[  454.419560][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length.
[  454.430217][ T5158] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  454.588847][T10487] loop3: detected capacity change from 0 to 512
[  454.608191][T10487] EXT4-fs: Ignoring removed nobh option
[  454.619912][ T5158] usb 5-1: Using ep0 maxpacket: 16
[  454.659559][ T5158] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  454.685771][ T5158] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.695309][T10487] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  454.716211][ T5158] usb 5-1: Product: syz
[  454.720573][ T5158] usb 5-1: Manufacturer: syz
[  454.725300][ T5158] usb 5-1: SerialNumber: syz
[  454.725975][T10487] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.1611: attempt to clear invalid blocks 2 len 1
[  454.735979][ T5158] r8152-cfgselector 5-1: Unknown version 0x0000
[  454.759646][ T5158] r8152-cfgselector 5-1: config 0 descriptor??
[  454.833081][T10493] loop1: detected capacity change from 0 to 1024
[  454.855709][T10493] EXT4-fs: Ignoring removed oldalloc option
[  454.864135][T10487] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  454.892618][T10487] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1611: invalid indirect mapped block 1819239214 (level 0)
[  454.895811][T10493] ext4: Unknown parameter 'fsuuid'
[  454.924632][T10487] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1611: invalid indirect mapped block 1819239214 (level 1)
[  454.968397][T10487] EXT4-fs (loop3): 1 truncate cleaned up
[  454.976795][T10487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  455.039598][ T9352] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  455.058614][ T5158] r8152-cfgselector 5-1: Needed 2 retries to read version
[  455.077309][ T5158] r8152-cfgselector 5-1: Unknown version 0x0000
[  455.094716][ T5158] r8152-cfgselector 5-1: bad CDC descriptors
[  455.239892][ T9352] usb 3-1: Using ep0 maxpacket: 32
[  455.249367][ T9352] usb 3-1: New USB device found, idVendor=1630, idProduct=0042, bcdDevice=5b.13
[  455.277455][ T9352] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.289712][ T9352] usb 3-1: Product: syz
[  455.294225][ T9352] usb 3-1: Manufacturer: syz
[  455.299046][ T9352] usb 3-1: SerialNumber: syz
[  455.318759][ T9352] usb 3-1: config 0 descriptor??
[  455.328623][ T9352] usb 3-1: bad CDC descriptors
[  455.357861][  T929] r8152-cfgselector 5-1: USB disconnect, device number 15
[  455.568937][ T9352] usb 3-1: USB disconnect, device number 11
[  456.370713][T10512] loop4: detected capacity change from 0 to 1024
[  456.502609][T10512] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  456.598144][T10512] JBD2: no valid journal superblock found
[  456.632821][T10512] EXT4-fs (loop4): Could not load journal inode
[  456.694294][T10512] netlink: 'syz.4.1620': attribute type 11 has an invalid length.
[  457.253705][T10519] netlink: 'syz.4.1620': attribute type 11 has an invalid length.
[  457.811299][ T9958] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.976859][   T54] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  457.999702][   T54] Bluetooth: hci1: Injecting HCI hardware error event
[  458.011306][   T54] Bluetooth: hci1: hardware error 0x00
[  458.109778][T10524] netlink: 'syz.1.1623': attribute type 2 has an invalid length.
[  458.235876][T10537] loop0: detected capacity change from 0 to 2048
[  458.275526][T10537] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  458.346284][T10537] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh
[  458.389672][T10537] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh
[  458.399358][T10539] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer.
[  458.861589][T10551] loop2: detected capacity change from 0 to 64
[  459.270366][T10557] loop2: detected capacity change from 0 to 1024
[  459.287370][T10557] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  459.346449][T10557] JBD2: no valid journal superblock found
[  459.366072][T10557] EXT4-fs (loop2): Could not load journal inode
[  459.416596][ T5116] Bluetooth: hci2: unexpected event for opcode 0x2002
[  459.448286][T10557] netlink: 'syz.2.1635': attribute type 11 has an invalid length.
[  459.463472][T10557] netlink: 'syz.2.1635': attribute type 11 has an invalid length.
[  459.471979][T10557] debugfs: Directory 'netdev:' with parent 'phy48' already present!
[  459.576213][T10544] loop4: detected capacity change from 0 to 32768
[  459.583328][T10562] netlink: 'syz.2.1638': attribute type 4 has an invalid length.
[  459.606561][T10562] netlink: 'syz.2.1638': attribute type 2 has an invalid length.
[  459.606556][T10544] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1631 (10544)
[  459.705554][T10562] loop2: detected capacity change from 0 to 4096
[  459.727100][T10544] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  459.761956][T10544] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  459.780449][T10564] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  459.801213][T10544] BTRFS info (device loop4): using free-space-tree
[  460.059716][   T54] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  461.109424][T10597] sg_write: data in/out 93/14 bytes for SCSI command 0x0-- guessing data in;
[  461.109424][T10597]    program syz.1.1645 not setting count and/or reply_len properly
[  461.306752][ T9986] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  461.871553][T10607] loop3: detected capacity change from 0 to 8
[  461.967713][T10607] SQUASHFS error: lzo decompression failed, data probably corrupt
[  461.999318][T10607] SQUASHFS error: Failed to read block 0x4ec: -5
[  462.016179][T10607] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  462.062528][T10607] SQUASHFS error: Unable to read inode 0x20087
[  462.178271][T10582] loop2: detected capacity change from 0 to 32768
[  463.341209][T10631] loop4: detected capacity change from 0 to 2048
[  463.441183][   T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  463.450945][   T54] Bluetooth: hci2: Injecting HCI hardware error event
[  463.456696][T10631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  463.484613][   T54] Bluetooth: hci2: hardware error 0x00
[  463.518931][T10637] loop3: detected capacity change from 0 to 2048
[  463.676266][T10637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  463.804888][T10637] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  463.883465][T10637] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  463.945263][T10654] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  463.959618][T10637] EXT4-fs (loop3): This should not happen!! Data will be lost
[  463.959618][T10637] 
[  464.000085][T10637] EXT4-fs (loop3): Total free blocks count 0
[  464.006138][T10637] EXT4-fs (loop3): Free/Dirty block details
[  464.015635][T10654] EXT4-fs (loop3): This should not happen!! Data will be lost
[  464.015635][T10654] 
[  464.056167][T10637] EXT4-fs (loop3): free_blocks=2415919104
[  464.078654][T10637] EXT4-fs (loop3): dirty_blocks=16
[  464.089553][T10654] EXT4-fs (loop3): Total free blocks count 0
[  465.508534][ T9986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  465.579830][   T54] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  465.824564][T10656] loop1: detected capacity change from 0 to 32768
[  466.141638][   T54] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  466.152298][   T54] Bluetooth: hci4: Injecting HCI hardware error event
[  466.162655][ T5116] Bluetooth: hci4: hardware error 0x00
[  467.163220][ T1058] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.273794][T10672] loop2: detected capacity change from 0 to 32768
[  467.366835][T10671] loop3: detected capacity change from 0 to 32768
[  467.380341][ T5154] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  467.408027][ T1058] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.446095][T10671] XFS (loop3): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  467.587887][T10671] XFS (loop3): Ending clean mount
[  467.610717][ T5154] usb 5-1: not running at top speed; connect to a high speed hub
[  467.659709][ T5154] usb 5-1: config 123 has an invalid interface number: 222 but max is 1
[  467.681581][ T5154] usb 5-1: config 123 has an invalid interface number: 61 but max is 1
[  467.684855][    T8] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  467.699177][ T1058] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.728520][ T5154] usb 5-1: config 123 has no interface number 0
[  467.743875][ T5154] usb 5-1: config 123 has no interface number 1
[  467.765344][ T5154] usb 5-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  467.785192][ T5154] usb 5-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping
[  467.823531][ T5154] usb 5-1: config 123 interface 222 has no altsetting 0
[  467.842046][ T5154] usb 5-1: config 123 interface 61 has no altsetting 0
[  467.849255][T10704] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  467.876069][T10704] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  467.881041][ T5154] usb 5-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c
[  467.886546][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  467.909790][T10704] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  467.913286][ T5154] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.924907][    T8] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  467.934601][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.945285][T10704] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  467.953122][T10704] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  467.957138][ T1058] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.974879][T10704] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  467.987179][    T8] usb 1-1: config 0 descriptor??
[  467.989863][ T5154] usb 5-1: Product: 膅浣렴赚䵜�燔㤶�噫懈奤겾༉似甠�즦쌫ᄑ⣎蓙Ḹ�ḉ贈嶧擮퇆䄂ꚇ홤懠햵蠵⧗�稕ۡ괖讓퓗軻�礸⫊�줻烔䜄쎽⯂駰轅瑠ꊉ宩줌㕺⚰
[  468.021757][ T9958] XFS (loop3): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  468.031580][ T5154] usb 5-1: Manufacturer: ࠌ
[  468.042787][ T5154] usb 5-1: SerialNumber: syz
[  468.380509][ T5116] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  468.433880][    T8] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  468.437245][ T5154] usb 5-1: bad CDC descriptors
[  468.478660][ T5154] usb 5-1: USB disconnect, device number 16
[  468.519157][    T8] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0006/input/input14
[  468.605061][ T1058] bridge_slave_1: left allmulticast mode
[  468.631783][ T1058] bridge_slave_1: left promiscuous mode
[  468.682989][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.750347][ T1058] bridge_slave_0: left allmulticast mode
[  468.768848][ T1058] bridge_slave_0: left promiscuous mode
[  468.779380][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.828098][    T8] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  468.895332][    T8] usb 1-1: USB disconnect, device number 9
[  470.365615][ T5116] Bluetooth: hci0: command tx timeout
[  470.925694][T10731] can: request_module (can-proto-0) failed.
[  470.986685][T10727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1682'.
[  470.999554][T10727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1682'.
[  471.392809][    T8] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  472.390401][ T5116] Bluetooth: hci0: command tx timeout
[  472.394029][    T8] usb 1-1: config 0 has an invalid interface number: 16 but max is 0
[  472.423029][    T8] usb 1-1: config 0 has no interface number 0
[  472.441670][    T8] usb 1-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee
[  472.487771][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.516288][    T8] usb 1-1: config 0 descriptor??
