last executing test programs:

36.554114775s ago: executing program 3 (id=1443):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0xa, 0x1, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000000), &(0x7f0000001540)=""/155}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000ff7f000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
accept$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000200))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f00000006c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000100), 0x12)

33.238032404s ago: executing program 3 (id=1451):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffd)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES8=r3], 0x18}, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={<r5=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="54000000000000000000000400000000000000010000000100010001000000010000000700000007442cc05000000000000000010000ee06000000080000000100000e4a000000200065000300000005000000080000000030000000000000000100000001"], 0x88}, 0x0)
close(r4)
close(r5)

32.845683031s ago: executing program 3 (id=1452):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
close_range(r0, 0xffffffffffffffff, 0x0)

32.681278596s ago: executing program 3 (id=1453):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000c8, &(0x7f00000005c0)=ANY=[@ANYBLOB='codepage=874,nodots,dots,tz=UTC,dots,nodots,codepage=862,dots,dots,check=strict,allow_utime=000000000000000000001,sys_immutable,nodots,nfs,quiet,dots,nodots,nodots,debug,usefree,tz=UTC,flush,nodots,\x00'], 0xfd, 0x1bf, &(0x7f0000000940)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x4ba, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})

32.289359913s ago: executing program 3 (id=1455):
openat$cgroup_root(0xffffff9c, &(0x7f0000000340)='./cgroup/syz1\x00', 0x200002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r3, 0xc0f85403, &(0x7f0000000000)={{0x1}, 0x0, 0x0, 'id0\x00', 'timer1\x00'})

31.861017013s ago: executing program 3 (id=1456):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
preadv(r3, &(0x7f00000014c0)=[{&(0x7f00000000c0)=""/19, 0x13}], 0x1, 0xc81, 0x0)

20.08334339s ago: executing program 4 (id=1476):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
close_range(r0, 0xffffffffffffffff, 0x0)

18.081477806s ago: executing program 2 (id=1480):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @rand_addr, {[@timestamp_addr={0x44, 0x34, 0x0, 0x1, 0x0, [{@multicast2}, {@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}, {@remote, 0x1}, {@multicast2, 0x5}, {@local, 0xb}]}, @cipso={0x86, 0x6}]}}}}}}}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x405, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb951368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@test_dummy_encryption}, {@dioread_lock}, {@test_dummy_encryption}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5e9, &(0x7f0000001340)="$eJzs3c1vVFUbAPDnTj9oKe/bQoyKC2liDCRKSwsYYkyErSENfsSNGystiBRoaI0WTSgJbkyMG2NMXLkQ/wslsmWlKxduXBkSooaliWPu9N7Sae/0u72V+/slQ889Zy7nTKfPnDNnzrkTQGX1p//UIvZHxGQS0ZvMzpe1R1bYP3e/B399fDa9JVGvv/5HEkmWl98/yX72ZCd3RcRPPyaxr21pvVMz1y6OTkyMX82OB6cvTQ5OzVw7fOHS6Pnx8+OXh18YPnH82PETQ0dW8zC6F2dcL7jT6ZvvfdD76chb3379dzL03a8jSZyMV7I7Lnwcm6U/+hu/k2RpUc+Jza6sJG3Z38nCpzhpL7FBrEn+/HVExBPRG23x8MnrjU9eLbVxwJaqJxF1oKIS8Q8VlY8D8vf2i98H10oZlQDb4f6puQmApfHfPjc3GF2NuYHdD5JYOK2TRMSqZuZWsCci7t4ZuXnuzsjN2KJ5OKDY7I2IeLIo/pNG/PdFV/Q14r/WFP/puOBM9jPNf22d9S+eKhb/sH3m4r9r2fiPFvH/9oL4f2ed9fc/TL7b3RT/Sz7SAwAAAAAAAFZw+1REPF/0+X9tfv1PFKz/6YmIk5tQf/+i46Wf/9fubUI1QIH7pyJeKlz/W8tX//a1Zan/NdYDdCTnLkyMH4mI/0fEoejYlR4PLVPH4c/2fdWqrD9b/5ff0vrvZmsBs3bca9/VfM7Y6PToRh83EHH/RsRThet/k/n+Pyno/9PXg8lV1rHv2VtnWpWtHP/AVql/E3GwsP9/eNWKZPnrcww2xgOD+ahgqac/+vz7VvWvN/5dYgI2Lu3/dy8f/33Jwuv1TK29jqMz7fVWZesd/3cmbzQuOdOZ5X04Oj19dSiiMzndluY25Q+vvc3wKMrjIY+XNP4PPbP8/F/R+L87ImYX/d/Jn817inOP/9PzW6v2GP9DedL4H1tT/7/2xPCtvh9a1b+6/v9Yo68/lOWY/4M5X+Zh2tmcXxCO7UVF291eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgU1CJiTyS1gfl0rTYwENETEY/F7trElanp585def/yWFrW+P7/Wv5Nv71zx0n+/f99C46HFx0fjYi9EfFFW3fjeODslYmxsh88AAAAAAAAAAAAAAAAAAAA7BA9Lfb/p35vK7t1wJZrL7sBQGkK4v/nMtoBbD/9P1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q/VJf4BAAAAAOCRsvfA7V+SiJh9sbtxS3VmZR2ltgzYarWyGwCUxiV+oLos/YHq8h4fSFYo72p50kpnLmfy7AZOBgAAAAAAAAAAAIDKObjf/n+oKvv/obrs/4fqyvf/Hyi5HcD2W+N7/PpGdvsCO9dysV24/3/FswAAAAAAAAAAAACAzTQ1c+3i6MTE+NXKJV6OiKacN3dIw7YxUa/Xr6d/BTulPf/xRL4Ufqe0Z1Ei3+u3urPKe00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa/RsAAP//EH0kSg==")
getdents(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r5 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fstat(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0x0, r6, 0xffffffffffffffff)

18.080991116s ago: executing program 4 (id=1481):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2b8, &(0x7f0000001080)="$eJzs3T2LY1UYAOD3JpkkuxZJYSWCF7SwWna2tckgWVhMpaRQCx3cXZAkCLsw4CgGK1sbS3+BINj5J2wEf4DgD7BzioEjN7mXZGbyMUEz48fzFJl37jnvPe85OcwHwz3z4cuT0eM8nn75+a/RbmdR60UvzrLoRi0qKaUUC72vAwD4NztLKX5Pc9dM6RUvWUS091saALAnO3///2HvJQEAe/bOu++9dTQY9N/O83Y8nHx1Mix+sy8+ztuPnsbHMY4ncT86cT7/W0D100Lx+jClNG3khW68NpmeDIvMyQc/lfc/qgY6jE50Z9HF/EeD/mE+t5Q/Leq4W47fK8Z/EJ14ccX4jwb9ByvyY9iM119dqv9edOLnj+KTGMfjWRGL/C8O8/zN9M0fn71flFfkZ9OTYWvWbyHVb+5dAQAAAAAAAAAAAAAAAAAAAADgv+5eeXZOK2bn9xSXyvN36ufFJweRV7oXz+eZ52fVjS6dDzRN8W1KrUbEoH8/z/NUdlzkN+KlRjRuZ9YAAAAAAAAAAAAAAAAAAADwz/L809PR8Xj85NmK4Je7EWua1gTVaQDVY/1bsurrmnpLV16J09Fxa/0Nl5pqZbhh0KhXfbKIjdMpJrHL3P9CcGddzd99v+sN29v7HGxan78nqHbX6DhbvYatqK60q/f0x+U+zbjmWM11TWn79lsKmiubOjvPvfnCLJhu6BPZpsLe+G2+cuWV7PIsmrNVXZl+UAZL6Zf2xk77+erXisxpHQAAAAAAAAAAAAAAAAAAsFeLh36vNN3ZklpLrb2VBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avH//3cIpmXyNTo349nzW54iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wN/BgAA//+kKlw+")
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902920003010030000904000000010100000a2401000000020102132406000006000009000000000000000000000924030002030500000924050000f8431cfd08240404013d4fdb0624050400fd09040100000102000009040101"], 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
getpriority(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000300)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
pipe(&(0x7f00000045c0)={<r5=>0xffffffffffffffff})
r6 = socket$inet(0x2, 0x3, 0x7f)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
setsockopt$inet_int(r6, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r5, 0x0, r6, 0x0, 0x8000, 0x0)

15.545214372s ago: executing program 2 (id=1486):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
preadv(r3, &(0x7f00000014c0)=[{&(0x7f00000000c0)=""/19, 0x13}], 0x1, 0xc81, 0x0)

13.068746953s ago: executing program 2 (id=1487):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2000003, &(0x7f0000000000), 0x1, 0x4f3, &(0x7f0000000bc0)="$eJzs3d9rXFkdAPDvvcnspt2sk0WRteDuYivp6nYm2bi7QaRWEH0qWOt7jMkkhEwyITOpzVA0xVdBEFHBJ598EfwDBOmfIEJB30WLItrqgw/aKzNzp03TmSQlP8adfD5wes+55977PWeauT/mHu4N4Mx6KyKuRcRIRLwdEcV8fpqnuVZhp7Pco4d3FlopiSy7+fckknxed1ut8mhEvNJZJcYi4utfjfhW8nzc+nZzdb5arWzm5XJjbaNc325eWVmbX64sV9ZnZqbfn/1g9r3ZqSx3pH5eiIirX37w4x/84itXf/POt/8499fL32k16wsf77Q7IhaOFKCPzrY/887u5rc+o82TCDYAI3l/CnsrbgymPQAA7K91jn8xIj7VPv8vxkj7bA4AAAAYJtkXx+M/SUQGAAAADK00IsYjSUv5WIDxSNNSqTOG92NxPq3W6o3PLtW21hdbdRETUUiXVqqVqXys8EQUklZ5up1/Wn53T3kmIl6LiB8Vz7XLpYVadXHQP34AAADAGfHKm89e//+rmLbzAAAAwJCZ6FsAAAAAhoVLfgAAABh+rv8BAABgqH3t+vVWyrrv8V68tb21Wrt1ZbFSXy2tbS2UFmqbG6XlWm25/cy+tT6b+X43U63VNj4X61u3y41KvVGubzfn1mpb6425lfbrwAEAAIABeO3Ne39IImLn8+faKfLnAAI848+DbgBwnEYG3QBgYEYH3QBgYAoHLjH6AssCH0bJAfV9B+/89vjbAgAAnIzJTzx///+lvM71Pgw3Y30A4Oxx/x/OroIRgHDmXepMXu5Xf/T7/1n2wo0CAACO1Xg7JWkpvxc4HmlaKkW82n4tQCFZWqlWpiLiIxHx+2Lh5VZ5ur1mcuCYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAIChFpH+JWk/zT9isnhpfO/vAy8l/y7Gg7zws5s/uT3faGxOt+b/o9iuj4jGT/P572ZeCQAAAAD/BzrX6fl0etCtAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDYPHp4Z6GbTjPu374UERO94o/GWHs6FoWIOP/PJEZ3rZdExMgxxN+5GxGv746fPYnwOMuyibwVveKfO5H43f4nrY8l9sQf666XHkNsOOvutfY/13p9/9J4qz3t/f0fzdNR9d//pU/2fyN99j+vHjLGhfu/KveNfzfiwmjv/U83ftIn/sVDxv/mN5rNfnXZzyMmex5/kmdilRtrG+X6dvPKytr8cmW5sj4zM/3+7Aez781OlZdWqpX8354xfvjJXz/er//n+8SfOKD/lw7Z///ev/3wo51soVf8yxd7H39f7xM/zY99n87zrfrJbn6nk9/tjV/+7o39+r/Yp/8H/f9fPmT/377xvT8dclEA4BTUt5ur89VqZXOfzNghlpGROUom+27n7/Fo24nNkWNtWDboj6W+3eyedZ929EHulQAAgJPw9KR/0C0BAAAAAAAAAAAAAAAAAACAs+s0Hie2N+bOYLoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCv/wUAAP//WIjdwA==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x800, 0x4)
bind$inet(r4, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10)
sendmmsg$inet(r4, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)}}], 0x2, 0x16da)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r6 = epoll_create1(0x0)
r7 = fcntl$dupfd(r6, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r7, r5, 0x11, 0x0, r7, @void, @value}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r8 = epoll_create1(0x0)
fcntl$dupfd(r8, 0x2, 0xffffffffffffffff)

11.585048681s ago: executing program 1 (id=1488):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="4400000011002901800000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)

11.584672632s ago: executing program 4 (id=1489):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_all\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000b000000300"/21], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r5, 0x4068aea3, &(0x7f0000000340)={0xc9, 0x0, 0xc})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r6, 0x40045431, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r1, 0x80089419, &(0x7f0000000300))
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="500100001000130700000000000000007f00000100000000000000000000000000000000000001000000ffffac14140000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff010000697f000000000000000000010000000032000000ff020400000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000060001200726663343534332867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000080"], 0x150}}, 0x0)

9.783012479s ago: executing program 0 (id=1490):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pread64(r2, &(0x7f0000000300)=""/150, 0x96, 0x0)

9.762496791s ago: executing program 1 (id=1491):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f0000000100)}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x804, &(0x7f0000000680)={[{@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@rodir}, {@utf8}, {@uni_xlateno}, {@shortname_mixed}, {@utf8no}, {@rodir}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@fat=@time_offset={'time_offset', 0x3d, 0x259}}, {@uni_xlate}, {@fat=@showexec}, {@numtail}, {@utf8no}, {@numtail}, {@shortname_winnt}]}, 0x1, 0x276, &(0x7f00000003c0)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000080)=@srh={0x3b, 0x0, 0x4, 0x0, 0x4, 0x10, 0x2}, 0x8)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
r5 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x80000000)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="500100001000130700000000000000000000200100000000000000000000000000000000000000000000020000800500"/64, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="7f0000010000000000000000000000000000000032000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400000000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000006000000025cac5216d1c8af0a976902918bf448c5d9f54"], 0x150}}, 0x0)

9.761948411s ago: executing program 2 (id=1492):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000083bcf1f7000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0), 0x0, 0x3}, 0x38)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000c40), 0x12)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone(0x40020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000080), 0x12)

9.761544311s ago: executing program 4 (id=1493):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
recvmmsg(0xffffffffffffffff, 0xfffffffffffffffe, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$pptp(0x18, 0x1, 0x2)
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381", 0xb}], 0x1)

8.134266813s ago: executing program 0 (id=1494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0x4, &(0x7f0000000280)=<r2=>0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
ioctl$BINDER_WRITE_READ(r3, 0x40046208, 0x0)

