last executing test programs:

17.937054949s ago: executing program 3 (id=2388):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0xffffffffffffff7d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x181102, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000021c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x2, 0x1, 0x7, 0x81}, 0x20)
ioctl$KDADDIO(r3, 0x4b34, 0x1)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0xf})
ioctl$int_in(r4, 0x5452, &(0x7f00000001c0)=0xb2)
ioctl$SNDRV_TIMER_IOCTL_START(r4, 0x54a0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r5}, 0x11)

16.476542732s ago: executing program 3 (id=2391):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000500)="a4", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x18, &(0x7f0000000040), &(0x7f0000000140)=0x8)

16.032028173s ago: executing program 3 (id=2394):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x11, 0x800000003, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x18)
renameat2(r2, &(0x7f0000000080)='./file1\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
shutdown(r4, 0x0)
sendmmsg(r5, &(0x7f0000000400), 0x10, 0x0)
bind$netlink(r3, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
r6 = syz_open_procfs(0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x13000)=nil, 0x13000, 0x0, 0x12, r7, 0x0)
preadv(r6, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet(0x2, 0x4000000000080001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000500), 0x1)
sendto$isdn(r0, &(0x7f00000000c0)={0x8, 0x1, "c851c18c6805a78625fbdd9f37dc80aecdb09e36a20ec25095d788bcb13795a8473392201e38dfafafe62096203377fa8b05df38d9d63b3b0ccb75c91e04"}, 0x46, 0x4080, &(0x7f0000000140)={0x22, 0x2, 0x1, 0x0, 0x1}, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @multicast1}, @timestamp}}}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c", 0xc}], 0x1}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880), 0xf4}}, 0x0)