[  472.539733][ T5158] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  472.655376][T10742] loop4: detected capacity change from 0 to 32768
[  472.673892][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  472.695255][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  472.704456][T10742] XFS (loop4): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  472.718201][ T1058] bond0 (unregistering): Released all slaves
[  472.742172][ T5158] usb 4-1: not running at top speed; connect to a high speed hub
[  472.742601][  T929] usb 1-1: USB disconnect, device number 10
[  472.752868][ T5158] usb 4-1: config 123 has an invalid interface number: 222 but max is 1
[  472.769684][ T5158] usb 4-1: config 123 has an invalid interface number: 61 but max is 1
[  472.777987][ T5158] usb 4-1: config 123 has no interface number 0
[  472.799233][ T5158] usb 4-1: config 123 has no interface number 1
[  472.818609][ T5158] usb 4-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  472.832836][ T5158] usb 4-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping
[  472.846662][ T5158] usb 4-1: config 123 interface 222 has no altsetting 0
[  472.855130][ T5158] usb 4-1: config 123 interface 61 has no altsetting 0
[  472.885904][ T5158] usb 4-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c
[  472.917594][ T5158] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  472.945973][ T5158] usb 4-1: Product: 膅浣렴赚䵜�燔㤶�噫懈奤겾༉似甠�즦쌫ᄑ⣎蓙Ḹ�ḉ贈嶧擮퇆䄂ꚇ홤懠햵蠵⧗�稕ۡ괖讓퓗軻�礸⫊�줻烔䜄쎽⯂駰轅瑠ꊉ宩줌㕺⚰
[  472.980013][ T5158] usb 4-1: Manufacturer: ࠌ
[  472.982854][T10742] XFS (loop4): Ending clean mount
[  473.003404][ T5158] usb 4-1: SerialNumber: syz
[  473.152154][ T5284] udevd[5284]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.16/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  473.248693][T10767] loop2: detected capacity change from 0 to 8192
[  473.279829][T10767] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  473.322019][T10702] chnl_net:caif_netlink_parms(): no params data found
[  473.433114][ T9986] XFS (loop4): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  473.525197][ T1058] hsr_slave_0: left promiscuous mode
[  473.537050][ T5158] usb 4-1: bad CDC descriptors
[  473.546109][ T1058] hsr_slave_1: left promiscuous mode
[  473.551216][ T5158] usb 4-1: USB disconnect, device number 11
[  473.594449][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  473.610637][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  473.636417][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  473.655225][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  473.784330][ T1058] veth1_macvtap: left promiscuous mode
[  473.805244][ T1058] veth0_macvtap: left promiscuous mode
[  473.839731][ T1058] veth1_vlan: left promiscuous mode
[  473.855365][ T1058] veth0_vlan: left promiscuous mode
[  474.162379][T10785] loop4: detected capacity change from 0 to 256
[  474.459717][ T5116] Bluetooth: hci0: command tx timeout
[  475.000668][ T5158] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  475.178297][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  475.236923][ T5158] usb 4-1: config 0 has an invalid interface number: 16 but max is 0
[  475.246875][ T5158] usb 4-1: config 0 has no interface number 0
[  475.256919][ T5158] usb 4-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee
[  475.284526][ T5158] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.298038][ T5158] usb 4-1: config 0 descriptor??
[  475.350194][ T1058] team0 (unregistering): Port device team_slave_0 removed
[  475.365391][T10801] loop4: detected capacity change from 0 to 2048
[  475.434959][T10801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  475.582187][ T5158] usb 4-1: USB disconnect, device number 12
[  476.448370][ T9986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.539667][ T5116] Bluetooth: hci0: command tx timeout
[  476.588011][T10773] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  476.658699][T10817] loop4: detected capacity change from 0 to 164
[  476.677919][T10817] Unable to read rock-ridge attributes
[  476.745153][T10817] netlink: 'syz.4.1714': attribute type 4 has an invalid length.
[  477.090696][T10702] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.099281][T10702] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.832263][T10702] bridge_slave_0: entered allmulticast mode
[  477.861943][T10702] bridge_slave_0: entered promiscuous mode
[  477.884951][T10702] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.909852][T10702] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.020474][T10841] loop4: detected capacity change from 0 to 1024
[  478.046256][T10702] bridge_slave_1: entered allmulticast mode
[  478.067162][T10702] bridge_slave_1: entered promiscuous mode
[  478.203232][T10702] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  478.252355][T10702] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  478.365494][T10702] team0: Port device team_slave_0 added
[  478.384170][T10702] team0: Port device team_slave_1 added
[  478.434825][T10852] geneve2: entered promiscuous mode
[  478.451292][T10852] geneve2: entered allmulticast mode
[  478.514621][T10855] loop0: detected capacity change from 0 to 512
[  478.523683][T10855] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  478.573376][T10702] batman_adv: batadv0: Adding interface: batadv_slave_0
[  478.580948][T10702] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.608374][T10702] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  478.634279][T10855] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.1727: iget: bad extended attribute block 19
[  478.668724][T10702] batman_adv: batadv0: Adding interface: batadv_slave_1
[  478.676407][T10702] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.676672][T10855] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1727: couldn't read orphan inode 15 (err -117)
[  478.709640][T10702] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  478.735223][T10855] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  478.882264][T10865] loop3: detected capacity change from 0 to 164
[  478.886983][ T9986] hfsplus: bad catalog entry type
[  478.895783][T10865] Unable to read rock-ridge attributes
[  478.928954][ T9986] hfsplus: bad catalog entry type
[  478.942073][T10702] hsr_slave_0: entered promiscuous mode
[  478.956206][T10134] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.040343][T10702] hsr_slave_1: entered promiscuous mode
[  479.062485][ T1058] hfsplus: b-tree write err: -5, ino 4
[  479.397118][T10865] netlink: 'syz.3.1730': attribute type 4 has an invalid length.
[  480.234604][ T1058] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.531022][ T1058] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.596965][T10891] loop0: detected capacity change from 0 to 512
[  480.631065][T10891] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  480.693294][ T1058] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.718997][T10891] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.1742: iget: bad extended attribute block 19
[  480.744596][T10891] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1742: couldn't read orphan inode 15 (err -117)
[  480.800563][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  480.815660][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  480.823544][T10891] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.840428][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  480.851487][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  480.866798][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  480.875754][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  480.981579][ T1058] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.025272][T10134] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.621596][T10918] batadv0: entered promiscuous mode
[  481.645886][T10918] vlan2: entered promiscuous mode
[  481.656003][T10918] vlan2: entered allmulticast mode
[  481.676601][T10918] batadv0: entered allmulticast mode
[  481.693940][T10918] batadv0: left allmulticast mode
[  481.707086][T10918] batadv0: left promiscuous mode
[  481.747086][ T1058] bridge_slave_1: left allmulticast mode
[  481.753154][ T1058] bridge_slave_1: left promiscuous mode
[  481.759028][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.771086][ T1058] bridge_slave_0: left allmulticast mode
[  481.776841][ T1058] bridge_slave_0: left promiscuous mode
[  481.787395][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.036320][ T5116] Bluetooth: hci1: command tx timeout
[  483.345826][T10962] netlink: 'syz.0.1769': attribute type 11 has an invalid length.
[  483.367930][T10962] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1769'.
[  483.499091][T10970] loop2: detected capacity change from 0 to 1024
[  483.515650][T10970] EXT4-fs: Ignoring removed nomblk_io_submit option
[  483.526574][T10970] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  483.553053][T10970] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  483.561544][T10970] System zones: 0-1, 3-36
[  483.561954][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  483.576886][T10970] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.618531][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  483.644414][ T1058] bond0 (unregistering): Released all slaves
[  483.650129][T10970] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1767: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  483.714560][T10970] xt_CT: You must specify a L4 protocol and not use inversions on it
[  483.740145][T10976] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  483.830318][T10702] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  483.875138][T10702] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  484.659035][ T9730] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.733038][T10702] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  484.784514][T10702] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  484.911313][T10999] netlink: 'syz.3.1779': attribute type 11 has an invalid length.
[  484.921869][T10999] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1779'.
[  485.099776][ T5116] Bluetooth: hci1: command tx timeout
[  485.155925][T10900] chnl_net:caif_netlink_parms(): no params data found
[  485.871150][ T1058] hsr_slave_0: left promiscuous mode
[  485.893414][ T1058] hsr_slave_1: left promiscuous mode
[  485.899249][T11008] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  485.919061][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  485.927827][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  485.945186][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  485.970595][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  486.066849][ T1058] veth1_macvtap: left promiscuous mode
[  486.083358][ T1058] veth0_macvtap: left promiscuous mode
[  486.089134][ T1058] veth1_vlan: left promiscuous mode
[  486.114554][ T1058] veth0_vlan: left promiscuous mode
[  486.139900][  T929] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  486.342648][  T929] usb 4-1: Using ep0 maxpacket: 16
[  486.351669][  T929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  486.387894][  T929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  486.398034][  T929] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  486.419207][  T929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.458092][  T929] usb 4-1: config 0 descriptor??
[  487.193662][ T5116] Bluetooth: hci1: command tx timeout
[  487.884191][  T929] usbhid 4-1:0.0: can't add hid device: -71
[  487.906400][  T929] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  487.951789][  T929] usb 4-1: USB disconnect, device number 13
[  488.884345][T11038] loop2: detected capacity change from 0 to 512
[  488.907821][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  488.958455][T11038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  488.984739][T11038] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  489.008313][T11047] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  489.027134][T11038] EXT4-fs error (device loop2): ext4_get_verity_descriptor_location:335: inode #15: comm syz.2.1791: verity file corrupted; can't find descriptor
[  489.065759][T11038] fs-verity (loop2, inode 15): Error -117 getting verity descriptor size
[  489.080870][ T1058] team0 (unregistering): Port device team_slave_0 removed
[  489.138897][ T9730] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.230944][T11052] loop2: detected capacity change from 0 to 512
[  489.251974][T11052] EXT4-fs: Ignoring removed bh option
[  489.269685][ T5116] Bluetooth: hci1: command tx timeout
[  489.326369][T11052] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  489.344512][ T9352] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  489.364321][T11052] EXT4-fs (loop2): 1 truncate cleaned up
[  489.384745][T11052] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  489.537772][ T9730] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.553899][ T9352] usb 4-1: Using ep0 maxpacket: 32
[  489.592307][ T9352] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  489.601601][ T9352] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.626531][ T9352] usb 4-1: config 0 descriptor??
[  489.649384][ T9352] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  490.327321][T11064] loop0: detected capacity change from 0 to 128
[  490.392919][T11064] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  490.408768][T10900] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.416536][T10900] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.424598][T10900] bridge_slave_0: entered allmulticast mode
[  490.433205][T10900] bridge_slave_0: entered promiscuous mode
[  490.434348][T11064] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  490.451750][T10900] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.459755][T10900] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.468272][T10900] bridge_slave_1: entered allmulticast mode
[  490.476214][T10900] bridge_slave_1: entered promiscuous mode
[  490.497549][T11064] fscrypt (loop0, inode 12): Unsupported encryption flags (0x08)
[  490.545318][T10900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.593838][T10134] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  490.607227][T10900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  490.769381][T10900] team0: Port device team_slave_0 added
[  490.829378][T10702] 8021q: adding VLAN 0 to HW filter on device bond0
[  490.871734][T10900] team0: Port device team_slave_1 added
[  491.047429][T10900] batman_adv: batadv0: Adding interface: batadv_slave_0
[  491.054731][T10900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.075119][T11077] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  491.097958][T10900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  491.121298][T10900] batman_adv: batadv0: Adding interface: batadv_slave_1
[  491.129333][T10900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.137109][ T9352] gspca_vc032x: reg_w err -71
[  491.166254][T10900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  491.186476][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.210232][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.216309][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.221856][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.227275][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.233089][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.234505][T10702] 8021q: adding VLAN 0 to HW filter on device team0
[  491.238477][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.250880][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.256186][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.268614][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.272007][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.281574][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  491.289679][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.298775][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.311520][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.320367][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.321583][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.325674][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.332836][ T5156] bridge0: port 2(bridge_slave_1) entered forwarding state
[  491.338969][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.382221][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.395611][ T9352] gspca_vc032x: I2c Bus Busy Wait 00
[  491.421929][ T9352] gspca_vc032x: Unknown sensor...