8.121794644s ago: executing program 1 (id=1495):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYRES32, @ANYBLOB='\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYRES8=0x0], 0x1, 0x217, &(0x7f00000004c0)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0e00000004000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000a160d93b6769a7b92fb71584de27c58449bb7993b934b87d73e936cf8216f6ee4c9890181dfa005a95b2645e11529298ba998e52eb26b753c4e1cfdec5972fee27e140b49e1acc3854aea5cbcb906762c0930370584e999598ba4af1ebbd239f0743a5c6d60835293fed8a95ae24dada6bcc251da6086e3b1829858093160ca6a770ed25005f8404e8d43d419fac1f7436911f55051f9dc54fedfd3cdd8e3a33961ceac3d16daa1799e123b6af027b0243d170140743c586628e120cda9f5c11e089"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r6, 0x0, 0x8, &(0x7f0000000040), 0x0)

6.352402069s ago: executing program 0 (id=1496):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
preadv(r3, &(0x7f00000014c0)=[{&(0x7f00000000c0)=""/19, 0x13}], 0x1, 0xc81, 0x0)

6.351945279s ago: executing program 1 (id=1497):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
ioctl$sock_bt_hci(r4, 0x800448d2, &(0x7f0000000080))
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x20, 0x10, 0x503}, 0x20}}, 0x0)

4.476148074s ago: executing program 0 (id=1498):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffd)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$unix(r4, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES8=r5], 0x18}, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={<r7=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="54000000000000000000000400000000000000010000000100010001000000010000000700000007442cc05000000000000000010000ee06000000080000000100000e4a000000200065000300000005000000080000000030000000000000000100000001"], 0x88}, 0x0)
close(r6)
close(r7)

4.475421384s ago: executing program 1 (id=1499):
io_setup(0xffff, &(0x7f0000000080)=<r0=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, 0x0, &(0x7f00000002c0)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
ioctl$BINDER_WRITE_READ(r4, 0x40046208, 0x0)

4.470731324s ago: executing program 2 (id=1500):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000280)='oom_score_adj\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x300, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r6, r5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)

4.417810209s ago: executing program 4 (id=1501):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000740)="53c4f905cb13a831e03fdba11c3a28ec6455ca58e44163fce97900a002d28d46d062539056bf9fc2a27e9dcf72da3108413c046930356da28d35fa500f70a0dba80c78d927f3481f54dacce96f2b94c9418eb9d5cf27141d23dd57074b8de02ce88bcc02b862e537541286307b902296406a8450a429b7bad721921cfc7cd09522414c0cac13a27d6e0fb8adcee4f7f49a616a3ee7f3ee375b2a1362ed46f73f212616815a1948735847fd98f9a1434bd430c8741f4017ff311df5d263124b084e954eae5590edc525a0ba9ed8c7942fccea73aea9ffd1a6b4a63f3061bbaa050c2e0a4bbc1d249907fc8b75d5f3b9f934c3cfe453e3bcd0a04301e79489d373b7ada737561760274671fb6b6788d631072ca23d8aea4f332d9812be3c21620dde33948cf485019d78d26da497494b5cd44499420af88cceba5e8b53d909ce407af5fc5e105a23abaf975e399b6d8b5ba777830b94d490404d3d14ccbd3c6a5e2afbdd3b22fb11eb10b0e44f54bb829a0fbb8b3b8f2599ea8ef95e1774b19e250de0ef28b5deff60a16b891992eb5809b5dbe85f75de2fd2219991417d38a3caab858ca06330fc7babad8732d59c2b0a6637e7b3c70476146f3c0ea621e13ef3bc49ec598c43c627f573f4d7bf6480039ff65fb55a0b686c845387ca2b95b1fa2c65f9e965c06e8c24350f38c7bf3851f4ca47b89492f5cf07fe53a53dfd6361797394d52b75a6ecfe1a28a005c14fce4aa72594dcf375a86a06d5c6a5957bb96b75159096cfb7aa9ead48f56e852c2f0e71d44046e5d526fdf18ff443a9373f06f9f22e6e94aafb52b85d3371d10dcdc74542f58e745264e634ea3e8e0172df20a17d4e1e3c05718028df3006e528cfb3f553c27c85f8fb641151e722e20253fd624be2fb2fe73c692bc9d0f2a6badf6112491f5e22818c959cbc998932c701162eb40f53bdfe84adee83006d1101e558645b5bc8784e205902b5d3c0b6c814963239a015ad3cca26f66d8a3743787f5e409a918244fd9e49888ff0548ffaa245ec020bc9fc88d67c3d0156af23894c5c96a4e0dd53f8c9b63798fc7fbfff59780b4ca1d2dc054d1604964c468049379241e8b4154374d70af3ec8bb251ca9d6499557a24c9b99a4824a5ad8e39c548a4de24bf8f68756b51dddea9b0198a385e19bc915d6b7fdd23886764e7fca36b02d5de46122b654a3f53a0f2bd4445c47a6f7d990def9b99d5e19f51c76532790bc2df07396e6f320992e71b5169f20702478148487e2370cdd2b5e8316d3ed79896a556da87fea29af47fa2d9c0e634d55e715a7981ce3023f4d65707158e6f79993949e4e3fe4bc1c1ba413dd7702ce0369f7e57da635fd03e52098e4251d8cf216ec9c5af98cac3850de23cd568855f4d69506f81a49f0ad2a122dcac99af7e2d4b78e9f9cfaa700d7f7e8e52ed35d2e8370811d9cea4763d6a6e99abc9669160be13a648f1758a25abb72e857406817e9b74f7dc6a694bfecbacf033546994c34faf868d363eeed0eed1423f34f1ae9dc78980fef49aa06015a569e96a7f03a5d15023523b86db762ea4614a5e1cde97ab0abbb917646468f4a6b30c13906ba003598d829705a0aba745e7431e9def215375d7f0180ee0528755a07d980178d788c82e1da520625dc6f89168ad44d08bc514eb8483505bf727f073e78dae7a1853ffcecce5b4640e33645979f4af10f6e85785e9557e74a1f2c12666a7232134f81c034fd5c870222675eb90964e3a1a0469f8adeb01f68c560088f6b5ca98a96dc773f00e3a3cc66c2b54a3aeafdd323d9e36e87d7c99f40dec8f903845992d44ff805ffa28a72b102a2462bf6099ca00d3c1e212176bf7afe2fba604d2471c0f1db8f57ab3f1dbee1f3cead6995596ce18ac0f64b27bef279df4cc8c9088527ea5dc78c7abd1395d95656943e38a5047a42d29a0528a71c37525ab82f05ec74bc04e2f91215751f4a7f77daa7729c11b2823461de02a4659357eac8bc37c14e1e3de4d5b69ebbefb386f2bb6f71a3468e534adfbc8a9c9c1adf434d4b01aafd1d73f50cec3a4fbeae535b9ac081ef7b161ef6966bb95045ffac98cf30071effe21c6f51c5e115bbc432a196da96ba37d419b27bfa39a250a57e22a672fe5e070def0f64f85f6752e2fc06f2b8a290903e7494121322e131e7340e3122849177b218234333e3d53354bc4ffbc197c39ac9bdae4becb66f9359f6d763a8e810793c58359add69d79daebb8642c6420b06c7f9f5d94858693fdcbccd59a54c7a10eb8117bb9d5bffb6db6f0e1015e78bf5a8f7fab1c3ee93ca7f6402fcfd4434864eeec1e9e2a773529f1fa9ab1046ff93c439db999dc2023fde4da4ce73e3a7870a1b559840cb019179b75b29e3961449d61e1d3e7fcc901646421daabba9dec858b376f34d63fd86e23f85350b347c5ba8c9156b4332b99a29ef1484917a922503ee3866f07663d49463de82ae221c565d512de03fdb098b15dc1c31be580f36bab5e40472100611d9bc08f6e38baabf45b637447aa7d1e66a2174e1ea5a27d08d1b42ff58640627777ec3492231e326f010bd7b3a8e02f145cb16b23de4d7456afebb0ac2eed8c6e213004c575a986708b726e5aa462f37963e26d2ec40d8d78df70ad97d14bf3be526e7b857886054045a08ef852cacde8fd4629279b8cbdbfdbee79d3c36afa66cc59008f689e431c25d1ff360a2227182498ff6df8207f17f538186d8bb80f4239ceb1e53dd508911db01a0b00fbd7b60c680143268cdfe97ad9a87eb9352796c9cd64bd350be491b3b4d8c1be48024d93ce7b43ae7a938608bb22780c841f40991b9bbf72d9c44a73850166994dbf73c8f2c9aca6f602a943236d47efbbacd1208978ba361ae9d99f595a09f1ebc20f12d0943f89e88b8234ac3237eba668039b5bc3563d9d54def73b1aea8b8b9f5c4103e03404131c5335f72836c4039c733f761e158e81cab5f1d6aa534753f7e4514b9833ab551a656182c2f45019912339d20df857cd1174c22092dfc6e46966ff3681a3ce8f0227c279d4cd35a6ff18acfd0342a3d538599abfad4439bda099d343938e11703109a07f7fd5d483fd13d188c4638da98dfeb752cd9df41fb6da0e0f6905addee4c0a2996aefcbfc698da7ee6a60bce6e76e6826f6e768f5dd1ed7f89d38007e6fd37dd1530338f471f4482d7f7fb2a8b6d623c155fe982f82031be502dafaeb4a6500cd090d17b2655be87b90030dea94638a170b6a11f01f11f2fb343357239f74100e8d3048c959e508652147874fa218138b616563844906f4e4a5dbff5fed92c27eab2150c8d5e69a2a2dc256c979f26613fa25e75db5fa350291039682ec7614321ecc54a97193a4e0bad1ed564a76c8d5c96d726f7f343a88f1b39bd5d6e329f1161920285be15334c8a4c100fe03329a2d7cad65bb5cc91820e18f182ce8444a6cdb31c62cc1cad708083797e0bd7c0eda2338c7fd60f53eb788711b216c6f64ea9ee8e7dd09488994e18cb31e29613191bdb999e466d4d01506ec79a6c25de2fab951625caa77d78706d7449b95a47d085d25600d968c479b77a031bfab0f3b2fe0b7a772bcd2cccb3faf027c67161bd90a09ef6971c4eabeb78fedd40f3d3395c59f3886e8df57b86a3e3cb45329e9d04c784b17edb383a8d0c21ad5aad436036eea82c5e22190a318b4c4aa6117c4e5446f103b9dd964d6d4b95872bd16d35be9e0942ed584aebdc71d7f5b8ccf6e3b10b816b88463392044b979d87e22fa0db414da721b90fddf2e50efb3ce1f43dba1a4c0859de53368ccb8de5434fa5ad1f27f4ad9fad2e82daf635ace1dbeee9db32f28aa7d0d620bb35e52fc423f3e032b3cc9ea373203370f558290e38d0144b082524edd3fca2d63718edae0a235ffc763b9b19164d713b8db24d240820a263377f1fc2fed0a669876094e3b142352dce12273de1f50ab28202d3076fedcd823ff6d8281cb3bd1791e93c31f01800ba407727d115f2e4a7b9d765b3c35331afeba7d565de17c90b9e9ae0f31257cec0841ea3f5f1b33035b7878f1f96c29359c9e6c86e0c8246a9d03fe2aab2e21d1fdf7d46b24196a67e3be4ebcfdd4213d6cd9ffa521d0b8e115ebbdf36c9b5c9f84da11fcc0e98481a7935b91ec09846070395de066ff35d8df8e3d82754cca652c6979a61fc712f6bf9631d1ba47f580b84f34450efd64ecc3324fd0e250ddbbf25ca1bb4e5ec833f809a8c8c41808ab759abcfd25bf24b6d2e42b65b9d4a31a65d8de33a211076fef6470920c7bd0b1ac2c1f167ba984b9a2d1080c168aeee658faa3b3c607f6139e3057c7ca4aee468aa4df83691dd7d81c434299a0dbe87bc10add76ca0b601d5e2c3cbc2450923ec43debd951e2753437f44439b91f2fec6c601627ce35698267fe8543b4af2dda12694e80cba6b6aba38d382400349b0aec44102858ac946419a0806540c7072cdbec61462f0ed821f6d0925dfa306ae6dda560e88478892320519f111d556ba918cff1feb044925443c2680665230df24af2fe4002f6a34d8da3399f9a39320fd43da51780849ee6b01709eee78ea3df604c7e0ac9bcba2c09428ddca0518cee730915251f887f0ced71e227eabf25bdc04f0cd88e229e5306c198f985fcb044bf255d7c18d67ad427cdb8a48d674cc231f70519e864d6341cfd9f25cb0528a11681a420c12912a971f02c9906084e1983548e16b56c54e62e9fd42627a12098fd1358bbb69538c38eed061d5f594f5aa17eef7d3d29f52d105cc784bbc44663635e5d4614d89b01f9704cc158d7010abc35dd2da01b51deccd0bdae22dc0dbf0a5ac692f4947e0d83ac639f67c1d2ac334d6972a55e5953bf6d2ccf932d4b68a15bfcbec90108420cce61d136994274ea020e5019e347eecdbcb361738f58aa91b779de08276140518bcde5cebb0b2f07a8a9c931eaeb82a5fed406c209cc10b960f29fdb819ecf17c736fa77fdf110c88505d60ea309269f4803cf306f2095f61d3072d7c3fb7de244430e464f61ddae39cc7d442bcc396a589e73eb83e70411663c14174d509a666ccd8276a9c11bfeb73cf37e895d0bb31ab8f1b10fb4c3b44052b4d6da2326cb59058dfbcabc8571dc47fbccbd042727fe7f13992f0bfc87c0956b26c2e397ff1869dd0faaab9e5e0711234e0aec39315037160c471e8bae9bb8464a77f46e220e6a5d8a0a57cec9e8d1919d54b1dc3ac06988eff9ff97ea1f27bb541b93914703a6e6eec31ab8c8b883caf33284704092121580647454dd3983daf7cf8eeb7b05e0b3960f9944eea2e0d28b9c8c7ae1d1f10dacd5e8e61c68eed8d7090ce253375bce372cefaab51948761864a5be21b6d85350e3a609dfb983b61aa1f84ce9084f69f23e626a88f55d32697a1188211be3de48795e361a53504c02e2127d50744685028f624851907105d0d1795adcf4486ed30297352413dc5c7bfd954a7d9641a3b0d7cd7413c018e0d7752d29e863538a8aab0f7cabcf5960d146922bf4e0a20d7be5f13cf38cda7ecffdf7ff959e3e34e3374cc11f0227d24d61b45e295eea3e1f5a61a1e03db26eb39f5e220df63491ffaba355e222a38726d51840c941ddc8e13f53a116d99d65e44949a3ed0e8862ab34267e1626fe98", 0xfaa)
unlink(0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x2b8, 0x180, 0x0, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'lo\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0xed, 0x7}}}, @common=@inet=@multiport={{0x50}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)