[  491.439632][ T9352] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[  491.468625][ T9352] usb 4-1: USB disconnect, device number 14
[  491.497628][T10900] hsr_slave_0: entered promiscuous mode
[  491.506324][T11085] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1804'.
[  491.517384][T10900] hsr_slave_1: entered promiscuous mode
[  491.525955][T10900] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  491.534631][T10900] Cannot create hsr debugfs directory
[  491.798491][T11092] Bluetooth: MGMT ver 1.23
[  491.814197][T10702] 8021q: adding VLAN 0 to HW filter on device batadv0
[  491.969383][T11094] loop3: detected capacity change from 0 to 4096
[  492.005032][T11094] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  492.029891][T10702] veth0_vlan: entered promiscuous mode
[  492.046384][T11094] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  492.055325][T10702] veth1_vlan: entered promiscuous mode
[  492.079456][T11094] ntfs3: loop3: Failed to load $MFT (-22).
[  492.134729][T10702] veth0_macvtap: entered promiscuous mode
[  492.167653][T10702] veth1_macvtap: entered promiscuous mode
[  492.195923][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  492.231550][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  492.249798][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  492.265027][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  492.275256][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  492.286769][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  492.299030][T10702] batman_adv: batadv0: Interface activated: batadv_slave_0
[  492.322965][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  492.338796][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  492.349108][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  492.359781][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  492.362966][T11101] loop3: detected capacity change from 0 to 4096
[  492.369705][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  492.369727][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  492.371356][T10702] batman_adv: batadv0: Interface activated: batadv_slave_1
[  492.385698][T11101] ntfs3: loop3: Unsupported bytes per MFT record 32768.
[  492.413717][T11101] ntfs3: loop3: try to read out of volume at offset 0x1ffe00
[  492.473883][T10702] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  492.483738][T10702] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  492.493424][T10702] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  492.502592][T10702] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  492.587075][T10900] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  492.600113][T10900] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  492.674597][T10900] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  492.704581][T10900] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  492.826031][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  492.855183][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  492.873882][T11111] loop3: detected capacity change from 0 to 128
[  492.943542][T11113] loop0: detected capacity change from 0 to 2048
[  492.965993][ T2445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  492.974945][T11113] EXT4-fs: Ignoring removed nobh option
[  493.001386][T11111] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  493.030969][ T2445] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  493.048296][T11113] ext4: Unknown parameter 'smackfshat'
[  493.100107][T11111] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  493.365951][T11111] syz.3.1813 (pid 11111) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  493.366347][T10900] 8021q: adding VLAN 0 to HW filter on device bond0
[  493.461750][T10900] 8021q: adding VLAN 0 to HW filter on device team0
[  493.546540][ T9352] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.553938][ T9352] bridge0: port 1(bridge_slave_0) entered forwarding state
[  493.625150][ T9958] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  493.670441][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.677800][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  493.910965][T11130] loop1: detected capacity change from 0 to 4096
[  493.954551][T11130] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  494.087304][T11130] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  494.106122][T11130] ntfs3: loop1: Failed to load $MFT (-22).
[  494.394654][T11147] loop1: detected capacity change from 0 to 2048
[  494.438574][T11147] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  494.452900][T11147] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  494.505086][T10702] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  494.515009][T11153] IPv6: addrconf: prefix option has invalid lifetime
[  494.644349][T11156] netlink: 'syz.0.1826': attribute type 21 has an invalid length.
[  494.673231][T11156] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1826'.
[  494.742734][T10900] 8021q: adding VLAN 0 to HW filter on device batadv0
[  494.826541][T11160] loop1: detected capacity change from 0 to 2048
[  494.847071][T11160] EXT4-fs: Ignoring removed nobh option
[  494.883885][T11160] ext4: Unknown parameter 'smackfshat'
[  495.346002][   T54] Bluetooth: hci5: sending frame failed (-49)
[  495.356554][ T5116] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  495.501067][T11187] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  495.509944][T11187] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  496.277639][T10900] veth0_vlan: entered promiscuous mode
[  496.475400][T11196] loop0: detected capacity change from 0 to 2048
[  496.481996][T10900] veth1_vlan: entered promiscuous mode
[  496.691418][T11196] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  496.744245][T10900] veth0_macvtap: entered promiscuous mode
[  496.750404][T11196] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  496.755498][T10900] veth1_macvtap: entered promiscuous mode
[  496.849408][T11200] loop1: detected capacity change from 0 to 164
[  496.865632][T11200] Unable to read rock-ridge attributes
[  496.873891][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  496.929165][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.959839][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  496.980052][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.005835][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  497.029565][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.039815][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  497.051888][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.064676][T10900] batman_adv: batadv0: Interface activated: batadv_slave_0
[  497.078858][T11200] netlink: 'syz.1.1837': attribute type 4 has an invalid length.
[  497.088038][T10134] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.143247][T11202] loop3: detected capacity change from 0 to 1024
[  497.157638][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.210669][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.238963][T11202] hfsplus: extend alloc file! (8192,65536,366)
[  497.242672][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.288034][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.304880][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.316615][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.358118][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.376173][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.426058][T10900] batman_adv: batadv0: Interface activated: batadv_slave_1
[  497.466445][T10900] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  497.485731][T10900] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  497.506284][T10900] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  497.534838][T10900] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  497.761696][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.800576][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.882512][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.906926][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.223458][T11218] loop2: detected capacity change from 0 to 256
[  498.973469][T11216] pim6reg1: entered promiscuous mode
[  498.978812][T11216] pim6reg1: entered allmulticast mode
[  499.140951][T11222] loop4: detected capacity change from 0 to 256
[  499.356902][T11232] loop1: detected capacity change from 0 to 4096
[  499.396809][T11232] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  499.545722][T11232] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  499.695395][T11245] IPv6: addrconf: prefix option has invalid lifetime
[  499.874099][T11249] loop2: detected capacity change from 0 to 164
[  499.936269][T11249] Unable to read rock-ridge attributes
[  500.120392][T11251] loop3: detected capacity change from 0 to 1764
[  500.558161][T11249] netlink: 'syz.2.1854': attribute type 4 has an invalid length.
[  500.578812][    C1] eth0: bad gso: type: 1, size: 1408
[  500.788774][T11256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1855'.
[  500.939842][   T54] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  500.952102][   T54] Bluetooth: hci0: Injecting HCI hardware error event
[  500.963518][ T5116] Bluetooth: hci0: hardware error 0x00
[  500.972962][T11261] loop3: detected capacity change from 0 to 512
[  501.003771][T11261] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  501.059324][T11261] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 not in group (block 2)!
[  501.115268][T11261] EXT4-fs (loop3): group descriptors corrupted!
[  501.910832][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  501.920106][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  502.516644][T11276] loop1: detected capacity change from 0 to 256
[  502.533081][T11275] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  502.720033][T11282] loop0: detected capacity change from 0 to 512
[  502.741495][T11282] EXT4-fs (loop0): failed to initialize system zone (-117)
[  502.765115][T11282] EXT4-fs (loop0): mount failed
[  502.945893][T11282] IPVS: Scheduler module ip_vs_sip not found
[  503.077295][T11296] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  503.101721][ T5116] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  503.318711][T11307] loop1: detected capacity change from 0 to 256
[  503.357390][T11307] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  504.287380][T11320] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  504.353349][T11321] loop2: detected capacity change from 0 to 512
[  504.368507][T11321] EXT4-fs: Ignoring removed nomblk_io_submit option
[  504.380489][T11321] EXT4-fs: old and new quota format mixing
[  504.519791][   T29] audit: type=1326 audit(1721300408.327:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11329 comm="syz.3.1883" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfee175b59 code=0x0
[  504.580715][T11331] block nbd4: shutting down sockets
[  504.632861][T11334] loop1: detected capacity change from 0 to 2048
[  504.646306][T11334] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  504.661611][T11336] bridge: RTM_NEWNEIGH with invalid state 0x0
[  504.716858][T11331] block nbd4: NBD_DISCONNECT
[  504.726573][T11331] block nbd4: Send disconnect failed -32
[  504.741111][T11331] block nbd4: Send disconnect failed -32
[  505.043185][T11351] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  505.043185][T11351] The task syz.0.1888 (11351) triggered the difference, watch for misbehavior.
[  505.047459][T11350] loop1: detected capacity change from 0 to 164
[  505.119407][T11350] Unable to read rock-ridge attributes
[  505.255071][T11350] netlink: 'syz.1.1890': attribute type 4 has an invalid length.
[  505.686732][T11360] syzkaller0: entered promiscuous mode
[  505.700436][T11360] syzkaller0: entered allmulticast mode
[  505.727216][ T2800] syzkaller0: tun_net_xmit 48
[  505.780451][T11360] syzkaller0: tun_net_xmit 1280
[  505.788813][T11360] syzkaller0: create flow: hash 2072909718 index 1
[  505.796988][T11366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1895'.
[  505.967030][T11368] loop1: detected capacity change from 0 to 512
[  505.984222][T11368] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.001728][T11368] EXT4-fs: old and new quota format mixing
[  506.106391][T11358] syzkaller0: delete flow: hash 2072909718 index 1
[  506.608259][   T29] audit: type=1326 audit(1721300410.417:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11378 comm="syz.3.1902" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfee175b59 code=0x0
[  507.746321][T11387] loop3: detected capacity change from 0 to 128
[  507.765599][T11387] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  507.794872][T11387] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  510.149223][T11403] loop3: detected capacity change from 0 to 1024
[  510.198403][T11403] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  510.374896][ T9958] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.269588][    C1] DEBUG: holding rtnl_mutex for 516 jiffies.
[  511.276174][    C1] task:syz.4.1893      state:R  running task     stack:24432 pid:11358 tgid:11358 ppid:10900  flags:0x00004006
[  511.288075][    C1] Call Trace:
[  511.291405][    C1]  <TASK>
[  511.294425][    C1]  __schedule+0x1800/0x4a60
[  511.299410][    C1]  ? __pfx___schedule+0x10/0x10
[  511.304358][    C1]  ? __pfx_lock_release+0x10/0x10
[  511.309416][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  511.315355][    C1]  ? schedule+0x90/0x320
[  511.319622][    C1]  schedule+0x14b/0x320
[  511.323775][    C1]  synchronize_rcu_expedited+0x684/0x830
[  511.329441][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  511.335628][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  511.340959][    C1]  ? __pfx___might_resched+0x10/0x10
[  511.346272][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  511.352294][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  511.358396][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  511.364797][    C1]  synchronize_rcu+0x11b/0x360
[  511.369718][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  511.375036][    C1]  lockdep_unregister_key+0x4b7/0x540
[  511.380455][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  511.386344][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  511.391748][    C1]  ? __qdisc_destroy+0x150/0x410
[  511.396976][    C1]  ? kfree+0x149/0x360
[  511.401056][    C1]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[  511.406653][    C1]  __qdisc_destroy+0x165/0x410
[  511.411567][    C1]  dev_shutdown+0x9b/0x450
[  511.415976][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[  511.422344][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  511.429124][    C1]  ? mark_lock+0x9a/0x360
[  511.433467][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  511.439899][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  511.446252][    C1]  ? trace_irq_enable+0x2c/0x120
[  511.451218][    C1]  ? queue_delayed_work_on+0x1eb/0x390
[  511.456715][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  511.461967][    C1]  unregister_netdevice_queue+0x303/0x370
[  511.467691][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  511.473951][    C1]  __tun_detach+0x6b9/0x1600
[  511.478562][    C1]  tun_chr_close+0x108/0x1b0
[  511.483163][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[  511.488261][    C1]  __fput+0x24a/0x8a0
[  511.492259][    C1]  task_work_run+0x24f/0x310
[  511.496877][    C1]  ? __pfx_task_work_run+0x10/0x10
[  511.502039][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[  511.507869][    C1]  syscall_exit_to_user_mode+0x168/0x370
[  511.513535][    C1]  do_syscall_64+0x100/0x230
[  511.518120][    C1]  ? clear_bhb_loop+0x35/0x90
[  511.522815][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.528724][    C1] RIP: 0033:0x7fbd5ad75b59
[  511.533166][    C1] RSP: 002b:00007ffc86bba248 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  511.541802][    C1] RAX: 0000000000000000 RBX: 000000000007b670 RCX: 00007fbd5ad75b59
[  511.550040][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  511.558137][    C1] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000001e86bba56f
[  511.566215][    C1] R10: 00007fbd5ac00000 R11: 0000000000000246 R12: 00007fbd5af03f6c
[  511.574261][    C1] R13: 0000000000000032 R14: 00007fbd5af05a60 R15: 00007fbd5af03f60
[  511.582445][    C1]  </TASK>
[  511.585520][    C1] DEBUG: waiting rtnl_mutex for 545 jiffies.
[  511.591582][    C1] task:kworker/1:4     state:D stack:22072 pid:5154  tgid:5154  ppid:2      flags:0x00004000
[  511.602260][    C1] Workqueue: events linkwatch_event
[  511.607507][    C1] Call Trace:
[  511.610865][    C1]  <TASK>
[  511.613828][    C1]  __schedule+0x1800/0x4a60
[  511.618397][    C1]  ? __pfx___schedule+0x10/0x10
[  511.623428][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  511.629585][    C1]  ? __pfx_lock_release+0x10/0x10
[  511.634693][    C1]  ? kick_pool+0x1bd/0x620
[  511.639294][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  511.644769][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  511.650128][    C1]  ? schedule+0x90/0x320
[  511.654790][    C1]  schedule+0x14b/0x320
[  511.658999][    C1]  schedule_preempt_disabled+0x13/0x30
[  511.664572][    C1]  __mutex_lock+0x6a4/0xd70
[  511.669143][    C1]  ? __mutex_lock+0x527/0xd70
[  511.673924][    C1]  ? linkwatch_event+0xe/0x60
[  511.678705][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  511.683947][    C1]  ? get_rtnl_holder+0x144/0x190
[  511.688952][    C1]  ? process_scheduled_works+0x945/0x1830
[  511.694768][    C1]  linkwatch_event+0xe/0x60
[  511.699309][    C1]  process_scheduled_works+0xa2c/0x1830
[  511.704967][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  511.708534][T11421] loop3: detected capacity change from 0 to 2048
[  511.711033][    C1]  ? assign_work+0x364/0x3d0
[  511.722137][    C1]  worker_thread+0x86d/0xd40
[  511.726838][    C1]  ? __kthread_parkme+0x169/0x1d0
[  511.730958][T11421] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  511.731916][    C1]  ? __pfx_worker_thread+0x10/0x10
[  511.745822][    C1]  kthread+0x2f0/0x390
[  511.749958][    C1]  ? __pfx_worker_thread+0x10/0x10
[  511.755115][    C1]  ? __pfx_kthread+0x10/0x10
[  511.759777][    C1]  ret_from_fork+0x4b/0x80
[  511.764284][    C1]  ? __pfx_kthread+0x10/0x10
[  511.768933][    C1]  ret_from_fork_asm+0x1a/0x30
[  511.773802][    C1]  </TASK>
[  511.776913][    C1] 
[  511.776913][    C1] Showing all locks held in the system:
[  511.784827][    C1] 2 locks held by getty/4856:
[  511.789557][    C1]  #0: ffff88802f3090a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  511.799404][    C1]  #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  511.809580][    C1] 3 locks held by kworker/1:4/5154:
[  511.814784][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  511.825805][    C1]  #1: ffffc9000445fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  511.836872][    C1]  #2: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  511.845876][    C1] 2 locks held by syz.4.1893/11358:
[  511.851085][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  511.860065][    C1]  #1: ffffffff8e33ce78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  511.870984][    C1] 2 locks held by syz.0.1903/11382:
[  511.876160][    C1]  #0: ffffffff8ee58488 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0
[  511.884889][    C1]  #1: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x78b/0x1cd0
[  511.893716][    C1] 1 lock held by syz.0.1903/11383:
[  511.898808][    C1]  #0: ffffffff8ee58488 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0
[  511.907553][    C1] 2 locks held by syz.3.1916/11420:
[  511.912775][    C1]  #0: ffff88807eea5608 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  511.922972][    C1]  #1: ffffffff8e33ce78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  511.933952][    C1] 
[  511.936263][    C1] =============================================
[  511.936263][    C1] 
[  512.094922][T11423] netlink: 'syz.4.1918': attribute type 1 has an invalid length.
[  512.102950][T11423] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.1918'.
[  512.407888][T11435] mmap: syz.0.1924 (11435) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  513.405592][T11444] netlink: 'syz.3.1929': attribute type 1 has an invalid length.
[  513.412518][T11446] loop0: detected capacity change from 0 to 128
[  513.417836][T11444] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.1929'.
[  513.532883][T11449] netlink: 'syz.3.1930': attribute type 3 has an invalid length.
[  513.638327][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  513.651230][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  513.663604][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  513.672175][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  513.681294][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  513.688684][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  513.923291][T11453] chnl_net:caif_netlink_parms(): no params data found
[  514.068069][T11453] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.075771][T11453] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.083059][T11453] bridge_slave_0: entered allmulticast mode
[  514.090307][T11453] bridge_slave_0: entered promiscuous mode
[  514.098154][T11453] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.106241][T11453] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.113676][T11453] bridge_slave_1: entered allmulticast mode
[  514.122341][T11453] bridge_slave_1: entered promiscuous mode
[  514.150646][T11453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  514.163528][T11453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  514.198513][T11453] team0: Port device team_slave_0 added
[  514.211308][T11453] team0: Port device team_slave_1 added
[  514.255496][T11453] batman_adv: batadv0: Adding interface: batadv_slave_0
[  514.262844][T11453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.292910][T11453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  514.306491][T11453] batman_adv: batadv0: Adding interface: batadv_slave_1
[  514.313809][T11453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.345621][T11453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  514.493993][ T1058] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  515.430393][ T1058] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  515.573816][T11453] hsr_slave_0: entered promiscuous mode
[  515.620173][T11453] hsr_slave_1: entered promiscuous mode
[  515.633556][ T5116] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  515.651194][ T5116] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  515.662247][ T5116] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  515.677059][ T5116] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  515.687682][T11482] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  515.687856][ T5116] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  515.699743][T11453] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  515.706685][ T5116] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  515.729055][T11453] Cannot create hsr debugfs directory
[  515.734751][ T5116] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  515.736190][T11482] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  515.742903][ T5116] Bluetooth: hci1: command tx timeout
[  515.756614][ T5116] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  515.757044][ T5103] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  515.800699][T10704] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  515.888509][ T1058] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  515.904399][T11477] netlink: 'syz.0.1940': attribute type 3 has an invalid length.