2.124455933s ago: executing program 0 (id=1502):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r2, 0x400454d9, 0x0)
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext3\x00', &(0x7f0000000240)='./file0\x00', 0x20, &(0x7f00000004c0)={[{@orlov}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xa}}]}, 0x0, 0x79d, &(0x7f0000002080)="$eJzs3c1rXFUbAPDnTr6aNO+bvPCC1lVA0EDpxNTYKriouBDBQkHXtmEyDTWTTMlMShMCtojgRlBxIeimaz/qzq0fW/0vXEhL1bRYcSGRO5lJJs1MnNTMTCS/H9zMOffeyTnPPffj3LmHmQAOrbH0TybiWES8l0SMVOcnEdFXSfVGnNlY7/7aai6dklhff/WXpLLOvbXVXNS9J3W0mnk0Ir59O+J4Zme5peWVuelCIb9YzU+U5y9PlJZXTlyan57Nz+YXTk1OTZ08/czpU/sX628/rAzffv+lJ78488dbj9x897skzsRwdVl9HPtlLMaq26Qv3YTbvLjfhXVZ0u0K8FDSQ7Nn4yiPYzESPZVUE4OdrBkA0C5vRsQ6AHDIJK7/AHDI1D4HuLe2mqtN3f1EorPuvBARRzbirz3f3FjSW31md6TyHHToXrLtyUgSEaP7UP5YRHzy1eufpVO06TkkQCPXrkfEhdGxnef/ZMeYhb16areF6wOVl7EHZjv/Qed8nfZ/nm3U/8ts9n+iQf9noMGx+zDGNkaLbdp5/Gdu7UMxTaX9v+frxrbdr4u/arSnmvtPpc/Xl1y8VMin57b/RsR49A2k+cnKqvWjoLZ6h+N3/7zbrPz6/t+vH7zxaVp++rq1RuZW78D298xMl6f3I/bUnesRj/U2ij/ZbP+kSf/3XItlvPzcOx83W5bGn8Zbm3bG317rNyKeaNj+W22Z7Do+caKyO0zUdooGvvzxo6Fm5de3fzql5dfuBTohbf+h3eLPxGhSP16ztPcyvr8x8k2zZX8ff+P9vz95rZLur867Ol0uL05G9Cev7Jx/cuu9tXxt/TT+8ccbH/+77f/pPeGFFuPvvf3z5w8ff3ul8c/svv8/0P57T9y8P9ezrdD+vcSftv9UJTVendPK+a/VCv7T7QcAAAAAAAAAAAAAAAAAAAAAAAAArchExHAkmexmOpPJZjd+w/v/MZQpFEvl4xeLSwszUfmt7NHoy9S+6nKk7vtQJ6vfeFrLn3wg/3RE/C8iPhwYrOSzuWJhptvBAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDV0Sa//5/6aaDbtQMA2uZItysAAHSc6z8AHD57u/4Ptq0eAEDnuP8HgMOn5ev/hfbWAwDoHPf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtNm5s2fTaf33tdVcmp+5srw0V7xyYiZfmsvOL+WyueLi5exssThbyGdzxfmm/+jaxkuhWLw8FQtLVyfK+VJ5orS8cn6+uLRQPn9pfno2fz7f17HIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKB1peWVuelCIb94kBPD3a/GYNc3wsFK9MaBqEb3E+vJv+Qg2mui/iwx2L0TFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAB91cAAAD//7S5Ke4=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=ANY=[@ANYBLOB="38000000180001000000000000000000020000000000000900000000060015000600000014001680100003"], 0x38}}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x11)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r5}, 0x10)
unlink(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x2)

2.124033603s ago: executing program 2 (id=1503):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./bus\x00', 0x0, &(0x7f0000020000)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45bd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc96eb384dbb4268c50943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906bde2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75", @ANYRES64], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0))
ftruncate(0xffffffffffffffff, 0x1)

2.101858305s ago: executing program 4 (id=1504):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008d}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000240)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000000040000090000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000050000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r5, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e)
ioctl$PPPIOCGCHAN(r6, 0x80047437, &(0x7f0000000080))

7.75015ms ago: executing program 0 (id=1505):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f0000000100)}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x804, &(0x7f0000000680)={[{@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@rodir}, {@utf8}, {@uni_xlateno}, {@shortname_mixed}, {@utf8no}, {@rodir}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@fat=@time_offset={'time_offset', 0x3d, 0x259}}, {@uni_xlate}, {@fat=@showexec}, {@numtail}, {@utf8no}, {@numtail}, {@shortname_winnt}]}, 0x1, 0x276, &(0x7f00000003c0)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000080)=@srh={0x3b, 0x0, 0x4, 0x0, 0x4, 0x10, 0x2}, 0x8)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
r5 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x80000000)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="500100001000130700000000000000000000200100000000000000000000000000000000000000000000020000800500"/64, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="7f0000010000000000000000000000000000000032000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400000000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000006000000025cac5216d1c8af0a976902918bf448c5d9f54"], 0x150}}, 0x0)

0s ago: executing program 1 (id=1506):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @rand_addr, {[@timestamp_addr={0x44, 0x34, 0x0, 0x1, 0x0, [{@multicast2}, {@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}, {@remote, 0x1}, {@multicast2, 0x5}, {@local, 0xb}]}, @cipso={0x86, 0x6}]}}}}}}}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x405, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb951368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@test_dummy_encryption}, {@dioread_lock}, {@test_dummy_encryption}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5e9, &(0x7f0000001340)="$eJzs3c1vVFUbAPDnTj9oKe/bQoyKC2liDCRKSwsYYkyErSENfsSNGystiBRoaI0WTSgJbkyMG2NMXLkQ/wslsmWlKxduXBkSooaliWPu9N7Sae/0u72V+/slQ889Zy7nTKfPnDNnzrkTQGX1p//UIvZHxGQS0ZvMzpe1R1bYP3e/B399fDa9JVGvv/5HEkmWl98/yX72ZCd3RcRPPyaxr21pvVMz1y6OTkyMX82OB6cvTQ5OzVw7fOHS6Pnx8+OXh18YPnH82PETQ0dW8zC6F2dcL7jT6ZvvfdD76chb3379dzL03a8jSZyMV7I7Lnwcm6U/+hu/k2RpUc+Jza6sJG3Z38nCpzhpL7FBrEn+/HVExBPRG23x8MnrjU9eLbVxwJaqJxF1oKIS8Q8VlY8D8vf2i98H10oZlQDb4f6puQmApfHfPjc3GF2NuYHdD5JYOK2TRMSqZuZWsCci7t4ZuXnuzsjN2KJ5OKDY7I2IeLIo/pNG/PdFV/Q14r/WFP/puOBM9jPNf22d9S+eKhb/sH3m4r9r2fiPFvH/9oL4f2ed9fc/TL7b3RT/Sz7SAwAAAAAAAFZw+1REPF/0+X9tfv1PFKz/6YmIk5tQf/+i46Wf/9fubUI1QIH7pyJeKlz/W8tX//a1Zan/NdYDdCTnLkyMH4mI/0fEoejYlR4PLVPH4c/2fdWqrD9b/5ff0vrvZmsBs3bca9/VfM7Y6PToRh83EHH/RsRThet/k/n+Pyno/9PXg8lV1rHv2VtnWpWtHP/AVql/E3GwsP9/eNWKZPnrcww2xgOD+ahgqac/+vz7VvWvN/5dYgI2Lu3/dy8f/33Jwuv1TK29jqMz7fVWZesd/3cmbzQuOdOZ5X04Oj19dSiiMzndluY25Q+vvc3wKMrjIY+XNP4PPbP8/F/R+L87ImYX/d/Jn817inOP/9PzW6v2GP9DedL4H1tT/7/2xPCtvh9a1b+6/v9Yo68/lOWY/4M5X+Zh2tmcXxCO7UVF291eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgU1CJiTyS1gfl0rTYwENETEY/F7trElanp585def/yWFrW+P7/Wv5Nv71zx0n+/f99C46HFx0fjYi9EfFFW3fjeODslYmxsh88AAAAAAAAAAAAAAAAAAAA7BA9Lfb/p35vK7t1wJZrL7sBQGkK4v/nMtoBbD/9P1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q/VJf4BAAAAAOCRsvfA7V+SiJh9sbtxS3VmZR2ltgzYarWyGwCUxiV+oLos/YHq8h4fSFYo72p50kpnLmfy7AZOBgAAAAAAAAAAAIDKObjf/n+oKvv/obrs/4fqyvf/Hyi5HcD2W+N7/PpGdvsCO9dysV24/3/FswAAAAAAAAAAAACAzTQ1c+3i6MTE+NXKJV6OiKacN3dIw7YxUa/Xr6d/BTulPf/xRL4Ufqe0Z1Ei3+u3urPKe00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa/RsAAP//EH0kSg==")
getdents(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r5 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fstat(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0x0, r6, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