[  516.036313][ T1058] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.268013][T11453] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.407580][T11453] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.495830][ T1058] bridge_slave_1: left allmulticast mode
[  516.501935][ T1058] bridge_slave_1: left promiscuous mode
[  516.507655][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.517444][ T1058] bridge_slave_0: left allmulticast mode
[  516.524691][ T1058] bridge_slave_0: left promiscuous mode
[  516.532190][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  517.008272][ T5116] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  517.029299][ T5116] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  517.058524][ T5116] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  517.102171][ T5116] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  517.110631][ T5116] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  517.119979][ T5116] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  517.383653][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  517.397664][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  517.408425][ T1058] bond0 (unregistering): Released all slaves
[  517.419621][ T1058] bond1 (unregistering): Released all slaves
[  517.454889][T11453] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.694473][T11453] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.819800][   T54] Bluetooth: hci5: command tx timeout
[  517.820251][ T5116] Bluetooth: hci1: command tx timeout
[  517.872914][T11480] chnl_net:caif_netlink_parms(): no params data found
[  517.899717][ T5116] Bluetooth: hci4: command tx timeout
[  518.153522][T11478] chnl_net:caif_netlink_parms(): no params data found
[  518.184293][ T1058] hsr_slave_0: left promiscuous mode
[  518.190769][ T1058] hsr_slave_1: left promiscuous mode
[  518.209829][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  518.218767][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  518.237638][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  518.245413][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  518.271939][ T1058] veth1_macvtap: left promiscuous mode
[  518.277516][ T1058] veth0_macvtap: left promiscuous mode
[  518.285312][ T1058] veth1_vlan: left promiscuous mode
[  518.290840][ T1058] veth0_vlan: left promiscuous mode
[  518.333304][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  518.348937][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  518.361619][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  518.371488][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  518.385441][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  518.402555][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  519.043018][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  519.111374][ T1058] team0 (unregistering): Port device team_slave_0 removed
[  519.267718][   T54] Bluetooth: hci0: command tx timeout
[  519.861389][T11453] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  519.873994][T11453] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  519.893380][T11480] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.900797][   T54] Bluetooth: hci1: command tx timeout
[  519.906405][T11480] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.909894][   T54] Bluetooth: hci5: command 0x041b tx timeout
[  519.913748][T11480] bridge_slave_0: entered allmulticast mode
[  519.932811][T11480] bridge_slave_0: entered promiscuous mode
[  519.942993][T11480] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.950448][T11480] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.959146][T11480] bridge_slave_1: entered allmulticast mode
[  519.979640][T10704] Bluetooth: hci4: command tx timeout
[  519.985792][T11480] bridge_slave_1: entered promiscuous mode
[  520.024847][T11453] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  520.038387][T11453] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  520.167062][T11480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  520.216790][T11480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  520.227793][T11478] bridge0: port 1(bridge_slave_0) entered blocking state
[  520.235938][T11478] bridge0: port 1(bridge_slave_0) entered disabled state
[  520.243885][T11478] bridge_slave_0: entered allmulticast mode
[  520.251635][T11478] bridge_slave_0: entered promiscuous mode
[  520.260628][T11478] bridge0: port 2(bridge_slave_1) entered blocking state
[  520.272649][T11478] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.280706][T11478] bridge_slave_1: entered allmulticast mode
[  520.288308][T11478] bridge_slave_1: entered promiscuous mode
[  520.386977][T11480] team0: Port device team_slave_0 added
[  520.402514][T11480] team0: Port device team_slave_1 added
[  520.423697][T11478] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  520.438973][T11478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  520.463536][T10704] Bluetooth: hci2: command tx timeout
[  520.514197][T11480] batman_adv: batadv0: Adding interface: batadv_slave_0
[  520.529339][T11480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.558042][T11480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  520.604165][T11478] team0: Port device team_slave_0 added
[  520.615326][T11490] chnl_net:caif_netlink_parms(): no params data found
[  520.643524][T11478] team0: Port device team_slave_1 added
[  520.650278][T11480] batman_adv: batadv0: Adding interface: batadv_slave_1
[  520.657314][T11480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.684066][T11480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  520.799042][T11478] batman_adv: batadv0: Adding interface: batadv_slave_0
[  520.806273][T11478] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.832822][T11478] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  520.918338][T11478] batman_adv: batadv0: Adding interface: batadv_slave_1
[  520.925617][T11478] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.952854][T11478] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  521.049660][ T1058] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.094340][T11480] hsr_slave_0: entered promiscuous mode
[  521.102058][T11480] hsr_slave_1: entered promiscuous mode
[  521.117404][T11480] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  521.128788][T11480] Cannot create hsr debugfs directory
[  521.221557][ T1058] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.248498][T11500] chnl_net:caif_netlink_parms(): no params data found
[  521.274772][T11478] hsr_slave_0: entered promiscuous mode
[  521.292096][T11478] hsr_slave_1: entered promiscuous mode
[  521.298644][T11478] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  521.306678][T11478] Cannot create hsr debugfs directory
[  521.328579][T11490] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.336008][T11490] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.343262][T10704] Bluetooth: hci0: command tx timeout
[  521.345727][T11490] bridge_slave_0: entered allmulticast mode
[  521.361121][T11490] bridge_slave_0: entered promiscuous mode
[  521.406499][ T1058] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.446600][T11490] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.456213][T11490] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.465603][T11490] bridge_slave_1: entered allmulticast mode
[  521.472512][T11490] bridge_slave_1: entered promiscuous mode
[  521.550789][ T1058] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.632962][T11490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  521.703501][T11490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  521.725110][T11500] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.733436][T11500] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.742855][T11500] bridge_slave_0: entered allmulticast mode
[  521.750456][T11500] bridge_slave_0: entered promiscuous mode
[  521.812478][T11500] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.821365][T11500] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.828703][T11500] bridge_slave_1: entered allmulticast mode
[  521.835956][T11500] bridge_slave_1: entered promiscuous mode
[  521.874716][T11453] 8021q: adding VLAN 0 to HW filter on device bond0
[  521.897430][T11490] team0: Port device team_slave_0 added
[  521.908501][T11490] team0: Port device team_slave_1 added
[  521.930787][T11500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  521.947482][T11500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  521.981081][T10704] Bluetooth: hci1: command tx timeout
[  521.989889][T10704] Bluetooth: hci5: command 0x041b tx timeout
[  522.059804][T10704] Bluetooth: hci4: command tx timeout
[  522.128187][T11490] batman_adv: batadv0: Adding interface: batadv_slave_0
[  522.136004][T11490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  522.164246][T11490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  522.214170][T11453] 8021q: adding VLAN 0 to HW filter on device team0
[  522.245665][T11490] batman_adv: batadv0: Adding interface: batadv_slave_1
[  522.253185][T11490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  522.280872][T11490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  522.326728][T11500] team0: Port device team_slave_0 added
[  522.359078][T11500] team0: Port device team_slave_1 added
[  522.460952][ T1058] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.499366][  T927] bridge0: port 1(bridge_slave_0) entered blocking state
[  522.506497][  T927] bridge0: port 1(bridge_slave_0) entered forwarding state
[  522.541556][T10704] Bluetooth: hci2: command tx timeout
[  522.552269][T11490] hsr_slave_0: entered promiscuous mode
[  522.558755][T11490] hsr_slave_1: entered promiscuous mode
[  522.568116][T11490] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  522.575965][T11490] Cannot create hsr debugfs directory
[  522.586288][T11500] batman_adv: batadv0: Adding interface: batadv_slave_0
[  522.593992][T11500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  522.621980][T11500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  522.635150][T11500] batman_adv: batadv0: Adding interface: batadv_slave_1
[  522.642595][T11500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  522.668973][T11500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  522.707870][ T1058] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.845415][T11478] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.868758][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  522.876075][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  522.936801][ T1058] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.006324][T11478] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.080841][T11478] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.126011][ T1058] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.161953][T11500] hsr_slave_0: entered promiscuous mode
[  523.168755][T11500] hsr_slave_1: entered promiscuous mode
[  523.175613][T11500] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  523.189644][T11500] Cannot create hsr debugfs directory
[  523.242916][T11478] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.379415][T11453] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  523.419715][T10704] Bluetooth: hci0: command tx timeout
[  523.593043][ T1058] bridge_slave_1: left allmulticast mode
[  523.598721][ T1058] bridge_slave_1: left promiscuous mode
[  523.604917][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.614912][ T1058] bridge_slave_0: left allmulticast mode
[  523.621261][ T1058] bridge_slave_0: left promiscuous mode
[  523.626940][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.636934][ T1058] bridge_slave_1: left allmulticast mode
[  523.645122][ T1058] bridge_slave_1: left promiscuous mode
[  523.651086][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.661790][ T1058] bridge_slave_0: left allmulticast mode
[  523.667473][ T1058] bridge_slave_0: left promiscuous mode
[  523.675127][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.686458][ T1058] bridge_slave_1: left allmulticast mode
[  523.693464][ T1058] bridge_slave_1: left promiscuous mode
[  523.699259][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.708638][ T1058] bridge_slave_0: left allmulticast mode
[  523.714611][ T1058] bridge_slave_0: left promiscuous mode
[  523.726829][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[  524.060016][T10704] Bluetooth: hci5: command 0x041b tx timeout
[  524.145587][T10704] Bluetooth: hci4: command tx timeout
[  524.621003][T10704] Bluetooth: hci2: command tx timeout
[  524.996038][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  525.012888][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  525.025800][ T1058] bond0 (unregistering): Released all slaves
[  525.234438][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  525.246429][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  525.257132][ T1058] bond0 (unregistering): Released all slaves
[  525.460812][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  525.472840][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  525.484636][ T1058] bond0 (unregistering): Released all slaves
[  525.499906][T10704] Bluetooth: hci0: command tx timeout
[  525.608238][T11478] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  525.672936][T11478] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  525.702481][T11478] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  525.727813][T11478] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  525.922604][ T1058] IPVS: stopping master sync thread 10430 ...
[  525.941539][T11453] 8021q: adding VLAN 0 to HW filter on device batadv0
[  525.956478][T11480] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  525.974048][T11480] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  526.077117][T11480] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  526.097205][T11480] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  526.140496][T10704] Bluetooth: hci5: command 0x041b tx timeout
[  526.586748][T11478] 8021q: adding VLAN 0 to HW filter on device bond0
[  526.669379][T11480] 8021q: adding VLAN 0 to HW filter on device bond0
[  526.710091][T10704] Bluetooth: hci2: command tx timeout
[  526.774391][T11478] 8021q: adding VLAN 0 to HW filter on device team0
[  526.846732][ T5156] bridge0: port 1(bridge_slave_0) entered blocking state
[  526.853909][ T5156] bridge0: port 1(bridge_slave_0) entered forwarding state
[  526.906330][ T1058] hsr_slave_0: left promiscuous mode
[  526.912529][ T1058] hsr_slave_1: left promiscuous mode
[  526.918447][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  526.936501][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  526.945390][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  526.953465][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  526.965436][ T1058] hsr_slave_0: left promiscuous mode
[  526.974734][ T1058] hsr_slave_1: left promiscuous mode
[  526.982752][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  526.991752][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  526.999657][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  527.007102][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  527.017634][ T1058] hsr_slave_0: left promiscuous mode
[  527.023917][ T1058] hsr_slave_1: left promiscuous mode
[  527.035631][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  527.043129][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  527.051563][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  527.058982][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  527.118799][ T1058] veth1_macvtap: left promiscuous mode
[  527.127068][ T1058] veth0_macvtap: left promiscuous mode
[  527.133424][ T1058] veth1_vlan: left promiscuous mode
[  527.138830][ T1058] veth0_vlan: left promiscuous mode
[  527.145112][ T1058] veth1_macvtap: left promiscuous mode
[  527.151037][ T1058] veth0_macvtap: left promiscuous mode
[  527.156601][ T1058] veth1_vlan: left promiscuous mode
[  527.162813][ T1058] veth0_vlan: left promiscuous mode
[  527.168985][ T1058] veth1_macvtap: left promiscuous mode
[  527.174809][ T1058] veth0_macvtap: left promiscuous mode
[  527.180627][ T1058] veth1_vlan: left promiscuous mode
[  527.186083][ T1058] veth0_vlan: left promiscuous mode
[  528.068022][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  528.135076][ T1058] team0 (unregistering): Port device team_slave_0 removed
[  529.426145][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  529.502075][ T1058] team0 (unregistering): Port device team_slave_0 removed
[  530.838841][ T1058] team0 (unregistering): Port device team_slave_1 removed
[  530.903259][ T1058] team0 (unregistering): Port device team_slave_0 removed
[  531.621827][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.629066][ T5156] bridge0: port 2(bridge_slave_1) entered forwarding state
[  531.647194][T11480] 8021q: adding VLAN 0 to HW filter on device team0
[  531.687120][T11453] veth0_vlan: entered promiscuous mode
[  531.708947][T11453] veth1_vlan: entered promiscuous mode
[  531.802986][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.810369][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  531.832939][  T929] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.840270][  T929] bridge0: port 2(bridge_slave_1) entered forwarding state
[  532.018409][T11480] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  532.083003][T11453] veth0_macvtap: entered promiscuous mode
[  532.121916][T11453] veth1_macvtap: entered promiscuous mode
[  532.222121][T11453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.249892][T11453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.268227][T11453] batman_adv: batadv0: Interface activated: batadv_slave_0
[  532.281161][T11453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.294271][T11453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.305829][T11453] batman_adv: batadv0: Interface activated: batadv_slave_1
[  532.332376][T11453] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  532.349590][T11453] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  532.358330][T11453] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  532.375569][T11453] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  532.473243][T11490] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  532.544441][T11480] 8021q: adding VLAN 0 to HW filter on device batadv0
[  532.619432][T11490] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  532.645344][T11490] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  532.710870][T11478] 8021q: adding VLAN 0 to HW filter on device batadv0
[  532.734522][T11490] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  532.772964][T11480] veth0_vlan: entered promiscuous mode
[  532.889144][T11480] veth1_vlan: entered promiscuous mode
[  532.916596][ T2429] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  532.928463][ T2429] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  532.975495][T11500] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  532.986470][T11500] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  532.996739][T11500] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  533.047253][T11500] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  533.116859][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  533.121793][T11478] veth0_vlan: entered promiscuous mode
[  533.141139][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  533.197153][T11478] veth1_vlan: entered promiscuous mode
[  533.361765][T11480] veth0_macvtap: entered promiscuous mode
[  533.460497][T11480] veth1_macvtap: entered promiscuous mode
[  533.518169][T11500] 8021q: adding VLAN 0 to HW filter on device bond0
[  533.528191][T11478] veth0_macvtap: entered promiscuous mode
[  533.578733][T11490] 8021q: adding VLAN 0 to HW filter on device bond0
[  533.594925][T11478] veth1_macvtap: entered promiscuous mode
[  533.613698][T11500] 8021q: adding VLAN 0 to HW filter on device team0
[  533.626245][T11545] loop4: detected capacity change from 0 to 256
[  533.666559][ T5158] bridge0: port 1(bridge_slave_0) entered blocking state
[  533.673887][ T5158] bridge0: port 1(bridge_slave_0) entered forwarding state
[  533.686117][T11545] FAT-fs (loop4): Directory bread(block 64) failed
[  533.686999][ T5158] bridge0: port 2(bridge_slave_1) entered blocking state
[  533.693433][T11545] FAT-fs (loop4): Directory bread(block 65) failed
[  533.699822][ T5158] bridge0: port 2(bridge_slave_1) entered forwarding state
[  533.712619][T11490] 8021q: adding VLAN 0 to HW filter on device team0
[  533.716371][T11545] FAT-fs (loop4): Directory bread(block 66) failed
[  533.728210][T11545] FAT-fs (loop4): Directory bread(block 67) failed
[  533.734253][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  533.735348][T11545] FAT-fs (loop4): Directory bread(block 68) failed
[  533.748496][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  533.759642][T11545] FAT-fs (loop4): Directory bread(block 69) failed
[  533.762221][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  533.768979][T11545] FAT-fs (loop4): Directory bread(block 70) failed
[  533.782960][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  533.796192][T11545] FAT-fs (loop4): Directory bread(block 71) failed
[  533.803703][T11545] FAT-fs (loop4): Directory bread(block 72) failed
[  533.804545][T11478] batman_adv: batadv0: Interface activated: batadv_slave_0
[  533.810779][T11545] FAT-fs (loop4): Directory bread(block 73) failed
[  533.834853][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  533.846022][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  533.856505][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  533.868375][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  533.878537][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  533.891390][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  533.903084][T11480] batman_adv: batadv0: Interface activated: batadv_slave_0
[  533.923566][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  533.939731][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  533.951127][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  533.962115][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  533.976643][T11478] batman_adv: batadv0: Interface activated: batadv_slave_1
[  533.985136][    C1] eth0: bad gso: type: 1, size: 1408
[  534.004970][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  534.019412][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  534.030395][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  534.041276][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  534.052188][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  534.066043][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  534.097194][T11480] batman_adv: batadv0: Interface activated: batadv_slave_1
[  534.123927][ T5158] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.131339][ T5158] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.153316][T11478] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  534.166704][T11478] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  534.176723][T11478] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  534.185594][T11478] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  534.207450][T11549] netlink: 87 bytes leftover after parsing attributes in process `syz.4.1951'.
[  534.218722][T11480] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  534.236571][T11480] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  534.245910][T11480] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  534.262965][T11480] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  534.282187][  T929] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.289359][  T929] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.356149][T11553] loop4: detected capacity change from 0 to 24
[  534.359410][T11500] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  534.375064][T11553] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  534.419844][T11553] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  534.533659][T11553] VFS: Lookup of 'file0' in romfs loop4 would have caused loop
[  534.747050][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  534.771217][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  534.791358][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  534.799388][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  534.868940][T11564] loop4: detected capacity change from 0 to 256
[  534.926876][T11564] FAT-fs (loop4): Directory bread(block 64) failed
[  534.967774][T11564] FAT-fs (loop4): Directory bread(block 65) failed
[  534.992604][T11564] FAT-fs (loop4): Directory bread(block 66) failed
[  534.997012][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  534.999255][T11564] FAT-fs (loop4): Directory bread(block 67) failed
[  535.036502][T11564] FAT-fs (loop4): Directory bread(block 68) failed
[  535.039070][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  535.059453][T11564] FAT-fs (loop4): Directory bread(block 69) failed
[  535.086182][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  535.099811][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  535.106256][T11564] FAT-fs (loop4): Directory bread(block 70) failed
[  535.127239][T11490] 8021q: adding VLAN 0 to HW filter on device batadv0
[  535.129862][T11564] FAT-fs (loop4): Directory bread(block 71) failed
[  535.138769][T11500] 8021q: adding VLAN 0 to HW filter on device batadv0
[  535.147816][T11564] FAT-fs (loop4): Directory bread(block 72) failed
[  535.170434][T11564] FAT-fs (loop4): Directory bread(block 73) failed
[  535.333654][T11564] syz.4.1955: attempt to access beyond end of device
[  535.333654][T11564] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  535.355519][T11500] veth0_vlan: entered promiscuous mode
[  535.364886][T11564] syz.4.1955: attempt to access beyond end of device
[  535.364886][T11564] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256
[  535.406761][T11500] veth1_vlan: entered promiscuous mode
[  535.453559][   T29] audit: type=1800 audit(1721300439.257:154): pid=11564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1955" name="memory.events" dev="loop4" ino=1048786 res=0 errno=0
[  535.477720][T11490] veth0_vlan: entered promiscuous mode
[  535.514794][T11490] veth1_vlan: entered promiscuous mode
[  535.657024][T11500] veth0_macvtap: entered promiscuous mode
[  535.712762][T11500] veth1_macvtap: entered promiscuous mode
[  535.750087][T11490] veth0_macvtap: entered promiscuous mode
[  535.757442][T11580] netlink: 87 bytes leftover after parsing attributes in process `syz.4.1958'.
[  535.785132][T11490] veth1_macvtap: entered promiscuous mode
[  535.848925][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.890278][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.901552][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.912514][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.922529][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.934846][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.954874][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.966743][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.998267][T11500] batman_adv: batadv0: Interface activated: batadv_slave_0
[  536.017484][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.043395][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.067319][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.078041][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.108965][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.131757][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.161367][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.172814][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.204059][T11500] batman_adv: batadv0: Interface activated: batadv_slave_1
[  536.226145][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.278713][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.309619][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.321037][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.331118][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.366554][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.388744][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.406073][T11605] tipc: Can't bind to reserved service type 0
[  536.419612][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.444265][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.465694][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.486752][T11490] batman_adv: batadv0: Interface activated: batadv_slave_0
[  536.503373][T11605] loop4: detected capacity change from 0 to 4096
[  536.516832][T11500] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  536.528162][T11500] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  536.543368][T11500] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  536.553132][T11500] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  536.557933][T11605] NILFS (loop4): unsupported revision (superblock rev.=1.0, current rev.=2.0). Please check the version of mkfs.nilfs(2).
[  536.564841][T11607] netlink: 87 bytes leftover after parsing attributes in process `syz.3.1970'.
[  536.628377][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.688509][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.791467][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.827990][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.874846][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.903037][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.913630][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.925055][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.935332][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.947087][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.508520][T11490] batman_adv: batadv0: Interface activated: batadv_slave_1
[  537.786612][T11490] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  537.798982][T11490] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  537.807842][T11490] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  537.816808][T11490] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  538.047252][ T2800] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.053151][T11628] loop3: detected capacity change from 0 to 2048
[  538.089746][ T2800] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.155859][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.174760][T11628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  538.205159][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.267790][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.303480][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.326428][T11628] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  538.345915][T11641] loop2: detected capacity change from 0 to 128
[  538.347416][   T29] audit: type=1800 audit(1721300442.137:155): pid=11628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1977" name="bus" dev="loop3" ino=18 res=0 errno=0
[  538.428776][   T29] audit: type=1800 audit(1721300442.237:156): pid=11641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1980" name="bus" dev="loop2" ino=1048788 res=0 errno=0
[  538.505361][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.525180][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.533081][T11480] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  539.001715][T11660] macvlan2: entered allmulticast mode
[  539.050764][T11660] geneve1: entered promiscuous mode
[  539.056808][T11660] geneve1: entered allmulticast mode
[  539.127473][T10704] Bluetooth: Wrong link type (-71)
[  539.133335][T10704] Bluetooth: Unknown BR/EDR signaling command 0x00
[  539.140120][T10704] Bluetooth: Wrong link type (-22)
[  539.174661][T11660] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  539.956999][    C1] eth0: bad gso: type: 1, size: 1408
[  540.021412][T11676] loop1: detected capacity change from 0 to 128
[  540.072628][   T29] audit: type=1800 audit(1721300443.877:157): pid=11676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1991" name="bus" dev="loop1" ino=1048799 res=0 errno=0
[  542.006271][T11707] syzkaller0: entered promiscuous mode
[  542.015816][T11707] syzkaller0: entered allmulticast mode
[  542.976890][T11721] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2006'.
[  543.012295][T11721] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  543.064019][T11687] loop4: detected capacity change from 0 to 32768
[  543.212557][T10704] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  543.230281][T10704] Bluetooth: hci1: Injecting HCI hardware error event
[  543.242763][T10704] Bluetooth: hci1: hardware error 0x00
[  545.339927][T10704] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  545.768236][T11749] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2018'.
[  545.779984][T11749] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  547.342861][    C1] DEBUG: holding rtnl_mutex for 532 jiffies.