nt (83886089)
[  505.992516][ T7788] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  506.002378][ T7788] F2FS-fs (loop2): invalid crc value
[  506.009848][ T7788] F2FS-fs (loop2): Found nat_bits in checkpoint
[  506.090952][ T7788] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  506.098094][ T7788] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  507.092261][ T7316] syz-executor: attempt to access beyond end of device
[  507.092261][ T7316] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  507.725588][ T7803] loop3: detected capacity change from 0 to 256
[  508.147640][ T3656] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  508.157753][ T3640] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  508.166437][ T3656] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  508.175957][ T3640] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  508.185511][ T3656] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  508.192879][ T3656] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  508.220314][ T7807] loop2: detected capacity change from 0 to 512
[  508.240575][ T7807] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  508.355877][ T7807] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a800e01c, mo2=0002]
[  508.382139][ T7807] System zones: 1-12
[  508.387375][ T7807] EXT4-fs (loop2): orphan cleanup on readonly fs
[  508.411676][ T7807] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1068: Inode bitmap for bg 0 marked uninitialized
[  508.431741][ T7807] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  509.371448][ T7316] EXT4-fs (loop2): unmounting filesystem.
[  509.508786][ T7817] loop3: detected capacity change from 0 to 1024
[  509.516036][ T7817] EXT4-fs: Ignoring removed orlov option
[  509.524314][ T7817] EXT4-fs (loop3): Test dummy encryption mode enabled
[  509.791347][ T7817] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  510.150239][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  510.249426][ T3647] Bluetooth: hci5: command tx timeout
[  510.885172][ T7804] chnl_net:caif_netlink_parms(): no params data found
[  511.003442][ T7823] loop1: detected capacity change from 0 to 40427
[  511.004772][ T7823] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  511.004796][ T7823] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  511.007816][ T7823] F2FS-fs (loop1): invalid crc value
[  511.031323][ T7823] F2FS-fs (loop1): Found nat_bits in checkpoint
[  511.111628][ T7804] bridge0: port 1(bridge_slave_0) entered blocking state
[  511.111780][ T7804] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.113099][ T7804] device bridge_slave_0 entered promiscuous mode
[  511.115763][ T7804] bridge0: port 2(bridge_slave_1) entered blocking state
[  511.115922][ T7804] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.117110][ T7804] device bridge_slave_1 entered promiscuous mode
[  511.189318][ T7823] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  511.189347][ T7823] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  511.236537][ T7804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  511.348174][ T7804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  511.532731][ T7843] syz.1.1072: attempt to access beyond end of device
[  511.532731][ T7843] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  511.536198][ T7843] input: syz0 as /devices/virtual/input/input20
[  511.562883][ T7804] team0: Port device team_slave_0 added
[  511.570511][ T7804] team0: Port device team_slave_1 added
[  511.695816][ T7804] batman_adv: batadv0: Adding interface: batadv_slave_0
[  511.695833][ T7804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  511.695860][ T7804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  511.697663][ T7804] batman_adv: batadv0: Adding interface: batadv_slave_1
[  511.697678][ T7804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  511.697708][ T7804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  511.868713][ T7804] device hsr_slave_0 entered promiscuous mode
[  511.889906][ T7804] device hsr_slave_1 entered promiscuous mode
[  511.890492][ T7804] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  511.890587][ T7804] Cannot create hsr debugfs directory
[  511.954211][ T5884] syz-executor: attempt to access beyond end of device
[  511.954211][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  512.319641][ T3647] Bluetooth: hci5: command tx timeout
[  512.380654][    T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  512.504273][    T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  512.568189][   T26] audit: type=1326 audit(1861631972.089:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7839 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1e017df39 code=0x7ffc0000
[  512.574098][   T26] audit: type=1326 audit(1861631972.089:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7839 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1e017df39 code=0x7ffc0000
[  512.574146][   T26] audit: type=1326 audit(1861631972.089:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7839 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7fd1e017df39 code=0x7ffc0000
[  512.574339][   T26] audit: type=1326 audit(1861631972.099:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7839 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1e017df39 code=0x7ffc0000
[  512.574523][   T26] audit: type=1326 audit(1861631972.099:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7839 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1e017df39 code=0x7ffc0000
[  512.614701][    T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  512.693843][    T9] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  513.832773][ T7852] loop1: detected capacity change from 0 to 256
[  514.400641][ T3640] Bluetooth: hci5: command tx timeout
[  514.720178][ T7845] loop2: detected capacity change from 0 to 40427
[  514.751227][ T7845] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  514.795230][ T7845] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  514.836550][ T7845] F2FS-fs (loop2): invalid crc value
[  514.860182][ T7845] F2FS-fs (loop2): Found nat_bits in checkpoint
[  514.937828][   T26] audit: type=1326 audit(1861631974.459:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.1080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  514.965106][ T7845] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  514.996713][ T7845] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  515.010940][   T26] audit: type=1326 audit(1861631974.489:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.1080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  515.011209][ T7860] loop1: detected capacity change from 0 to 128
[  515.033933][   T26] audit: type=1326 audit(1861631974.489:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.1080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  515.070281][ T7860] EXT4-fs: Ignoring removed i_version option
[  515.076336][ T7860] EXT4-fs: Ignoring removed orlov option
[  515.247998][ T7860] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  515.282582][ T7860] ext4 filesystem being mounted at /99/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  515.679974][ T3686] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  515.920091][ T3686] usb 4-1: device descriptor read/64, error -71
[  516.212733][ T3686] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  516.358058][ T7804] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  516.406396][ T7804] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  516.439974][ T3686] usb 4-1: device descriptor read/64, error -71
[  516.479727][ T3640] Bluetooth: hci5: command tx timeout
[  516.560700][ T3686] usb usb4-port1: attempt power cycle
[  516.665287][ T7804] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  516.750305][ T7316] syz-executor: attempt to access beyond end of device
[  516.750305][ T7316] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  516.751536][ T7804] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  516.969614][ T3686] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  517.069877][ T3686] usb 4-1: device descriptor read/8, error -71
[  517.094304][    T9] device hsr_slave_0 left promiscuous mode
[  517.171375][    T9] device hsr_slave_1 left promiscuous mode
[  517.382077][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  517.399568][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  517.414738][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  517.450925][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  517.505677][    T9] device bridge_slave_1 left promiscuous mode
[  517.517466][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.620177][    T9] device bridge_slave_0 left promiscuous mode
[  517.631263][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  517.840856][ T3686] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  517.861010][    T9] device veth1_macvtap left promiscuous mode
[  517.868332][    T9] device veth0_macvtap left promiscuous mode
[  517.889055][    T9] device veth1_vlan left promiscuous mode
[  517.901408][ T5884] EXT4-fs (loop1): unmounting filesystem.
[  517.950138][ T3686] usb 4-1: device descriptor read/8, error -71
[  518.255372][ T3686] usb usb4-port1: unable to enumerate USB device
[  520.284335][    T9] team0 (unregistering): Port device team_slave_1 removed
[  520.416060][    T9] team0 (unregistering): Port device team_slave_0 removed
[  520.508763][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  520.641312][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  521.026439][ T7903] loop1: detected capacity change from 0 to 40427
[  521.044675][ T7903] F2FS-fs (loop1): invalid crc value
[  521.079111][ T7903] F2FS-fs (loop1): Found nat_bits in checkpoint
[  521.175802][ T7903] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  521.338642][ T7909] loop3: detected capacity change from 0 to 512
[  521.388426][ T7909] EXT4-fs (loop3): Test dummy encryption mode enabled
[  521.409027][ T7909] EXT4-fs error (device loop3): __ext4_iget:5055: inode #11: block 1: comm syz.3.1092: invalid block
[  521.422294][ T7909] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1092: couldn't read orphan inode 11 (err -117)
[  521.434704][ T7909] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  521.564325][ T7913] syz.1.1091: attempt to access beyond end of device
[  521.564325][ T7913] loop1: rw=2049, sector=53248, nr_sectors = 704 limit=40427
[  521.605897][   T26] audit: type=1800 audit(1861631981.039:187): pid=7913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1091" name="bus" dev="loop1" ino=10 res=0 errno=0
[  522.027634][ T5884] syz-executor: attempt to access beyond end of device
[  522.027634][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  522.122101][ T7909] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  522.144995][ T7909] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.1092: Directory hole found for htree leaf block 0
[  522.374981][    T9] bond0 (unregistering): Released all slaves
[  522.648654][ T7804] 8021q: adding VLAN 0 to HW filter on device bond0
[  522.669163][ T7916] fscrypt (loop3): Error allocating 'xts(aes)' transform: -4
[  522.753424][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  522.794070][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  522.836421][ T7804] 8021q: adding VLAN 0 to HW filter on device team0
[  522.903010][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  522.945950][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  522.997786][ T3795] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.004961][ T3795] bridge0: port 1(bridge_slave_0) entered forwarding state
[  523.179537][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  523.187711][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  523.388561][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  523.410853][ T7930] loop1: detected capacity change from 0 to 1024
[  523.418191][ T7930] EXT4-fs: Ignoring removed orlov option
[  523.430089][ T7930] EXT4-fs (loop1): Test dummy encryption mode enabled
[  523.450162][ T3795] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.457482][ T3795] bridge0: port 2(bridge_slave_1) entered forwarding state
[  523.528450][ T7930] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  523.641181][ T5884] EXT4-fs (loop1): unmounting filesystem.
[  523.647091][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  523.680673][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  523.746828][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  523.768472][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  523.801579][ T7804] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  523.814362][ T7804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  523.914669][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  523.941828][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  524.293312][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  524.302008][ T4713] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  524.462794][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  524.549658][ T4713] usb 2-1: device descriptor read/64, error -71
[  524.660591][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  524.685171][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  524.698417][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  524.710633][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  524.723155][ T3831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  524.829671][ T4713] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  524.997465][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  525.033071][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  525.074585][ T7804] 8021q: adding VLAN 0 to HW filter on device batadv0
[  525.129653][ T4713] usb 2-1: device descriptor read/64, error -71
[  525.266210][ T4713] usb usb2-port1: attempt power cycle
[  526.189651][ T4713] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  526.279914][ T4713] usb 2-1: device descriptor read/8, error -71
[  526.699651][ T4713] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  526.725164][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  526.737904][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  526.789731][ T4713] usb 2-1: device descriptor read/8, error -71
[  526.833644][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  526.872837][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  526.907205][ T7804] device veth0_vlan entered promiscuous mode
[  526.914050][ T4713] usb usb2-port1: unable to enumerate USB device
[  526.927084][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  526.948474][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  526.993509][ T7804] device veth1_vlan entered promiscuous mode
[  527.099099][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  527.120587][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  527.143382][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  527.168430][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  527.195367][ T7804] device veth0_macvtap entered promiscuous mode
[  527.231482][ T7804] device veth1_macvtap entered promiscuous mode
[  527.271305][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.294964][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.304963][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.334340][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.355555][ T7956] loop2: detected capacity change from 0 to 40427
[  527.356848][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.384991][ T7956] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  527.403461][ T7956] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  527.405583][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.446690][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.457378][ T7956] F2FS-fs (loop2): invalid crc value
[  527.514957][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.539211][ T7804] batman_adv: batadv0: Interface activated: batadv_slave_0
[  527.587649][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.610400][ T7956] F2FS-fs (loop2): Found nat_bits in checkpoint
[  527.652148][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.662577][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.673923][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.684701][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.695277][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.705150][ T7804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.715712][ T7804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.747283][ T7804] batman_adv: batadv0: Interface activated: batadv_slave_1
[  527.925174][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  527.990120][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  528.189119][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  528.352772][ T7956] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  528.389721][ T7956] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  528.397974][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  528.439909][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  528.494226][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  528.523251][ T7804] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  528.549991][ T7804] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  528.558742][ T7804] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  528.586604][ T7804] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  528.606361][ T3796] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  528.632827][ T7965] loop1: detected capacity change from 0 to 40427
[  528.646728][ T3796] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  528.686561][ T7965] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  528.720089][ T7965] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  528.737727][ T3831] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  528.758417][ T3831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  528.759131][ T7965] F2FS-fs (loop1): invalid crc value
[  528.792899][ T7965] F2FS-fs (loop1): Found nat_bits in checkpoint
[  528.820745][ T7977] loop3: detected capacity change from 0 to 256
[  528.828987][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  528.855532][ T3795] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  528.872087][ T3795] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  528.918141][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  528.938347][ T7965] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  528.960226][ T7965] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  529.245909][ T7965] syz.1.1101: attempt to access beyond end of device
[  529.245909][ T7965] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  529.265754][ T7965] input: syz0 as /devices/virtual/input/input21
[  529.384182][ T5884] syz-executor: attempt to access beyond end of device
[  529.384182][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  529.786960][ T7989] syz.2.1108 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  529.827079][ T7989] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  531.164522][ T8004] loop4: detected capacity change from 0 to 128
[  531.393406][ T8009] tipc: Started in network mode
[  531.398499][ T8009] tipc: Node identity 2, cluster identity 4711
[  531.404889][ T8009] tipc: Node number set to 2
[  534.570741][ T8024] device syzkaller0 entered promiscuous mode
[  534.871421][ T8035] loop1: detected capacity change from 0 to 256
[  535.440734][ T8017] loop2: detected capacity change from 0 to 40427
[  535.457490][ T8017] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  535.465501][ T8017] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  535.476062][ T8017] F2FS-fs (loop2): invalid crc value
[  535.494547][ T8017] F2FS-fs (loop2): Found nat_bits in checkpoint
[  535.555288][ T8017] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  535.567287][ T8017] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  535.655042][ T3688] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  535.774276][ T8017] syz.2.1116: attempt to access beyond end of device
[  535.774276][ T8017] loop2: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  535.804767][ T8017] input: syz0 as /devices/virtual/input/input22
[  535.933184][ T7316] syz-executor: attempt to access beyond end of device
[  535.933184][ T7316] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  536.273207][ T3688] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  536.289776][ T3688] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  536.303977][ T3688] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  536.314517][ T3688] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.342157][ T8048] loop2: detected capacity change from 0 to 128
[  536.389351][ T3688] usb 2-1: config 0 descriptor??
[  536.689832][ T3691] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  536.949664][ T3691] usb 1-1: Using ep0 maxpacket: 16
[  537.100915][ T3691] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  537.127570][ T3691] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  537.224969][ T3691] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  537.234289][ T3691] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.250153][ T3691] usb 1-1: config 0 descriptor??
[  537.301932][ T3691] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  537.837005][ T8057] loop2: detected capacity change from 0 to 1024
[  537.844286][ T8057] EXT4-fs: Ignoring removed orlov option
[  538.318436][ T8057] EXT4-fs (loop2): Test dummy encryption mode enabled
[  538.565759][ T8057] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  539.039769][ T3688] hid-led: probe of 0003:27B8:01ED.000E failed with error -71
[  539.056224][ T3688] usb 2-1: USB disconnect, device number 27
[  539.080813][ T7316] EXT4-fs (loop2): unmounting filesystem.
[  540.742705][ T3689] usb 1-1: USB disconnect, device number 17
[  540.964699][ T8081] loop3: detected capacity change from 0 to 128
[  541.002603][ T8081] EXT4-fs: Ignoring removed i_version option