[  547.348948][    C1] task:syz.3.2003      state:D stack:24672 pid:11704 tgid:11704 ppid:11480  flags:0x00004006
[  547.359256][    C1] Call Trace:
[  547.362560][    C1]  <TASK>
[  547.365533][    C1]  __schedule+0x1800/0x4a60
[  547.370074][    C1]  ? __pfx___schedule+0x10/0x10
[  547.375093][    C1]  ? __pfx_lock_release+0x10/0x10
[  547.380269][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  547.386350][    C1]  ? schedule+0x90/0x320
[  547.390768][    C1]  schedule+0x14b/0x320
[  547.394959][    C1]  synchronize_rcu_expedited+0x684/0x830
[  547.401125][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  547.407406][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  547.412726][    C1]  ? __pfx___might_resched+0x10/0x10
[  547.418030][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  547.424046][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  547.430152][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  547.436539][    C1]  synchronize_rcu+0x11b/0x360
[  547.441344][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  547.446630][    C1]  lockdep_unregister_key+0x4b7/0x540
[  547.452146][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  547.458054][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  547.463369][    C1]  ? __qdisc_destroy+0x150/0x410
[  547.468508][    C1]  ? kfree+0x149/0x360
[  547.472683][    C1]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[  547.478333][    C1]  __qdisc_destroy+0x165/0x410
[  547.483135][    C1]  dev_shutdown+0x9b/0x450
[  547.487543][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[  547.493937][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  547.500763][    C1]  ? mark_lock+0x9a/0x360
[  547.505144][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  547.511462][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  547.517872][    C1]  ? __queue_work+0x199/0xf50
[  547.522605][    C1]  ? queue_delayed_work_on+0x1eb/0x390
[  547.528086][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  547.533319][    C1]  unregister_netdevice_queue+0x303/0x370
[  547.539061][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  547.545348][    C1]  __tun_detach+0x6b9/0x1600
[  547.550033][    C1]  tun_chr_close+0x108/0x1b0
[  547.554675][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[  547.559846][    C1]  __fput+0x24a/0x8a0
[  547.564015][    C1]  task_work_run+0x24f/0x310
[  547.569053][    C1]  ? __pfx_task_work_run+0x10/0x10
[  547.574277][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[  547.580017][    C1]  syscall_exit_to_user_mode+0x168/0x370
[  547.585796][    C1]  do_syscall_64+0x100/0x230
[  547.590425][    C1]  ? clear_bhb_loop+0x35/0x90
[  547.595096][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.601020][    C1] RIP: 0033:0x7efd25575b59
[  547.605434][    C1] RSP: 002b:00007fff5b33d8d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  547.613898][    C1] RAX: 0000000000000000 RBX: 00007efd25705a60 RCX: 00007efd25575b59
[  547.621913][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  547.629942][    C1] RBP: 00007efd25705a60 R08: 00007efd24c01000 R09: 000000095b33dbff
[  547.637953][    C1] R10: 00000000003ffd20 R11: 0000000000000246 R12: 0000000000084558
[  547.645936][    C1] R13: 0000000000000032 R14: 00007efd25705a60 R15: 00007efd25704110
[  547.653958][    C1]  </TASK>
[  547.656963][    C1] DEBUG: waiting rtnl_mutex for 562 jiffies.
[  547.662952][    C1] task:kworker/0:4     state:D stack:21680 pid:5152  tgid:5152  ppid:2      flags:0x00004000
[  547.673287][    C1] Workqueue: events linkwatch_event
[  547.678523][    C1] Call Trace:
[  547.681843][    C1]  <TASK>
[  547.684792][    C1]  __schedule+0x1800/0x4a60
[  547.689387][    C1]  ? __pfx___schedule+0x10/0x10
[  547.694378][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  547.700410][    C1]  ? __pfx_lock_release+0x10/0x10
[  547.705496][    C1]  ? kick_pool+0x1bd/0x620
[  547.709963][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  547.715158][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  547.720410][    C1]  ? schedule+0x90/0x320
[  547.724665][    C1]  schedule+0x14b/0x320
[  547.728810][    C1]  schedule_preempt_disabled+0x13/0x30
[  547.734294][    C1]  __mutex_lock+0x6a4/0xd70
[  547.738786][    C1]  ? __mutex_lock+0x527/0xd70
[  547.743487][    C1]  ? linkwatch_event+0xe/0x60
[  547.748155][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  547.753211][    C1]  ? get_rtnl_holder+0x144/0x190
[  547.758139][    C1]  ? process_scheduled_works+0x945/0x1830
[  547.763874][    C1]  linkwatch_event+0xe/0x60
[  547.768388][    C1]  process_scheduled_works+0xa2c/0x1830
[  547.773997][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  547.780056][    C1]  ? assign_work+0x364/0x3d0
[  547.784693][    C1]  worker_thread+0x86d/0xd40
[  547.789281][    C1]  ? __kthread_parkme+0x169/0x1d0
[  547.794360][    C1]  ? __pfx_worker_thread+0x10/0x10
[  547.799535][    C1]  kthread+0x2f0/0x390
[  547.803635][    C1]  ? __pfx_worker_thread+0x10/0x10
[  547.808761][    C1]  ? __pfx_kthread+0x10/0x10
[  547.813441][    C1]  ret_from_fork+0x4b/0x80
[  547.817940][    C1]  ? __pfx_kthread+0x10/0x10
[  547.822547][    C1]  ret_from_fork_asm+0x1a/0x30
[  547.827315][    C1]  </TASK>
[  547.830362][    C1] DEBUG: waiting rtnl_mutex for 580 jiffies.
[  547.836385][    C1] task:kworker/u8:5    state:D stack:19792 pid:1058  tgid:1058  ppid:2      flags:0x00004000
[  547.846600][    C1] Workqueue: ipv6_addrconf addrconf_dad_work
[  547.852642][    C1] Call Trace:
[  547.855921][    C1]  <TASK>
[  547.858838][    C1]  __schedule+0x1800/0x4a60
[  547.863373][    C1]  ? __pfx___schedule+0x10/0x10
[  547.868242][    C1]  ? __pfx_lock_release+0x10/0x10
[  547.873283][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  547.878730][    C1]  ? kthread_data+0x52/0xd0
[  547.883259][    C1]  ? schedule+0x90/0x320
[  547.887531][    C1]  ? wq_worker_sleeping+0x66/0x240
[  547.892662][    C1]  ? schedule+0x90/0x320
[  547.896894][    C1]  schedule+0x14b/0x320
[  547.901183][    C1]  schedule_preempt_disabled+0x13/0x30
[  547.906895][    C1]  __mutex_lock+0x6a4/0xd70
[  547.911440][    C1]  ? mark_lock+0x9a/0x360
[  547.915862][    C1]  ? __mutex_lock+0x527/0xd70
[  547.920585][    C1]  ? addrconf_dad_work+0xd0/0x16f0
[  547.925700][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  547.930805][    C1]  ? get_rtnl_holder+0x144/0x190
[  547.935789][    C1]  addrconf_dad_work+0xd0/0x16f0
[  547.940833][    C1]  ? __pfx_addrconf_dad_work+0x10/0x10
[  547.946392][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  547.952950][    C1]  ? process_scheduled_works+0x945/0x1830
[  547.958663][    C1]  process_scheduled_works+0xa2c/0x1830
[  547.964241][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  547.970329][    C1]  ? assign_work+0x364/0x3d0
[  547.974912][    C1]  worker_thread+0x86d/0xd40
[  547.979609][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  547.985645][    C1]  ? __kthread_parkme+0x169/0x1d0
[  547.990733][    C1]  ? __pfx_worker_thread+0x10/0x10
[  547.995889][    C1]  kthread+0x2f0/0x390
[  548.000041][    C1]  ? __pfx_worker_thread+0x10/0x10
[  548.005170][    C1]  ? __pfx_kthread+0x10/0x10
[  548.009797][    C1]  ret_from_fork+0x4b/0x80
[  548.014244][    C1]  ? __pfx_kthread+0x10/0x10
[  548.018877][    C1]  ret_from_fork_asm+0x1a/0x30
[  548.023677][    C1]  </TASK>
[  548.026685][    C1] 
[  548.026685][    C1] Showing all locks held in the system:
[  548.034434][    C1] 3 locks held by kworker/u8:5/1058:
[  548.039724][    C1]  #0: ffff88802989e948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  548.051334][    C1]  #1: ffffc9000451fd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  548.064136][    C1]  #2: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  548.073593][    C1] 4 locks held by kworker/u8:10/2800:
[  548.078952][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  548.089885][    C1]  #1: ffffc90009c1fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  548.100469][    C1]  #2: ffffffff8f5fced0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  548.109884][    C1]  #3: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0
[  548.119222][    C1] 2 locks held by getty/4856:
[  548.124029][    C1]  #0: ffff88802f3090a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  548.133887][    C1]  #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  548.144087][    C1] 3 locks held by kworker/0:4/5152:
[  548.149525][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  548.160891][    C1]  #1: ffffc9000442fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  548.171971][    C1]  #2: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  548.180955][    C1] 2 locks held by syz.3.2003/11704:
[  548.186157][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  548.195322][    C1]  #1: ffffffff8e33ce78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  548.206403][    C1] 1 lock held by syz.0.2007/11729:
[  548.211645][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  548.221156][    C1] 1 lock held by syz.2.2012/11733:
[  548.226505][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  548.235983][    C1] 1 lock held by syz.4.2009/11735:
[  548.241153][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[  548.250034][    C1] 1 lock held by syz.1.2020/11753:
[  548.255164][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: raw_setsockopt+0xa89/0x1a80
[  548.264479][    C1] 1 lock held by syz.1.2020/11754:
[  548.269655][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: raw_setsockopt+0xe6d/0x1a80
[  548.278887][    C1] 1 lock held by syz.1.2020/11755:
[  548.284064][    C1]  #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: raw_bind+0x99/0x770
[  548.292789][    C1] 
[  548.295136][    C1] =============================================
[  548.295136][    C1] 
[  549.599244][T11774] loop4: detected capacity change from 0 to 256
[  549.626058][T11774] exfat: Unknown parameter 'ÿÿ'
[  549.702165][T11778] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2028'.
[  549.721762][  T929] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  549.968098][  T929] usb 2-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  550.013168][  T929] usb 2-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[  550.091039][T11785] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2028'.
[  550.315468][T11768] ==================================================================
[  550.323578][T11768] BUG: KASAN: slab-use-after-free in handle_mm_fault+0x14f0/0x19a0
[  550.331512][T11768] Read of size 8 at addr ffff88802b8e4308 by task syz.2.2021/11768
[  550.339434][T11768] 
[  550.341786][T11768] CPU: 1 UID: 0 PID: 11768 Comm: syz.2.2021 Not tainted 6.10.0-next-20240718-syzkaller #0
[  550.351755][T11768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  550.361847][T11768] Call Trace:
[  550.365165][T11768]  <TASK>
[  550.368096][T11768]  dump_stack_lvl+0x241/0x360
[  550.372808][T11768]  ? __pfx_dump_stack_lvl+0x10/0x10
[  550.378030][T11768]  ? __pfx__printk+0x10/0x10
[  550.382634][T11768]  ? _printk+0xd5/0x120
[  550.386797][T11768]  ? __virt_addr_valid+0x183/0x530
[  550.391918][T11768]  ? __virt_addr_valid+0x183/0x530
[  550.397060][T11768]  print_report+0x169/0x550
[  550.401571][T11768]  ? __virt_addr_valid+0x183/0x530
[  550.406718][T11768]  ? __virt_addr_valid+0x183/0x530
[  550.411835][T11768]  ? __virt_addr_valid+0x45f/0x530
[  550.416960][T11768]  ? __phys_addr+0xba/0x170
[  550.421475][T11768]  ? handle_mm_fault+0x14f0/0x19a0
[  550.426597][T11768]  kasan_report+0x143/0x180
[  550.431108][T11768]  ? handle_mm_fault+0x14f0/0x19a0
[  550.436242][T11768]  handle_mm_fault+0x14f0/0x19a0
[  550.441205][T11768]  ? __pfx_handle_mm_fault+0x10/0x10
[  550.446499][T11768]  ? lock_vma_under_rcu+0x592/0x6e0
[  550.451715][T11768]  ? exc_page_fault+0x113/0x8c0
[  550.456587][T11768]  exc_page_fault+0x459/0x8c0
[  550.461276][T11768]  asm_exc_page_fault+0x26/0x30
[  550.466136][T11768] RIP: 0033:0x7fa608e3911e
[  550.470558][T11768] Code: e9 5d fe ff ff 0f 1f 80 00 00 00 00 48 89 7c 24 f0 48 89 74 24 e8 48 89 54 24 e0 48 8b 4c 24 f0 48 8b 54 24 e8 48 8b 74 24 e0 <8b> 41 40 23 81 00 01 00 00 f3 0f 6f 06 c1 e0 06 48 01 d0 0f 11 00
[  550.490184][T11768] RSP: 002b:00007fa609d8e038 EFLAGS: 00010212
[  550.493104][  T929] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  550.496339][T11768] RAX: 00007fa608e39100 RBX: 00007fa609104038 RCX: 0000000020400000
[  550.505401][  T929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.513305][T11768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020400000
[  550.513330][T11768] RBP: 00007fa608fe4e5d R08: 0000000000000000 R09: 0000000000000000
[  550.513342][T11768] R10: 0000000020400000 R11: 0000000000000000 R12: 0000000000000000
[  550.513353][T11768] R13: 000000000000006e R14: 00007fa609104038 R15: 00007ffcb3f11a98
[  550.513374][T11768]  </TASK>
[  550.513382][T11768] 
[  550.513387][T11768] Allocated by task 11763:
[  550.513397][T11768]  kasan_save_track+0x3f/0x80
[  550.513425][T11768]  __kasan_slab_alloc+0x66/0x80
[  550.573183][T11768]  kmem_cache_alloc_noprof+0x135/0x2a0
[  550.578665][T11768]  vm_area_alloc+0x24/0x1d0
[  550.583193][T11768]  mmap_region+0xc3d/0x2090
[  550.587718][T11768]  do_mmap+0x8f9/0x1010
[  550.591893][T11768]  vm_mmap_pgoff+0x1dd/0x3d0
[  550.596509][T11768]  do_syscall_64+0xf3/0x230
[  550.601044][T11768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.606971][T11768] 
[  550.609304][T11768] Freed by task 2800:
[  550.613315][T11768]  kasan_save_track+0x3f/0x80
[  550.618014][T11768]  kasan_save_free_info+0x40/0x50
[  550.623053][T11768]  poison_slab_object+0xe0/0x150
[  550.628186][T11768]  __kasan_slab_free+0x37/0x60
[  550.632973][T11768]  kmem_cache_free+0x145/0x350
[  550.637764][T11768]  rcu_core+0xafd/0x1830
[  550.642040][T11768]  handle_softirqs+0x2c4/0x970
[  550.646824][T11768]  __irq_exit_rcu+0xf4/0x1c0
[  550.651418][T11768]  irq_exit_rcu+0x9/0x30
[  550.655662][T11768]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  550.661291][T11768]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  550.667267][T11768] 
[  550.669581][T11768] Last potentially related work creation:
[  550.675383][T11768]  kasan_save_stack+0x3f/0x60
[  550.680078][T11768]  __kasan_record_aux_stack+0xac/0xc0
[  550.685455][T11768]  call_rcu+0x167/0xa70
[  550.689603][T11768]  vma_complete+0x98a/0xb60
[  550.694096][T11768]  vma_merge+0x1d9b/0x2690
[  550.698502][T11768]  vma_modify+0xb8/0x350
[  550.702734][T11768]  userfaultfd_release+0x413/0x900
[  550.707835][T11768]  __fput+0x24a/0x8a0
[  550.711901][T11768]  task_work_run+0x24f/0x310
[  550.716488][T11768]  syscall_exit_to_user_mode+0x168/0x370
[  550.722114][T11768]  do_syscall_64+0x100/0x230
[  550.726700][T11768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.732586][T11768] 
[  550.734904][T11768] The buggy address belongs to the object at ffff88802b8e42e8
[  550.734904][T11768]  which belongs to the cache vm_area_struct of size 184
[  550.749290][T11768] The buggy address is located 32 bytes inside of
[  550.749290][T11768]  freed 184-byte region [ffff88802b8e42e8, ffff88802b8e43a0)
[  550.763074][T11768] 
[  550.765386][T11768] The buggy address belongs to the physical page:
[  550.771819][T11768] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b8e4
[  550.780584][T11768] memcg:ffff888063026701
[  550.784808][T11768] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  550.791911][T11768] page_type: 0xfdffffff(slab)
[  550.796606][T11768] raw: 00fff00000000000 ffff888015eefb40 ffffea0001964540 dead000000000008
[  550.805180][T11768] raw: 0000000000000000 0000000000100010 00000001fdffffff ffff888063026701
[  550.813745][T11768] page dumped because: kasan: bad access detected
[  550.820153][T11768] page_owner tracks the page as allocated
[  550.825852][T11768] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8798, tgid 8798 (syz-executor), ts 355483907050, free_ts 355483234949
[  550.845223][T11768]  post_alloc_hook+0x1f3/0x230
[  550.850000][T11768]  get_page_from_freelist+0x2ccb/0x2d80
[  550.855539][T11768]  __alloc_pages_noprof+0x256/0x6c0
[  550.860727][T11768]  alloc_slab_page+0x5f/0x120
[  550.865423][T11768]  allocate_slab+0x5a/0x2f0
[  550.870013][T11768]  ___slab_alloc+0xcd1/0x14b0
[  550.874877][T11768]  __slab_alloc+0x58/0xa0
[  550.879198][T11768]  kmem_cache_alloc_noprof+0x1c1/0x2a0
[  550.884658][T11768]  vm_area_dup+0x27/0x290
[  550.888990][T11768]  copy_mm+0xc7b/0x1f30
[  550.893159][T11768]  copy_process+0x186b/0x3d90
[  550.897836][T11768]  kernel_clone+0x226/0x8f0
[  550.902337][T11768]  __x64_sys_clone+0x258/0x2a0
[  550.907211][T11768]  do_syscall_64+0xf3/0x230
[  550.911711][T11768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.917616][T11768] page last free pid 8798 tgid 8798 stack trace:
[  550.924210][T11768]  free_unref_page+0xd22/0xea0
[  550.928993][T11768]  vfree+0x186/0x2e0
[  550.932881][T11768]  __do_replace+0x874/0xa50
[  550.937391][T11768]  do_ip6t_set_ctl+0xf11/0x1270
[  550.942235][T11768]  nf_setsockopt+0x295/0x2c0
[  550.946818][T11768]  do_sock_setsockopt+0x3af/0x720
[  550.951836][T11768]  __sys_setsockopt+0x1ae/0x250
[  550.956673][T11768]  __x64_sys_setsockopt+0xb5/0xd0
[  550.961688][T11768]  do_syscall_64+0xf3/0x230
[  550.966186][T11768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.972077][T11768] 
[  550.974386][T11768] Memory state around the buggy address:
[  550.979999][T11768]  ffff88802b8e4200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.988054][T11768]  ffff88802b8e4280: 00 00 00 00 00 fc fc fc fc fc fc fc fc fa fb fb
[  550.996109][T11768] >ffff88802b8e4300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  551.004191][T11768]                       ^
[  551.008534][T11768]  ffff88802b8e4380: fb fb fb fb fc fc fc fc fc fc fc fc 00 00 00 00
[  551.016609][T11768]  ffff88802b8e4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  551.024756][T11768] ==================================================================
[  551.071562][T11768] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  551.078794][T11768] CPU: 0 UID: 0 PID: 11768 Comm: syz.2.2021 Not tainted 6.10.0-next-20240718-syzkaller #0
[  551.088710][T11768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  551.098795][T11768] Call Trace:
[  551.102263][T11768]  <TASK>
[  551.105201][T11768]  dump_stack_lvl+0x241/0x360
[  551.109905][T11768]  ? __pfx_dump_stack_lvl+0x10/0x10
[  551.115120][T11768]  ? __pfx__printk+0x10/0x10
[  551.119745][T11768]  ? preempt_schedule+0xe1/0xf0
[  551.124792][T11768]  ? vscnprintf+0x5d/0x90
[  551.129136][T11768]  panic+0x349/0x870
[  551.133047][T11768]  ? check_panic_on_warn+0x21/0xb0
[  551.138182][T11768]  ? __pfx_panic+0x10/0x10
[  551.142620][T11768]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  551.148611][T11768]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  551.155043][T11768]  ? print_report+0x502/0x550
[  551.159747][T11768]  check_panic_on_warn+0x86/0xb0
[  551.164808][T11768]  ? handle_mm_fault+0x14f0/0x19a0
[  551.169964][T11768]  end_report+0x77/0x160
[  551.174233][T11768]  kasan_report+0x154/0x180
[  551.178765][T11768]  ? handle_mm_fault+0x14f0/0x19a0
[  551.183956][T11768]  handle_mm_fault+0x14f0/0x19a0
[  551.188987][T11768]  ? __pfx_handle_mm_fault+0x10/0x10
[  551.194306][T11768]  ? lock_vma_under_rcu+0x592/0x6e0
[  551.199539][T11768]  ? exc_page_fault+0x113/0x8c0
[  551.204425][T11768]  exc_page_fault+0x459/0x8c0
[  551.209454][T11768]  asm_exc_page_fault+0x26/0x30
[  551.214337][T11768] RIP: 0033:0x7fa608e3911e
[  551.218775][T11768] Code: e9 5d fe ff ff 0f 1f 80 00 00 00 00 48 89 7c 24 f0 48 89 74 24 e8 48 89 54 24 e0 48 8b 4c 24 f0 48 8b 54 24 e8 48 8b 74 24 e0 <8b> 41 40 23 81 00 01 00 00 f3 0f 6f 06 c1 e0 06 48 01 d0 0f 11 00
[  551.238669][T11768] RSP: 002b:00007fa609d8e038 EFLAGS: 00010212
[  551.244761][T11768] RAX: 00007fa608e39100 RBX: 00007fa609104038 RCX: 0000000020400000
[  551.252757][T11768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020400000
[  551.260930][T11768] RBP: 00007fa608fe4e5d R08: 0000000000000000 R09: 0000000000000000
[  551.269014][T11768] R10: 0000000020400000 R11: 0000000000000000 R12: 0000000000000000
[  551.277092][T11768] R13: 000000000000006e R14: 00007fa609104038 R15: 00007ffcb3f11a98
[  551.285102][T11768]  </TASK>
[  551.288410][T11768] Kernel Offset: disabled
[  551.292902][T11768] Rebooting in 86400 seconds..