[  541.008684][ T8081] EXT4-fs: Ignoring removed orlov option
[  541.067647][ T8081] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  541.126741][ T8081] ext4 filesystem being mounted at /44/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  541.897582][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  542.049728][ T8077] loop2: detected capacity change from 0 to 40427
[  542.065165][ T8077] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  542.079832][ T8077] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  543.150456][ T8100] loop1: detected capacity change from 0 to 128
[  544.217511][ T8108] loop3: detected capacity change from 0 to 1024
[  544.224998][ T8108] EXT4-fs: Ignoring removed orlov option
[  544.231638][ T8108] EXT4-fs (loop3): Test dummy encryption mode enabled
[  544.267943][ T8108] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  544.310540][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  544.427614][ T8114] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1140'.
[  545.508735][ T8128] loop2: detected capacity change from 0 to 128
[  545.550354][ T8128] EXT4-fs: Ignoring removed i_version option
[  545.556445][ T8128] EXT4-fs: Ignoring removed orlov option
[  545.617730][ T8128] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  545.629276][ T8128] ext4 filesystem being mounted at /28/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  546.219597][ T8145] loop4: detected capacity change from 0 to 128
[  546.265476][ T3686] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  546.587128][ T7316] EXT4-fs (loop2): unmounting filesystem.
[  549.055255][ T8159] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  549.518017][ T3686] usb 2-1: device descriptor read/all, error -71
[  549.771488][ T3647] Bluetooth: hci4: command 0x0406 tx timeout
[  550.292947][ T3640] Bluetooth: hci2: sending frame failed (-49)
[  550.302434][ T3647] Bluetooth: hci2: Opcode 0x1003 failed: -49
[  551.500687][ T8188] loop4: detected capacity change from 0 to 128
[  551.547073][ T8188] EXT4-fs: Ignoring removed i_version option
[  551.574513][ T8188] EXT4-fs: Ignoring removed orlov option
[  551.619659][ T8188] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  551.653143][ T8188] ext4 filesystem being mounted at /12/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  552.289939][ T8185] loop1: detected capacity change from 0 to 40427
[  552.353447][ T8185] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  552.366665][ T8185] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  552.387172][ T8185] F2FS-fs (loop1): invalid crc value
[  552.408358][ T8185] F2FS-fs (loop1): Found nat_bits in checkpoint
[  552.527340][ T8185] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  552.655533][ T7804] EXT4-fs (loop4): unmounting filesystem.
[  552.659529][ T8185] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  552.902491][ T8185] syz.1.1161: attempt to access beyond end of device
[  552.902491][ T8185] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  552.922181][ T8185] input: syz0 as /devices/virtual/input/input23
[  553.036144][ T5884] syz-executor: attempt to access beyond end of device
[  553.036144][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  553.252860][ T3692] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  553.326951][ T8214] device syzkaller0 entered promiscuous mode
[  553.345043][ T8216] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1170'.
[  553.637350][ T3692] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  553.655634][ T3692] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  553.679098][ T3692] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  553.688478][ T3692] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  553.699116][ T3692] usb 3-1: config 0 descriptor??
[  554.862673][ T3692] hid (null): bogus close delimiter
[  554.919713][ T3692] usb 3-1: language id specifier not provided by device, defaulting to English
[  555.128250][ T8228] loop4: detected capacity change from 0 to 256
[  555.272824][ T3692] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.000F/input/input24
[  555.295385][ T3692] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.000F/input/input25
[  555.318073][ T3692] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.000F/input/input26
[  555.339913][ T3692] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.000F/input/input27
[  555.365055][ T3692] uclogic 0003:256C:006D.000F: input,hiddev0,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  555.555257][ T3692] usb 3-1: USB disconnect, device number 14
[  557.054926][ T8236] loop4: detected capacity change from 0 to 40427
[  557.064102][ T8236] F2FS-fs (loop4): Invalid log blocks per segment (83886089)
[  557.071645][ T8236] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  557.093463][ T8236] F2FS-fs (loop4): invalid crc value
[  557.127297][ T8236] F2FS-fs (loop4): Found nat_bits in checkpoint
[  557.267530][ T8236] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  557.275746][ T8236] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  557.356215][ T8236] syz.4.1175: attempt to access beyond end of device
[  557.356215][ T8236] loop4: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  557.376247][ T8236] input: syz0 as /devices/virtual/input/input28
[  557.414623][ T7804] syz-executor: attempt to access beyond end of device
[  557.414623][ T7804] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  557.898468][ T8246] loop4: detected capacity change from 0 to 128
[  557.906620][ T8246] EXT4-fs: Ignoring removed i_version option
[  557.913204][ T8246] EXT4-fs: Ignoring removed orlov option
[  557.927243][ T8246] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  557.937437][ T8246] ext4 filesystem being mounted at /17/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  558.585531][ T8256] loop2: detected capacity change from 0 to 128
[  558.906878][ T7804] EXT4-fs (loop4): unmounting filesystem.
[  559.292464][ T8263] binder: 8262:8263 ioctl 4018620d 0 returned -22
[  559.355340][ T8263] loop4: detected capacity change from 0 to 512
[  559.416391][ T8263] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  559.488721][ T8263] EXT4-fs (loop4): orphan cleanup on readonly fs
[  559.506357][ T8263] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6).
[  559.537335][ T8263] EXT4-fs warning (device loop4): ext4_enable_quotas:7035: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  559.582988][ T8263] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  559.611405][ T8263] EXT4-fs (loop4): 1 truncate cleaned up
[  559.617440][ T8263] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  559.681891][ T8257] loop1: detected capacity change from 0 to 40427
[  559.728694][ T8257] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  559.736491][ T8257] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  559.758729][ T8257] F2FS-fs (loop1): invalid crc value
[  559.766955][ T8271] binder: 8269:8271 ioctl 4018620d 0 returned -22
[  559.854691][ T8257] F2FS-fs (loop1): Found nat_bits in checkpoint
[  560.003396][ T8257] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  560.021955][ T8257] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  560.056441][ T7804] EXT4-fs (loop4): unmounting filesystem.
[  560.304598][ T8257] syz.1.1180: attempt to access beyond end of device
[  560.304598][ T8257] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  560.322796][ T8257] input: syz0 as /devices/virtual/input/input29
[  560.457518][ T5884] syz-executor: attempt to access beyond end of device
[  560.457518][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  560.924771][ T8267] loop2: detected capacity change from 0 to 40427
[  561.153346][ T8267] F2FS-fs (loop2): invalid crc value
[  561.379316][ T8267] F2FS-fs (loop2): Found nat_bits in checkpoint
[  561.609215][ T8267] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  562.024865][   T26] audit: type=1800 audit(1861632021.549:188): pid=8288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1184" name="bus" dev="loop2" ino=10 res=0 errno=0
[  562.090801][ T8288] syz.2.1184: attempt to access beyond end of device
[  562.090801][ T8288] loop2: rw=2049, sector=53248, nr_sectors = 704 limit=40427
[  563.440488][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  563.446851][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  563.547448][ T8284] loop1: detected capacity change from 0 to 40427
[  563.613869][ T8284] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  563.634293][ T8284] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  563.666511][ T8284] F2FS-fs (loop1): invalid crc value
[  563.684023][ T8284] F2FS-fs (loop1): Found nat_bits in checkpoint
[  563.804002][ T8284] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  563.814834][ T8284] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  563.841103][ T8303] loop4: detected capacity change from 0 to 256
[  563.848302][ T8303] FAT-fs (loop4): Unrecognized mount option "smaner=00000000000000000000" or missing value
[  563.906024][ T8284] syz.1.1187: attempt to access beyond end of device
[  563.906024][ T8284] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  563.924032][ T8284] input: syz0 as /devices/virtual/input/input30
[  564.095298][ T5884] syz-executor: attempt to access beyond end of device
[  564.095298][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  564.249823][ T8303] loop4: detected capacity change from 0 to 40427
[  564.267593][ T8303] F2FS-fs (loop4): invalid crc value
[  564.330803][ T8303] F2FS-fs (loop4): Found nat_bits in checkpoint
[  564.390093][ T8303] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[  564.409543][ T8303] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  564.954459][ T8312] loop1: detected capacity change from 0 to 2048
[  565.132492][ T7316] syz-executor: attempt to access beyond end of device
[  565.132492][ T7316] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  565.246711][ T7804] syz-executor: attempt to access beyond end of device
[  565.246711][ T7804] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  565.294450][ T8312] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  565.309799][ T8312] ext4 filesystem being mounted at /122/bus supports timestamps until 2038 (0x7fffffff)
[  566.086935][ T8319] loop2: detected capacity change from 0 to 128
[  566.305952][ T5884] EXT4-fs (loop1): unmounting filesystem.
[  568.706741][ T8338] loop4: detected capacity change from 0 to 256
[  568.966225][ T3656] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  568.977841][ T3656] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  568.994370][ T3656] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  569.016015][ T3656] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  569.046402][ T3656] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  569.065467][ T3656] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  569.193956][ T8333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  569.208198][ T8333] device batadv_slave_0 entered promiscuous mode
[  569.883917][ T8354] loop2: detected capacity change from 0 to 256
[  569.897415][ T8354] FAT-fs (loop2): Unrecognized mount option "smaner=00000000000000000000" or missing value
[  569.941065][ T3645] syz-executor (3645) used greatest stack depth: 19352 bytes left
[  570.053238][ T8343] chnl_net:caif_netlink_parms(): no params data found
[  570.079708][ T3647] Bluetooth: hci0: command 0x0406 tx timeout
[  570.358823][ T8354] loop2: detected capacity change from 0 to 40427
[  570.391518][ T8354] F2FS-fs (loop2): invalid crc value
[  570.393592][ T8343] bridge0: port 1(bridge_slave_0) entered blocking state
[  570.425624][ T8343] bridge0: port 1(bridge_slave_0) entered disabled state
[  570.430556][ T8354] F2FS-fs (loop2): Found nat_bits in checkpoint
[  570.452994][ T8343] device bridge_slave_0 entered promiscuous mode
[  570.476191][ T8343] bridge0: port 2(bridge_slave_1) entered blocking state
[  570.493171][ T8354] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[  570.497387][ T8343] bridge0: port 2(bridge_slave_1) entered disabled state
[  570.510945][ T8343] device bridge_slave_1 entered promiscuous mode
[  570.510945][ T8354] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  570.753049][ T8343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  571.149543][ T3640] Bluetooth: hci2: command tx timeout
[  571.360777][ T7316] syz-executor: attempt to access beyond end of device
[  571.360777][ T7316] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  571.377961][ T8343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  571.568188][ T8343] team0: Port device team_slave_0 added
[  571.594286][ T8371] loop1: detected capacity change from 0 to 128
[  571.625116][ T8343] team0: Port device team_slave_1 added
[  571.753992][ T8343] batman_adv: batadv0: Adding interface: batadv_slave_0
[  571.783910][ T8343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  571.868961][ T8343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  571.890154][ T8343] batman_adv: batadv0: Adding interface: batadv_slave_1
[  571.897183][ T8343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  572.023788][ T8343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  572.696735][ T8343] device hsr_slave_0 entered promiscuous mode
[  572.732532][ T8343] device hsr_slave_1 entered promiscuous mode
[  572.747585][ T8343] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  572.764126][ T8343] Cannot create hsr debugfs directory
[  572.810099][ T8379] binder: 8377:8379 ioctl 4018620d 0 returned -22
[  573.006188][ T8381] loop2: detected capacity change from 0 to 2048
[  573.107576][ T8381] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  573.648446][ T8381] EXT4-fs (loop2): unmounting filesystem.
[  573.879307][ T3640] Bluetooth: hci2: command tx timeout
[  574.058534][ T8392] loop1: detected capacity change from 0 to 512
[  574.083071][ T3937] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.085111][ T8392] EXT4-fs: Ignoring removed mblk_io_submit option
[  574.112260][ T8392] EXT4-fs: Ignoring removed i_version option
[  574.141728][ T8392] EXT4-fs error (device loop1): __ext4_iget:5055: inode #11: block 1: comm syz.1.1211: invalid block
[  574.169291][ T8392] EXT4-fs (loop1): Remounting filesystem read-only
[  574.176060][ T8392] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1211: couldn't read orphan inode 11 (err -117)
[  574.195225][ T8392] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  574.407756][ T3937] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.542823][ T3937] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.674382][ T3937] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.493950][ T3937] tipc: Left network mode
[  575.501176][ T5884] EXT4-fs (loop1): unmounting filesystem.
[  576.026047][ T3640] Bluetooth: hci2: command tx timeout
[  576.984267][ T8343] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  577.008441][ T8343] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  577.054264][ T8343] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  577.122296][ T8343] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  577.538301][ T8421] loop3: detected capacity change from 0 to 2048
[  577.623482][ T8421] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  577.916537][ T8343] 8021q: adding VLAN 0 to HW filter on device bond0
[  578.079700][ T3640] Bluetooth: hci2: command tx timeout
[  578.486730][ T8419] loop1: detected capacity change from 0 to 40427
[  578.511383][ T8419] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  578.534894][ T8419] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  578.620770][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  578.689913][ T8428] loop2: detected capacity change from 0 to 128
[  578.735692][ T8430] loop3: detected capacity change from 0 to 128
[  579.905462][ T8434] xt_TPROXY: Can be used only with -p tcp or -p udp
[  580.251267][ T8433] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  580.260986][ T8433] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  580.376827][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  580.387021][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  580.398725][ T8343] 8021q: adding VLAN 0 to HW filter on device team0
[  580.412960][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  580.448485][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  580.537067][ T3830] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.544368][ T3830] bridge0: port 1(bridge_slave_0) entered forwarding state
[  580.646920][ T3937] device hsr_slave_0 left promiscuous mode
[  580.672552][ T3937] device hsr_slave_1 left promiscuous mode
[  580.689219][ T3937] batman_adv: batadv0: Interface deactivated: dummy0
[  580.704106][ T3937] batman_adv: batadv0: Removing interface: dummy0
[  580.729642][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  580.745522][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_0
[  580.753789][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  580.769236][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_1
[  580.845432][ T3937] device veth1_macvtap left promiscuous mode
[  580.855237][ T3937] device veth0_macvtap left promiscuous mode
[  580.867222][ T3937] device veth1_vlan left promiscuous mode
[  580.876444][ T3937] device veth0_vlan left promiscuous mode
[  581.039010][ T8450] input: syz1 as /devices/virtual/input/input31
[  581.490593][ T8461] loop1: detected capacity change from 0 to 128
[  582.147528][ T8455] loop3: detected capacity change from 0 to 40427
[  582.178489][ T8455] F2FS-fs (loop3): Invalid log blocks per segment (83886089)
[  582.193285][ T8455] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  582.219784][ T8455] F2FS-fs (loop3): invalid crc value
[  582.261360][ T8455] F2FS-fs (loop3): Found nat_bits in checkpoint
[  582.383140][ T8455] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  582.399607][ T8455] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  582.760393][ T3937] team0 (unregistering): Port device team_slave_1 removed
[  582.878511][ T7152] syz-executor: attempt to access beyond end of device
[  582.878511][ T7152] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  582.972831][ T3937] team0 (unregistering): Port device team_slave_0 removed
[  583.072637][ T3937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  583.162302][ T3937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  585.668891][ T8480] loop3: detected capacity change from 0 to 2048
[  587.339162][ T8490] loop2: detected capacity change from 0 to 512
[  587.383160][ T8490] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  587.392282][ T8490] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff)
[  587.508866][ T3937] bond0 (unregistering): Released all slaves
[  587.549678][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  587.558133][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  587.567066][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  587.577032][ T3830] bridge0: port 2(bridge_slave_1) entered blocking state
[  587.584187][ T3830] bridge0: port 2(bridge_slave_1) entered forwarding state
[  587.592838][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  587.613022][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  587.636902][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  587.655398][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  587.672686][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  587.690816][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  587.704171][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  587.715820][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  587.738422][ T8343] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  587.765943][ T8343] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  588.359716][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  588.400992][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  588.430264][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  588.445245][   T26] audit: type=1326 audit(1861632047.969:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  588.494612][ T8504] loop3: detected capacity change from 0 to 512
[  588.504676][   T26] audit: type=1326 audit(1861632047.999:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  588.578859][   T26] audit: type=1326 audit(1861632047.999:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  588.607251][   T26] audit: type=1326 audit(1861632048.009:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  588.630164][   T26] audit: type=1326 audit(1861632048.009:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  588.663196][   T26] audit: type=1326 audit(1861632048.009:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  588.692608][   T26] audit: type=1326 audit(1861632048.009:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  588.733493][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  588.740611][ T8504] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #16: comm syz.3.1240: corrupted inode contents
[  588.744861][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  588.784925][ T8504] EXT4-fs error (device loop3): ext4_dirty_inode:6086: inode #16: comm syz.3.1240: mark_inode_dirty error
[  588.785110][   T26] audit: type=1326 audit(1861632048.009:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f136d37df73 code=0x7ffc0000
[  588.825197][ T8343] 8021q: adding VLAN 0 to HW filter on device batadv0
[  588.827788][ T8504] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #16: comm syz.3.1240: corrupted inode contents
[  588.846320][ T8504] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1240: mark_inode_dirty error
[  588.859302][   T26] audit: type=1326 audit(1861632048.009:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f136d37ca1f code=0x7ffc0000
[  588.881995][ T8504] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #16: comm syz.3.1240: corrupted inode contents
[  588.887141][ T7316] EXT4-fs (loop2): unmounting filesystem.
[  588.915466][   T26] audit: type=1326 audit(1861632048.019:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.3.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f136d37dfc7 code=0x7ffc0000
[  588.916085][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  588.937857][ T8504] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  588.948248][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  588.970986][ T8504] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #16: comm syz.3.1240: corrupted inode contents
[  588.985572][ T8504] EXT4-fs error (device loop3): ext4_truncate:4311: inode #16: comm syz.3.1240: mark_inode_dirty error
[  588.997394][ T8504] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  589.011851][ T8504] EXT4-fs (loop3): 1 truncate cleaned up
[  589.017769][ T8504] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  589.027218][ T8504] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038 (0x7fffffff)
[  589.042792][   T11] EXT4-fs error (device loop3): ext4_release_dquot:6823: comm kworker/u4:1: Failed to release dquot type 1
[  589.088827][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  589.112724][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  589.125623][ T8504] EXT4-fs error (device loop3): ext4_acquire_dquot:6800: comm syz.3.1240: Failed to acquire dquot type 1
[  589.136647][ T8343] device veth0_vlan entered promiscuous mode
[  589.177642][ T8343] device veth1_vlan entered promiscuous mode
[  589.278511][ T8343] device veth0_macvtap entered promiscuous mode
[  589.338979][ T8343] device veth1_macvtap entered promiscuous mode
[  589.801267][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  589.911170][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  589.946155][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  589.980383][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  589.999094][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  590.015701][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  590.044049][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  590.100177][ T8504] syz.3.1240 (8504) used greatest stack depth: 19344 bytes left
[  590.110083][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  590.151021][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  590.175775][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  590.204467][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  590.234519][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  590.256974][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  590.281993][ T8343] batman_adv: batadv0: Interface activated: batadv_slave_0
[  590.297383][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  590.321066][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  590.336541][ T3830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  590.357349][ T8512] loop4: detected capacity change from 0 to 40427
[  590.380505][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  590.393729][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  590.404421][ T8512] F2FS-fs (loop4): Invalid log blocks per segment (83886089)
[  590.415666][ T8512] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  590.429803][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  590.448772][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  590.460229][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  590.480196][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  590.480595][ T8512] F2FS-fs (loop4): invalid crc value
[  590.493806][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  590.510672][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  590.535319][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  590.545506][ T8512] F2FS-fs (loop4): Found nat_bits in checkpoint
[  590.554881][ T8343] batman_adv: batadv0: Interface activated: batadv_slave_1
[  590.568353][ T3831] EXT4-fs error (device loop3): ext4_release_dquot:6823: comm kworker/u4:11: Failed to release dquot type 1
[  590.605424][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  590.617849][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  590.655339][ T8343] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  590.678673][ T8343] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  590.692241][ T8343] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  590.716115][ T8343] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  590.736123][ T8512] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  590.759768][ T8512] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  590.901414][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  590.918773][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  590.938599][ T3830] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  590.983455][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  590.999619][ T3830] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  591.095544][ T3795] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  591.309638][ T7804] syz-executor: attempt to access beyond end of device
[  591.309638][ T7804] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  593.017242][ T8544] loop1: detected capacity change from 0 to 256
[  596.513054][ T8570] syz.3.1258[8570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  596.513169][ T8570] syz.3.1258[8570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  596.594144][   T14] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  597.086798][ T8563] loop2: detected capacity change from 0 to 40427
[  597.135888][ T8563] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  597.143446][ T8563] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  597.185201][ T8563] F2FS-fs (loop2): invalid crc value
[  597.200957][ T8557] loop4: detected capacity change from 0 to 40427
[  597.212114][ T8563] F2FS-fs (loop2): Found nat_bits in checkpoint
[  597.222843][ T8557] F2FS-fs (loop4): Invalid log blocks per segment (83886089)
[  597.262810][ T8557] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  597.288014][ T8557] F2FS-fs (loop4): invalid crc value
[  597.315907][ T8557] F2FS-fs (loop4): Found nat_bits in checkpoint
[  597.409358][ T8563] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  597.448363][ T8563] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  598.235671][ T7316] syz-executor: attempt to access beyond end of device
[  598.235671][ T7316] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  599.258740][ T8602] device syzkaller0 entered promiscuous mode
[  599.468247][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  599.468265][   T26] audit: type=1326 audit(1861632058.989:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8608 comm="syz.2.1268" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd728b7df39 code=0x0
[  600.422051][   T26] audit: type=1326 audit(1861632059.949:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.461705][   T26] audit: type=1326 audit(1861632059.989:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.495511][   T26] audit: type=1326 audit(1861632060.019:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.529564][ T3691] usb 2-1: new low-speed USB device number 31 using dummy_hcd
[  600.567370][   T26] audit: type=1326 audit(1861632060.019:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.601272][   T26] audit: type=1326 audit(1861632060.019:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.647345][   T26] audit: type=1326 audit(1861632060.049:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.704116][   T26] audit: type=1326 audit(1861632060.059:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.929552][   T26] audit: type=1326 audit(1861632060.059:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  600.964721][   T26] audit: type=1326 audit(1861632060.059:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.0.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  601.120409][ T3691] usb 2-1: config 1 interface 0 altsetting 9 endpoint 0x81 has invalid maxpacket 16, setting to 8
[  601.236412][ T3691] usb 2-1: config 1 interface 0 altsetting 9 endpoint 0x2 has invalid maxpacket 32, setting to 8
[  601.385976][ T3691] usb 2-1: config 1 interface 0 has no altsetting 0
[  601.699724][ T3691] usb 2-1: New USB device found, idVendor=05ac, idProduct=027b, bcdDevice= 0.40
[  601.729644][ T3691] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.737703][ T3691] usb 2-1: Product: Е
[  601.765248][ T3691] usb 2-1: Manufacturer: 갩藟젮जড᳗上鿸ᨳ뾯ᚗ툥Ⱚ좦힡홆퉺롕涭㊽燽鱼瓁狎쫔呔鷨㺓ᗆ
[  601.818801][ T3691] usb 2-1: SerialNumber: 鉁啻狋匊搿렴ᏹ⯺軀즾䐊㛑࣪ᓲ屮۾ꥭⱼ︸⎩踌ৃꕽ婠ⱆ먝䃗ᡉ㼏쟗殡끗ᖫꂀ욀㌐䦝핚護⸅ᦹ⽵롶ᒈ䤊⒎墤⪆⻾踐뺉
[  602.089144][ T8614] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  602.109633][ T8614] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  602.190782][ T8637] xt_NFQUEUE: number of total queues is 0
[  603.025662][ T8625] loop3: detected capacity change from 0 to 40427
[  603.048268][ T8625] F2FS-fs (loop3): Invalid log blocks per segment (83886089)
[  603.058525][ T8625] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  603.084046][ T8625] F2FS-fs (loop3): invalid crc value
[  603.093983][ T8625] F2FS-fs (loop3): Found nat_bits in checkpoint
[  603.172558][ T8625] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  603.184203][ T8625] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  603.760046][ T7152] syz-executor: attempt to access beyond end of device
[  603.760046][ T7152] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  604.008852][ T8647] input: syz0 as /devices/virtual/input/input32
[  604.869570][ T3691] usbhid 2-1:1.0: can't add hid device: -71
[  604.876938][ T3691] usbhid: probe of 2-1:1.0 failed with error -71
[  604.895597][ T3691] usb 2-1: USB disconnect, device number 31
[  605.652532][ T3687] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  606.330377][ T8665] loop1: detected capacity change from 0 to 256
[  606.359786][ T3687] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  606.380101][ T3687] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  606.578414][ T3687] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  606.587561][ T3687] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.598737][ T3687] usb 1-1: config 0 descriptor??
[  607.223020][ T3687] uclogic 0003:5543:0781.0010: item fetching failed at offset 5/7
[  607.242250][ T3687] uclogic 0003:5543:0781.0010: parse failed
[  607.248223][ T3687] uclogic: probe of 0003:5543:0781.0010 failed with error -22
[  607.452413][ T4711] usb 1-1: USB disconnect, device number 18
[  607.744583][ T3640] Bluetooth: hci0: command 0x0406 tx timeout
[  611.214401][ T3647] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  611.231194][ T3647] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  611.239223][ T3647] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  611.249154][ T3647] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  611.268786][ T3647] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  611.287242][ T3647] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  611.567056][ T8699] loop3: detected capacity change from 0 to 256
[  611.634269][ T8683] loop1: detected capacity change from 0 to 40427
[  611.660306][ T8683] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  611.667827][ T8683] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  611.715869][ T8683] F2FS-fs (loop1): invalid crc value
[  611.803184][ T8683] F2FS-fs (loop1): Found nat_bits in checkpoint
[  612.977703][ T3692] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  613.071529][ T8639] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.079098][ T8639] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.123949][ T8641] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.131186][ T8641] bridge0: port 2(bridge_slave_1) entered forwarding state
[  613.138860][ T8641] bridge0: port 1(bridge_slave_0) entered blocking state
[  613.146063][ T8641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  613.177176][ T8641] device bridge0 entered promiscuous mode
[  613.370091][ T3647] Bluetooth: hci3: command tx timeout
[  613.379187][ T3692] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  613.410453][ T3692] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  613.428242][ T8712] device syzkaller0 entered promiscuous mode
[  613.438223][ T3692] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  613.604316][ T8721] xt_TPROXY: Can be used only with -p tcp or -p udp
[  613.993001][ T3692] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.005886][ T3692] usb 4-1: config 0 descriptor??
[  614.061867][ T3692] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  614.089166][ T8720] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  614.098985][ T8720] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  614.293632][ T8707] syz.3.1299[8707] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  614.293741][ T8707] syz.3.1299[8707] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  614.448644][ T3692] usb 4-1: USB disconnect, device number 27
[  614.572579][ T3640] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  614.658945][ T3640] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  614.669788][ T3640] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  614.682784][ T3640] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  614.707173][ T3640] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  614.717660][ T3640] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  615.352820][ T8732] loop3: detected capacity change from 0 to 128
[  615.373489][ T8732] EXT4-fs: Ignoring removed i_version option
[  615.384815][ T8732] EXT4-fs: Ignoring removed orlov option
[  615.402191][ T8732] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  615.411129][ T8732] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  615.449986][ T3640] Bluetooth: hci3: command tx timeout
[  615.565566][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  616.072808][ T8739] loop3: detected capacity change from 0 to 40427
[  616.091101][ T8739] F2FS-fs (loop3): Invalid log blocks per segment (83886089)
[  616.098544][ T8739] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  616.108793][ T8739] F2FS-fs (loop3): invalid crc value
[  616.131363][ T8739] F2FS-fs (loop3): Found nat_bits in checkpoint
[  616.211975][ T8739] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  616.219168][ T8739] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  616.640707][ T8746] syz.3.1305: attempt to access beyond end of device
[  616.640707][ T8746] loop3: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  616.666967][ T8746] input: syz0 as /devices/virtual/input/input33
[  616.810355][ T3647] Bluetooth: hci0: command tx timeout
[  617.519821][ T3640] Bluetooth: hci3: command tx timeout
[  617.620833][ T7152] syz-executor: attempt to access beyond end of device
[  617.620833][ T7152] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  618.144482][ T8753] loop3: detected capacity change from 0 to 256
[  618.879775][ T3640] Bluetooth: hci0: command tx timeout
[  619.319009][ T8761] loop3: detected capacity change from 0 to 2048
[  619.405160][ T8761] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  619.414477][ T8761] ext4 filesystem being mounted at /87/bus supports timestamps until 2038 (0x7fffffff)
[  619.643334][ T3640] Bluetooth: hci3: command tx timeout
[  620.392525][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  620.959706][ T3640] Bluetooth: hci0: command tx timeout
[  621.414616][ T8777] loop1: detected capacity change from 0 to 128
[  621.441859][ T8769] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1311'.
[  621.461485][ T8777] EXT4-fs: Ignoring removed i_version option
[  621.509568][ T8777] EXT4-fs: Ignoring removed orlov option
[  621.560050][ T8777] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  621.635808][ T8777] ext4 filesystem being mounted at /148/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  621.730642][   T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.904264][ T5884] EXT4-fs (loop1): unmounting filesystem.
[  622.622142][ T8783] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  622.728150][ T8794] loop1: detected capacity change from 0 to 256
[  622.824884][   T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.484985][   T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.642358][ T8727] chnl_net:caif_netlink_parms(): no params data found
[  623.703210][ T8696] chnl_net:caif_netlink_parms(): no params data found
[  623.881873][   T46] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.322030][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  624.328622][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  625.030719][ T8727] bridge0: port 1(bridge_slave_0) entered blocking state
[  625.037960][ T8727] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.116915][ T8727] device bridge_slave_0 entered promiscuous mode
[  625.286260][ T8727] bridge0: port 2(bridge_slave_1) entered blocking state
[  625.317777][ T8727] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.340724][ T8727] device bridge_slave_1 entered promiscuous mode
[  625.392154][ T8696] bridge0: port 1(bridge_slave_0) entered blocking state
[  625.399572][ T8696] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.428307][ T8696] device bridge_slave_0 entered promiscuous mode
[  625.495449][ T8696] bridge0: port 2(bridge_slave_1) entered blocking state
[  625.509568][ T8696] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.536226][ T8696] device bridge_slave_1 entered promiscuous mode
[  625.682575][ T8727] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  625.798474][ T8727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  625.827082][ T8696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  625.934022][ T8696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  625.957305][ T8817] loop1: detected capacity change from 0 to 40427
[  625.987776][ T8817] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  625.991576][ T8727] team0: Port device team_slave_0 added
[  626.016190][ T8817] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  626.027037][ T8727] team0: Port device team_slave_1 added
[  626.103601][ T8817] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  626.138139][ T8696] team0: Port device team_slave_0 added
[  626.193736][ T8727] batman_adv: batadv0: Adding interface: batadv_slave_0
[  626.201454][ T8727] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  626.261335][ T8817] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  626.268640][ T8817] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  626.274888][ T8727] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  626.309790][ T8696] team0: Port device team_slave_1 added
[  626.332201][ T8822] loop3: detected capacity change from 0 to 2048
[  626.446491][ T8727] batman_adv: batadv0: Adding interface: batadv_slave_1
[  626.455196][ T8727] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  626.499583][ T8727] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  626.550731][ T8822] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  626.696628][ T8831] syz.1.1320: attempt to access beyond end of device
[  626.696628][ T8831] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  626.756882][ T8831] syz.1.1320: attempt to access beyond end of device
[  626.756882][ T8831] loop1: rw=2049, sector=53256, nr_sectors = 64 limit=40427
[  626.797078][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  626.797436][   T26] audit: type=1804 audit(1861632086.249:241): pid=8831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1320" name="/newroot/151/file1/file1" dev="loop1" ino=10 res=1 errno=0
[  626.840311][ T8822] ext4 filesystem being mounted at /91/bus supports timestamps until 2038 (0x7fffffff)
[  627.296550][ T5884] syz-executor: attempt to access beyond end of device
[  627.296550][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  627.484520][ T8696] batman_adv: batadv0: Adding interface: batadv_slave_0
[  627.511232][ T8696] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  627.699652][ T8696] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  627.822572][ T8696] batman_adv: batadv0: Adding interface: batadv_slave_1
[  627.849588][ T8696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  627.926285][ T8696] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  628.249173][ T8727] device hsr_slave_0 entered promiscuous mode
[  628.260544][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  628.300803][ T8727] device hsr_slave_1 entered promiscuous mode
[  628.461546][ T8837] loop1: detected capacity change from 0 to 128
[  628.768292][   T46] device hsr_slave_0 left promiscuous mode
[  628.778984][   T46] device hsr_slave_1 left promiscuous mode
[  628.788827][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  628.936102][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  628.996400][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  629.232029][   T46] device bridge_slave_1 left promiscuous mode
[  629.503654][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.518381][ T8847] syz.0.1326[8847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  629.518487][ T8847] syz.0.1326[8847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  629.541960][   T46] device bridge_slave_0 left promiscuous mode
[  629.599845][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.649500][   T46] device veth1_macvtap left promiscuous mode
[  629.655753][   T46] device veth0_macvtap left promiscuous mode
[  629.668277][   T46] device veth1_vlan left promiscuous mode
[  629.674258][   T46] device veth0_vlan left promiscuous mode
[  629.741428][ T8853] loop1: detected capacity change from 0 to 256
[  631.001523][   T46] team0 (unregistering): Port device team_slave_1 removed
[  631.229544][   T46] team0 (unregistering): Port device team_slave_0 removed
[  631.273801][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  631.327036][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  631.571207][ T3686] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  631.775982][ T3686] usb 2-1: device descriptor read/64, error -71
[  631.870851][   T46] bond0 (unregistering): Released all slaves
[  631.946356][ T8696] device hsr_slave_0 entered promiscuous mode
[  631.953407][ T8696] device hsr_slave_1 entered promiscuous mode
[  631.960646][ T8696] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  631.968307][ T8696] Cannot create hsr debugfs directory
[  631.988705][ T8846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1324'.
[  632.049745][ T3686] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  632.338104][   T26] audit: type=1326 audit(1861632091.859:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  632.362624][   T26] audit: type=1326 audit(1861632091.859:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  632.368246][ T3686] usb 2-1: device descriptor read/64, error -71
[  632.385244][   T26] audit: type=1326 audit(1861632091.859:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  632.385289][   T26] audit: type=1326 audit(1861632091.859:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  632.385324][   T26] audit: type=1326 audit(1861632091.859:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.3.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  632.724902][ T3686] usb usb2-port1: attempt power cycle
[  632.875488][ T8876] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1334'.
[  633.713503][ T3686] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  633.750667][ T8696] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  634.684515][ T3686] usb 2-1: device descriptor read/8, error -71
[  635.076890][ T8889] loop1: detected capacity change from 0 to 256
[  635.095293][ T8696] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.308742][   T26] audit: type=1800 audit(1861632095.539:247): pid=8893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1338" name="file1" dev="loop1" ino=1048683 res=0 errno=0
[  636.417649][ T8696] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.476616][ T8898] loop1: detected capacity change from 0 to 256
[  636.534937][ T8900] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1341'.
[  636.742203][ T8696] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.867711][   T26] audit: type=1326 audit(1861632096.389:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8901 comm="syz.0.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  636.909604][   T26] audit: type=1326 audit(1861632096.389:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8901 comm="syz.0.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  636.979534][   T26] audit: type=1326 audit(1861632096.389:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8901 comm="syz.0.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  637.027848][   T26] audit: type=1326 audit(1861632096.389:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8901 comm="syz.0.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  637.445760][ T8727] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  637.947498][ T8727] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  637.990126][ T8727] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  638.056873][ T8727] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  638.095632][ T8696] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  638.108674][ T8696] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  638.112756][ T8913] loop1: detected capacity change from 0 to 128
[  638.355714][ T8696] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  638.365631][ T8696] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  639.535451][ T8727] 8021q: adding VLAN 0 to HW filter on device bond0
[  639.595306][ T8696] 8021q: adding VLAN 0 to HW filter on device bond0
[  639.630445][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  639.646776][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  639.677139][ T8727] 8021q: adding VLAN 0 to HW filter on device team0
[  639.699856][   T46] device hsr_slave_0 left promiscuous mode
[  639.707640][   T46] device hsr_slave_1 left promiscuous mode
[  639.714321][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  639.723597][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  639.843117][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  639.896387][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  639.927926][   T46] device bridge_slave_1 left promiscuous mode
[  639.939206][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  639.951711][   T46] device bridge_slave_0 left promiscuous mode
[  639.957959][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.070056][ T3691] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  640.279695][ T3691] usb 2-1: device descriptor read/64, error -71
[  640.559746][ T3691] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  640.769629][ T3691] usb 2-1: device descriptor read/64, error -71
[  640.801695][   T46] device veth1_macvtap left promiscuous mode
[  640.807929][   T46] device veth0_macvtap left promiscuous mode
[  640.834663][   T46] device veth1_vlan left promiscuous mode
[  640.846160][   T46] device veth0_vlan left promiscuous mode
[  640.915510][ T3691] usb usb2-port1: attempt power cycle
[  641.139807][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  641.139828][   T26] audit: type=1326 audit(1861632100.579:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8923 comm="syz.3.1349" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x0
[  641.449564][ T3691] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  641.560960][ T3691] usb 2-1: device descriptor read/8, error -71
[  641.851304][ T3691] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  642.109509][ T3691] usb 2-1: device descriptor read/8, error -71
[  642.969522][ T3691] usb usb2-port1: unable to enumerate USB device
[  643.287852][   T26] audit: type=1326 audit(1861632102.819:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  643.311079][   T26] audit: type=1326 audit(1861632102.819:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  643.334374][   T26] audit: type=1326 audit(1861632102.819:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  643.358412][   T26] audit: type=1326 audit(1861632102.819:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  643.382723][   T26] audit: type=1326 audit(1861632102.819:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7ffc0000
[  643.444925][   T26] audit: type=1326 audit(1861632102.969:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.1.1354" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f408c97df39 code=0x0
[  643.741862][   T46] team0 (unregistering): Port device team_slave_1 removed
[  643.805145][   T46] team0 (unregistering): Port device team_slave_0 removed
[  643.852843][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  643.997641][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  644.512664][   T46] bond0 (unregistering): Released all slaves
[  644.591144][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  644.607272][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  644.615889][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  644.623040][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  644.632564][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  644.644840][ T8935] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1351'.
[  644.713619][ T8696] 8021q: adding VLAN 0 to HW filter on device team0
[  644.721128][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  644.730218][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  644.750679][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  644.769308][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  644.790142][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  644.797279][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  644.805880][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  644.851586][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  644.872459][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  644.902995][ T3937] bridge0: port 1(bridge_slave_0) entered blocking state
[  644.910257][ T3937] bridge0: port 1(bridge_slave_0) entered forwarding state
[  644.942016][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  644.951913][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  644.963603][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  644.973081][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  644.984449][ T3937] bridge0: port 2(bridge_slave_1) entered blocking state
[  644.991602][ T3937] bridge0: port 2(bridge_slave_1) entered forwarding state
[  644.999868][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  645.011288][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  645.022971][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  645.037135][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  645.059043][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  645.078230][ T8727] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  645.091905][ T8727] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  645.133952][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  645.150558][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  645.165513][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  645.196196][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  645.219085][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  645.232513][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  645.246668][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  645.257193][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  645.272402][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  645.285285][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  645.313409][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  645.329139][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  645.331704][ T8964] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1358'.
[  645.360737][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  645.390826][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  645.413321][ T8696] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  645.432984][ T8696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  645.450437][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  645.469105][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  645.724730][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  645.733412][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  645.793473][ T8727] 8021q: adding VLAN 0 to HW filter on device batadv0
[  645.833022][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  645.871773][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  645.973217][ T8727] device veth0_vlan entered promiscuous mode
[  646.017400][ T8727] device veth1_vlan entered promiscuous mode
[  646.041821][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  646.052402][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  646.062440][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  646.171981][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  646.237436][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  646.336136][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  646.348098][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  646.397660][ T3854] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  646.426029][ T8696] 8021q: adding VLAN 0 to HW filter on device batadv0
[  646.525977][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  646.571927][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  646.613938][ T8727] device veth0_macvtap entered promiscuous mode
[  646.649687][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  646.692675][ T8727] device veth1_macvtap entered promiscuous mode
[  646.769690][ T8727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  646.797681][ T8727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  646.916731][ T8727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  646.947762][ T8727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  646.971347][ T8727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.003807][ T8727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.025343][ T8727] batman_adv: batadv0: Interface activated: batadv_slave_0
[  647.080300][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  647.495796][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  647.680848][ T8727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.698433][ T8727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.728916][ T8727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.766008][ T8727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.779171][ T8727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.842595][ T8727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.888424][ T8727] batman_adv: batadv0: Interface activated: batadv_slave_1
[  647.922139][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  647.944866][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  647.980211][ T8727] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  647.988965][ T8727] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  648.019484][ T8727] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  648.028301][ T8727] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  648.060139][ T8994] tipc: Started in network mode
[  648.065096][ T8994] tipc: Node identity 2, cluster identity 4711
[  648.079248][ T8994] tipc: Node number set to 2
[  648.247359][ T3796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.279099][ T3796] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.295324][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  648.310709][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  648.349003][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  648.355663][ T3796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.382090][ T3796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.391718][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  648.402926][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  648.402941][   T26] audit: type=1326 audit(1861632107.919:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.427952][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  648.445858][   T26] audit: type=1326 audit(1861632107.919:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.470363][   T26] audit: type=1326 audit(1861632107.919:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.494357][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  648.511641][   T26] audit: type=1326 audit(1861632107.919:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.540358][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  648.551011][ T8696] device veth0_vlan entered promiscuous mode
[  648.563711][   T26] audit: type=1326 audit(1861632107.919:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.592218][ T8696] device veth1_vlan entered promiscuous mode
[  648.596996][   T26] audit: type=1326 audit(1861632107.919:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.662232][ T8998] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1365'.
[  648.674011][   T26] audit: type=1326 audit(1861632107.919:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.703992][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  648.715451][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  648.809832][   T26] audit: type=1326 audit(1861632107.919:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.862616][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  648.901659][   T26] audit: type=1326 audit(1861632107.919:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  648.939269][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  648.963913][ T8696] device veth0_macvtap entered promiscuous mode
[  649.077029][ T8696] device veth1_macvtap entered promiscuous mode
[  649.311559][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.390779][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.463462][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.542444][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.629458][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.659442][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.688325][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.745156][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.755259][   T26] audit: type=1326 audit(1861632107.919:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.3.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136d37df39 code=0x7fc00000
[  649.811288][ T8696] batman_adv: batadv0: Interface activated: batadv_slave_0
[  649.818878][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  649.840099][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  649.868661][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  649.900327][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  649.913104][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.935973][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.948872][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.965389][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.978142][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.994610][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.018440][ T8696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  650.038419][ T8696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  650.056414][ T8696] batman_adv: batadv0: Interface activated: batadv_slave_1
[  650.068356][ T8696] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  650.086181][ T8696] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  650.105648][ T8696] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  650.128587][ T8696] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  650.160020][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  650.179412][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  650.312980][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  650.322876][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  650.347685][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  650.385186][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  650.400480][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  650.421536][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  652.831371][ T9032] loop3: detected capacity change from 0 to 512
[  652.889590][ T9035] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1375'.
[  652.920968][ T9032] EXT4-fs (loop3): 1 truncate cleaned up
[  652.926681][ T9032] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  652.997407][ T9032] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.1374: Directory hole found for htree leaf block 0
[  655.519960][ T7152] EXT4-fs (loop3): unmounting filesystem.
[  655.828375][   T26] kauditd_printk_skb: 44 callbacks suppressed
[  655.828393][   T26] audit: type=1326 audit(1861632115.349:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9041 comm="syz.1.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f408c97df39 code=0x7ffc0000
[  655.898689][   T26] audit: type=1326 audit(1861632115.349:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9041 comm="syz.1.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f408c97df39 code=0x7ffc0000
[  655.957506][   T26] audit: type=1326 audit(1861632115.349:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9041 comm="syz.1.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f408c97df39 code=0x7ffc0000
[  656.009535][   T26] audit: type=1326 audit(1861632115.349:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9041 comm="syz.1.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f408c97df39 code=0x7ffc0000
[  656.068017][   T26] audit: type=1326 audit(1861632115.349:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9041 comm="syz.1.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f408c97df39 code=0x7ffc0000
[  656.366222][ T9058] loop4: detected capacity change from 0 to 256
[  656.410517][ T9058] FAT-fs (loop4): Unrecognized mount option "smaner=00000000000000000000" or missing value
[  656.508661][ T9048] loop2: detected capacity change from 0 to 40427
[  656.534921][ T9048] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  656.544141][ T9048] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  656.576574][ T9048] F2FS-fs (loop2): invalid crc value
[  656.679684][ T9048] F2FS-fs (loop2): Found nat_bits in checkpoint
[  656.836022][ T9058] loop4: detected capacity change from 0 to 40427
[  656.850615][ T9058] F2FS-fs (loop4): invalid crc value
[  656.950881][ T9058] F2FS-fs (loop4): Found nat_bits in checkpoint
[  657.004241][ T9058] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[  657.795903][ T9048] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  657.804303][ T9058] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  657.818207][ T9048] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  658.132850][ T8696] syz-executor: attempt to access beyond end of device
[  658.132850][ T8696] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  658.969492][ T9079] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1387'.
[  659.137003][ T9082] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  659.581255][ T9090] Bluetooth: MGMT ver 1.22
[  662.289166][   T26] audit: type=1326 audit(1861632121.809:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  662.325453][ T9114] loop4: detected capacity change from 0 to 256
[  662.383026][   T26] audit: type=1326 audit(1861632121.809:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  662.407366][   T26] audit: type=1326 audit(1861632121.809:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  662.425730][ T9114] FAT-fs (loop4): Unrecognized mount option "smaner=00000000000000000000" or missing value
[  662.440000][   T26] audit: type=1326 audit(1861632121.809:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  662.542833][   T26] audit: type=1326 audit(1861632121.809:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20b0f7df39 code=0x7ffc0000
[  662.928160][ T9112] loop4: detected capacity change from 0 to 40427
[  662.939005][ T9112] F2FS-fs (loop4): invalid crc value
[  662.970940][ T9112] F2FS-fs (loop4): Found nat_bits in checkpoint
[  663.036631][ T9112] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[  663.051567][ T9112] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  663.498224][ T8696] syz-executor: attempt to access beyond end of device
[  663.498224][ T8696] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  663.875324][ T9116] loop2: detected capacity change from 0 to 40427
[  663.900895][ T9116] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  663.908452][ T9116] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  664.298626][ T9128] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1399'.
[  664.789359][ T9136] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  664.798912][ T9136] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  665.129649][ T9138] xt_TPROXY: Can be used only with -p tcp or -p udp
[  666.284130][ T9144] loop2: detected capacity change from 0 to 128
[  666.346359][   T26] audit: type=1800 audit(1861632125.869:324): pid=9144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1403" name="bus" dev="loop2" ino=1048691 res=0 errno=0
[  668.033804][   T26] audit: type=1326 audit(1861632127.559:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9156 comm="syz.2.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81de17df39 code=0x7ffc0000
[  668.097472][ T9159] loop3: detected capacity change from 0 to 2048
[  668.109513][   T26] audit: type=1326 audit(1861632127.559:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9156 comm="syz.2.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81de17df39 code=0x7ffc0000
[  668.145166][ T9164] loop4: detected capacity change from 0 to 256
[  668.158800][   T26] audit: type=1326 audit(1861632127.559:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9156 comm="syz.2.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f81de17df39 code=0x7ffc0000
[  668.168666][ T9164] FAT-fs (loop4): Unrecognized mount option "smaner=00000000000000000000" or missing value
[  668.214026][   T26] audit: type=1326 audit(1861632127.559:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9156 comm="syz.2.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81de17df39 code=0x7ffc0000
[  668.245861][ T9159] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  668.270271][ T9159] EXT4-fs (loop3): unmounting filesystem.
[  668.296157][   T26] audit: type=1326 audit(1861632127.559:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9156 comm="syz.2.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81de17df39 code=0x7ffc0000
[  668.604437][ T9164] loop4: detected capacity change from 0 to 40427
[  668.622542][ T9164] F2FS-fs (loop4): invalid crc value
[  668.710436][ T9164] F2FS-fs (loop4): Found nat_bits in checkpoint
[  668.774627][ T9164] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[  669.001941][ T9164] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  670.679671][ T8696] syz-executor: attempt to access beyond end of device
[  670.679671][ T8696] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  671.426356][ T9169] loop1: detected capacity change from 0 to 40427
[  671.448036][ T9169] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  671.474011][ T9169] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  671.498269][ T9169] F2FS-fs (loop1): invalid crc value
[  671.542142][ T9169] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-12)
[  672.675624][ T9182] loop2: detected capacity change from 0 to 40427
[  672.704459][ T9193] loop4: detected capacity change from 0 to 128
[  672.725939][ T9193] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  672.734617][ T9182] F2FS-fs (loop2): Invalid log blocks per segment (83886089)
[  672.749705][ T9182] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  672.802726][ T9193] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  672.824492][ T9193] ext2 filesystem being mounted at /10/bus supports timestamps until 2038 (0x7fffffff)
[  672.891062][ T9185] loop3: detected capacity change from 0 to 40427
[  672.935998][ T9185] F2FS-fs (loop3): invalid crc value
[  673.898856][ T9202] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  673.908692][ T9202] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  673.984568][ T9203] xt_TPROXY: Can be used only with -p tcp or -p udp
[  674.183077][ T9185] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  674.470812][ T8696] EXT4-fs (loop4): unmounting filesystem.
[  675.014352][   T26] audit: type=1326 audit(1861632134.539:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9212 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  675.141123][   T26] audit: type=1326 audit(1861632134.539:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9212 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  675.174151][   T26] audit: type=1326 audit(1861632134.539:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9212 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  675.203234][   T26] audit: type=1326 audit(1861632134.539:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9212 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  675.228548][   T14] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  675.244323][   T26] audit: type=1326 audit(1861632134.539:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9212 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  676.872428][ T9226] tipc: Started in network mode
[  676.877352][ T9226] tipc: Node identity 2, cluster identity 4711
[  676.883698][ T9226] tipc: Node number set to 2
[  677.009708][   T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  677.039434][   T14] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  677.083051][   T14] usb 4-1: New USB device found, idVendor=1a7d, idProduct=30d4, bcdDevice= 0.00
[  677.103269][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.129127][   T14] usb 4-1: config 0 descriptor??
[  677.187456][   T14] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  677.215054][ T9215] loop1: detected capacity change from 0 to 40427
[  677.227298][ T9215] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  677.234850][ T9215] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  677.245007][ T9215] F2FS-fs (loop1): invalid crc value
[  677.252758][ T9215] F2FS-fs (loop1): Found nat_bits in checkpoint
[  677.902592][   T41] usb 4-1: USB disconnect, device number 28
[  678.074866][    T7] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  678.162671][ T3765] Bluetooth: hci6: Frame reassembly failed (-84)
[  678.186098][   T35] Bluetooth: hci6: Frame reassembly failed (-84)
[  678.405785][ T9246] loop2: detected capacity change from 0 to 2048
[  678.468562][ T9243] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1432'.
[  678.484084][    T7] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  678.500226][ T9243] can0: slcan on ttyS3.
[  678.509528][    T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.520607][    T7] usb 5-1: config 0 descriptor??
[  678.559502][ T9243] can0 (unregistered): slcan off ttyS3.
[  679.090914][   T26] audit: type=1326 audit(1861632138.609:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9227 comm="syz.4.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  679.278249][   T26] audit: type=1326 audit(1861632138.659:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9227 comm="syz.4.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  679.385489][   T26] audit: type=1326 audit(1861632138.679:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9227 comm="syz.4.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  679.436946][   T26] audit: type=1326 audit(1861632138.689:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9227 comm="syz.4.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  679.468478][   T26] audit: type=1326 audit(1861632138.689:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9227 comm="syz.4.1426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c97df39 code=0x7ffc0000
[  679.612538][    T7] usb 5-1: Cannot read MAC address
[  679.617834][    T7] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -71
[  679.748218][    T7] usb 5-1: USB disconnect, device number 12
[  680.151039][ T8345] Bluetooth: hci5: command 0x1003 tx timeout
[  680.157579][ T3647] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  680.165909][ T8345] Bluetooth: hci6: command 0x1003 tx timeout
[  680.239654][ T3640] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  680.896418][ T9271] loop4: detected capacity change from 0 to 256
[  681.788402][ T9281] tipc: Started in network mode
[  681.793441][ T9281] tipc: Node identity 2, cluster identity 4711
[  681.799779][ T9281] tipc: Node number set to 2
[  681.945816][ T9265] loop1: detected capacity change from 0 to 40427
[  682.002030][ T9265] F2FS-fs (loop1): Invalid log blocks per segment (83886089)
[  682.029438][ T9265] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  682.069279][ T9265] F2FS-fs (loop1): invalid crc value
[  682.113838][ T9265] F2FS-fs (loop1): Found nat_bits in checkpoint
[  682.261421][ T9265] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  682.268607][ T9265] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  682.618748][ T9288] loop2: detected capacity change from 0 to 2048
[  682.720153][ T9287] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1444'.
[  682.763126][ T9287] can0: slcan on ttyS3.
[  682.829523][ T9287] can0 (unregistered): slcan off ttyS3.
[  683.015614][ T9294] syz.1.1439: attempt to access beyond end of device
[  683.015614][ T9294] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  683.034351][ T9294] input: syz0 as /devices/virtual/input/input35
[  684.599520][ T3691] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  684.959782][ T3691] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  684.999664][ T3691] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  685.008771][ T3691] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.017341][ T9295] loop2: detected capacity change from 0 to 40427
[  685.037463][ T9295] F2FS-fs (loop2): invalid crc value
[  685.052817][ T3691] usb 5-1: config 0 descriptor??
[  685.075155][ T9295] F2FS-fs (loop2): Found nat_bits in checkpoint
[  685.111839][ T3691] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  685.154939][ T9295] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  685.191260][ T9316] loop3: detected capacity change from 0 to 256
[  685.239112][ T5884] syz-executor: attempt to access beyond end of device
[  685.239112][ T5884] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  685.769824][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  685.778598][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  687.338966][ T3653] usb 5-1: USB disconnect, device number 13
[  687.698903][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.825031][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.185356][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.249537][   T41] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  690.335572][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.499665][   T41] usb 1-1: Using ep0 maxpacket: 16
[  690.547096][   T11] tipc: Left network mode
[  690.619647][   T41] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  690.647396][   T41] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  690.809696][   T41] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  690.819816][   T41] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.828041][   T41] usb 1-1: Product: syz
[  690.832518][   T41] usb 1-1: Manufacturer: syz
[  690.837318][   T41] usb 1-1: SerialNumber: syz
[  692.905804][ T9370] xt_NFQUEUE: number of total queues is 0
[  693.570270][ T3640] Bluetooth: hci2: command 0x0406 tx timeout
[  694.849173][   T41] usb 1-1: 0:2 : does not exist
[  694.862904][   T41] usb 1-1: USB disconnect, device number 19
[  695.045597][   T11] device hsr_slave_0 left promiscuous mode
[  695.052186][   T11] device hsr_slave_1 left promiscuous mode
[  695.058573][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  695.066213][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  695.075722][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  695.083200][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  695.091568][   T11] device bridge_slave_1 left promiscuous mode
[  695.097800][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  695.107665][   T11] device bridge_slave_0 left promiscuous mode
[  695.114162][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.138637][   T11] device veth1_macvtap left promiscuous mode
[  695.144807][   T11] device veth0_macvtap left promiscuous mode
[  695.150972][   T11] device veth1_vlan left promiscuous mode
[  695.156771][   T11] device veth0_vlan left promiscuous mode
[  698.778577][   T11] team0 (unregistering): Port device team_slave_1 removed
[  698.825753][   T11] team0 (unregistering): Port device team_slave_0 removed
[  698.868702][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  698.925857][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  699.411866][   T11] bond0 (unregistering): Released all slaves
[  699.486987][ T9399] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  699.497392][ T9399] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  699.504985][ T9399] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  699.715840][ T9408] loop4: detected capacity change from 0 to 256
[  699.755316][ T9408] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  699.784230][ T9408] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  700.058933][ T9418] xt_NFQUEUE: number of total queues is 0
[  700.854133][   T14] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  700.924680][ T9414] loop2: detected capacity change from 0 to 1024
[  700.939742][ T9414] EXT4-fs: Ignoring removed orlov option
[  700.955861][ T9414] EXT4-fs (loop2): Test dummy encryption mode enabled
[  700.974168][ T9414] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  701.211483][   T14] usb 5-1: Using ep0 maxpacket: 16
[  701.359866][   T14] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  701.390898][   T14] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  701.599956][   T14] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  701.622282][   T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.658674][   T14] usb 5-1: Product: syz
[  701.687272][   T14] usb 5-1: Manufacturer: syz
[  701.711626][   T14] usb 5-1: SerialNumber: syz
[  702.156371][ T8727] EXT4-fs (loop2): unmounting filesystem.
[  704.851138][ T9443] loop2: detected capacity change from 0 to 512
[  704.926908][ T9443] EXT4-fs (loop2): orphan cleanup on readonly fs
[  704.935417][ T9443] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #4: comm syz.2.1487: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  704.959215][ T9443] EXT4-fs error (device loop2): ext4_quota_enable:6994: comm syz.2.1487: Bad quota inode: 4, type: 1
[  705.513636][ T9443] EXT4-fs warning (device loop2): ext4_enable_quotas:7035: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  705.528918][ T9443] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  705.535709][ T9443] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  705.559725][   T14] usb 5-1: 0:2 : does not exist
[  705.576482][   T14] usb 5-1: USB disconnect, device number 14
[  706.472353][ T8727] EXT4-fs (loop2): unmounting filesystem.
[  708.038124][ T9467] loop1: detected capacity change from 0 to 256
[  709.666390][ T9478] loop1: detected capacity change from 0 to 256
[  716.802921][ T9511] loop2: detected capacity change from 0 to 40427
[  716.812405][ T9511] F2FS-fs (loop2): invalid crc value
[  716.825954][ T9511] F2FS-fs (loop2): Found nat_bits in checkpoint
[  716.832481][ T9518] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1502'.
[  716.861226][ T9515] can0: slcan on ttyS3.
[  716.884299][ T9511] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  716.919567][ T9515] can0 (unregistered): slcan off ttyS3.
[  716.925572][ T8727] syz-executor: attempt to access beyond end of device
[  716.925572][ T8727] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: repeatedly failed to execute the program
proc=3 req=1457 state=1 status=67 (errno 9: Bad file descriptor)
[  718.783146][ T3937] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.924157][ T3937] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.984866][ T3937] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.038092][ T3937] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.153639][ T3937] tipc: Left network mode
[  720.125693][ T3937] device hsr_slave_0 left promiscuous mode
[  720.132473][ T3937] device hsr_slave_1 left promiscuous mode
[  720.138975][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  720.147349][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_0
[  720.155485][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  720.164200][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_1
[  720.172105][ T3937] device bridge_slave_1 left promiscuous mode
[  720.180120][ T3937] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.188754][ T3937] device bridge_slave_0 left promiscuous mode
[  720.195178][ T3937] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.220836][ T3937] device veth1_macvtap left promiscuous mode
[  720.226904][ T3937] device veth0_macvtap left promiscuous mode
[  720.233173][ T3937] device veth1_vlan left promiscuous mode
[  720.239223][ T3937] device veth0_vlan left promiscuous mode
[  720.745569][ T3937] team0 (unregistering): Port device team_slave_1 removed
[  720.795800][ T3937] team0 (unregistering): Port device team_slave_0 removed
[  720.844352][ T3937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  720.895781][ T3937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  721.422598][ T3937] bond0 (unregistering): Released all slaves
[  721.931604][ T3937] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  721.997408][ T3937] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.038886][ T3937] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.119264][ T3937] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.211798][ T3937] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.278884][ T3937] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.360733][ T3937] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.406639][ T3937] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.522398][ T3937] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.618537][ T3937] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.705754][ T3937] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.748571][ T3937] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.901102][ T3937] tipc: Left network mode
[  722.913957][ T3937] tipc: Left network mode
[  724.546066][ T3937] device hsr_slave_0 left promiscuous mode
[  724.552739][ T3937] device hsr_slave_1 left promiscuous mode
[  724.559204][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  724.566862][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_0
[  724.574613][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  724.582207][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_1
[  724.590537][ T3937] device bridge_slave_1 left promiscuous mode
[  724.596808][ T3937] bridge0: port 2(bridge_slave_1) entered disabled state
[  724.605240][ T3937] device bridge_slave_0 left promiscuous mode
[  724.611658][ T3937] bridge0: port 1(bridge_slave_0) entered disabled state
[  724.623874][ T3937] device hsr_slave_0 left promiscuous mode
[  724.630275][ T3937] device hsr_slave_1 left promiscuous mode
[  724.636658][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  724.644119][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_0
[  724.651890][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  724.659500][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_1
[  724.667123][ T3937] device bridge_slave_1 left promiscuous mode
[  724.673505][ T3937] bridge0: port 2(bridge_slave_1) entered disabled state
[  724.681698][ T3937] device bridge_slave_0 left promiscuous mode
[  724.687937][ T3937] bridge0: port 1(bridge_slave_0) entered disabled state
[  724.700140][ T3937] device hsr_slave_0 left promiscuous mode
[  724.707336][ T3937] device hsr_slave_1 left promiscuous mode
[  724.714752][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  724.722632][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_0
[  724.730659][ T3937] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  724.738090][ T3937] batman_adv: batadv0: Removing interface: batadv_slave_1
[  724.745898][ T3937] device bridge_slave_1 left promiscuous mode
[  724.752236][ T3937] bridge0: port 2(bridge_slave_1) entered disabled state
[  724.761111][ T3937] device bridge_slave_0 left promiscuous mode
[  724.767349][ T3937] bridge0: port 1(bridge_slave_0) entered disabled state
[  724.821878][ T3937] device veth1_macvtap left promiscuous mode
[  724.828086][ T3937] device veth0_macvtap left promiscuous mode
[  724.834446][ T3937] device veth1_vlan left promiscuous mode
[  724.841839][ T3937] device veth0_vlan left promiscuous mode
[  724.848917][ T3937] device veth1_macvtap left promiscuous mode
[  724.855015][ T3937] device veth0_macvtap left promiscuous mode
[  724.862511][ T3937] device veth1_vlan left promiscuous mode
[  724.868271][ T3937] device veth0_vlan left promiscuous mode
[  724.875431][ T3937] device veth1_macvtap left promiscuous mode
[  724.881650][ T3937] device veth0_macvtap left promiscuous mode
[  724.887737][ T3937] device veth1_vlan left promiscuous mode
[  724.893852][ T3937] device veth0_vlan left promiscuous mode
[  725.568965][ T3937] team0 (unregistering): Port device team_slave_1 removed
[  725.616444][ T3937] team0 (unregistering): Port device team_slave_0 removed
[  725.661153][ T3937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  725.706630][ T3937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  726.208710][ T3937] bond0 (unregistering): Released all slaves
[  726.736808][ T3937] team0 (unregistering): Port device team_slave_1 removed
[  726.784860][ T3937] team0 (unregistering): Port device team_slave_0 removed
[  726.832485][ T3937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  726.883189][ T3937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  727.364087][ T3937] bond0 (unregistering): Released all slaves