15.039817166s ago: executing program 3 (id=2400):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000001000)=ANY=[], 0xfd, 0x6194, &(0x7f0000004a40)="$eJzs3c9vHGf9B/DP/vSPfJtaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QDmCErluFZECSgJKK4u48oUDJ/4CEBJHhDgiDvwBPXDlxokTkWwkUE8MWvt54tnNbu3U9s7az+slOTOfeWbtZ/a9sz8yM/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDf/c73VloRceNnacFSxP9FJ6IdsTColyNiYXkpr9+NiOdipzmejYjeXMTg9jv/PB3xakR8dDZia3t9dbD48gH78e0//O23Pzjz1l9/37v4nz/e67w2ab3793/57z89ONw2AwAAQGmqqqpa6WP+ufT5vt10pwCAqciv/1WSl5/6+lf/eOvPs9QftVqtVqunUNdV4z2oFxGxUb/N4D2Dw/EAcMJsxMdNd4EGyb9o3Yg403QngJnWaroDHIut7fXVVsq3VX89WN5tz+eCDOW/0Xp0fcek6X5GzzGZ1uNrMzrxzIT+LEypD7Mk598ezf/Gbns/rXfc+U/LpPz7u5c+FSfn3xnNf8Tpyb89Nv9S5fy7T5R/R/4AAAAAADDD8v//LzV8/Hfu8JtyIJ90/Hd5Sn0AAAAAAAAAgKN22PH/HjH+HwAAAMyswWf1gV+f3Vs26bvYBsuvtyKeGlkfKEy6WGax6X4AAAAAAAAAAAAAQEm6u+fwXm9F9CLiqcXFqqoGP3Wj9ZM67O1PutK3H0rW9JM8AADs+ujsyLX8rYj5iLievuuvt7i4WFXzC4vVYrUwl9/P9ufmq4Xa59o8HSyb6x/gDXG3Xw1+2XztdnX7fV7er3309w3+Vr/qHKBjR6SX7s0JzQ2FDQDJ7qvRllekU6aqnp705gOG2P9PoaVYavpxxexr+mEKAAAAHL+qqqpW+jrvc+mYf7vpTgEAU5Ff/0ePCxyqbk9ojzia369Wq9VqtfpT1XXVeA/qRURs1G8zeM9gOH4AOGE24uOmu0CD5F+0bkQ813QngJnWaroDHIut7fXVVsq3VX89SOO753NBhvLfaO3cLt9+3HQ/o+eYTOvxtRmdeGZCf56dUh9mSc6/PZr/jd32flrvuPOflkn593cumStPzr8zmv+I05N/e2z+pcr5d58o/478AQAAAABghuX//19y/DdvMgAAAAAAAACcOFvb66v5utd8/P8zY9Zz/efplPNvPWn+C2le/idazr89kv8XR9br1OYfvrm3//9re331d/f++f95etD85/JMKz2yWukR0Up/qdVN08Ns3eM2e53+4C/1Wu1ON53zU/XeiVtxO9bi0tC67XR/7LWvDLUPetobar881N59rP3KUHsvfe9AtZDbL8Rq/Dhux9s77f3hu32s+X3un2qf9px/x/N/kXL+3drPIP/F1N4amQ48/LD92H5fn477O2/c+uwvLh3/5uxrMzqPtq1usH3nG+jPzn1yph8/vbt258L9m/fu3VmJNBlaejnS5Ijl/Hs7P3N7z/8v7LbnJ6D6/vrww/4T5z8rNqM7Mf8XavOD7X1pyn1rQs6/n35y/m+n9vH7/0nOf/L+/3ID/QEAAAAAAAAAAAAAAIBPUlXVziWib0TE1XT9T1PXZgIA05Vf/6skL1cfef39MxGz1B+1Wq1WF1jXVeO9Xi8i4i/12wzeM/x83C8DAGbZfyPi7013gsbIv2D5+/4G0xeb7gwwVXff/+CHN2/fXrtzt+meAAAAAAAAAACfVh7/c7k2/vOLEbE0st7Q+K9vxvJhx//s5plHA4we8UDfE2y2+512bbjx52NnfO4Lk8b/Ph+Pj/+dx8Tt1Ldjgt4+7f192uf2aZ8fu3QvrbEXetTk/J+vjXc+yP/cyPDrJYz/OjrmfQly/udrj+dB/l8YWa+ef/Wbmct/46ArbkZ7KP+L9977ycW773/wyq33br679u7aj66srFy6cvXqtWvXLr5z6/bapd1/j6fXMyDnn8e+dh5oWXL+OXP5lyXn/7lUy78sOf/Pp1r+Zcn55/d78i9Lzj9/9pF/WXL+L6Va/mXJ+X8p1fIvy9b2+twg/5dTLf+y5P3/y6mWf1ly/q+kWv5lyflfSLX8y5Lzv5jqA+Tv6+FPkZx/PsJl/y9Lzn8l1fIvS87/cqrlX5ac/5VUy78sOf9XUy3/suT8v5Jq+Zcl53811fIvS87/q6mWf1ly/tdSLf+y5Py/lmr5lyXn//VUy78sOf/XUi3/suT8v5Fq+Zcl5//NVMu/LDn/b6Va/mXJ+b+eavmXZe/7/82YMWMmzzT9zAQAAAAAAAAAAAAAjJrG6cRNbyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuNUaus74f+Jm9ee0QYiAEJ38Da8cY4yzZ9SW+8K8bE5IQEijNtaSX2K537Sz4Fq9dkjSSTQMlEo6KKqqmL9oCitpIVYVV8YJWKc2LqpdXTfuCvqmoKiE1qkIUUJHaimarmfM8j2dmZ2dmveP17Dmfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqLfhY9NfrmRZVv1T+2ttlr2t+vHqsbW1yz5ytbcQAAAAWKr/rf395nXpgv1d3Khumb993z98e25ubi77zODvDH9tbi5dMZZlw6uyrHZddPHfHq3ULxM8m41WBuo+H+iw+sEO1w91uH64w/UjHa5f1eH60Q7Xz9sB86zOfx5Tu7NNtQ/X5rs0uz4brl23qcWtnq2sGhiIP8upqdRuMzd8JJvJjmXT2WTD8vmyldryL2+oruueLK5roG5d66tHyI+eORy3oRL28aaGdV26z+iHH83GfvyjZw7/0ZnXb2w1O+6GhvvLt3PLxup2fjFckm9rJVuV9knczoG67Vzf4jkZbNjOSu121Y+bt/PNLrdz8NJmLqvm53w0G6h9/GptPw3V/1gv7af14bL/ujnLsvOXNrt5mXnrygayNQ2XDFx6fkbzI7J6H9VD6Z3Z0KKO0w1dHKfVObWp8Thtfk3E539DuN3QAttQ/zT98Asj8573xR6nUfVRL/RaaT4Ge/1a6ZdjMB4Xr9Ye9HMtj8FN4fE/s3nhY7DlsdPiGEyPu+4Y3NjpGBwYGaxtc3oSKrXbXDoGtzUsP1hbU6U2X9vc/hicOHP81MTsU09/eOb4oaPTR6dP7Ni2bXLHrl179uyZODJzbHoy//sy93b/W5MNpNfAxrDv4mvgg03L1h+qc9/o3etwtM3rcG3Tsr1+HQ41P7jK8rwg5x/T+WvjoepOH70wkC3wGqs9P1uX/jpMj7vudThU9zps+TWlxetwqIvXYXWZU1u7+55lqO5Pq224Ul8L1tYdg83fjzQfg73+fqRfjsHRcFz8y9aFvxasD9v73Phivx8ZnHcMpocb3nuql6Tv90f31Ear4/Km6hXXjGRnZ6dP3/rkoTNnTm/LwlgW76o7VpqP1zV1jymbd7wOLPp43T/zvuduanH52rCvRj9c/Wt0weequszOW9s/V7Wvbq33Z8Ol27Mwemy592err+bV/ZmyZJv9WV3mixNL/1485dK699/hBd5/Y+5/K19fuqtnB4eH8tfvYNo7ww3vx41P1VDtvatSW/ebE929Hw+HP8v9fnx9m/fjdU3L9vr9eLj5wcX340qnn3YsTfPzORqOk2OT7d+Pq8us277YY3Ko7fvxzWFWwv7/UEgKKRfVHTsLHbdpXUNDw+FxDcU1NB6nOxqWHw7ZrLqul7Zf3nG65eb8vgbTo7tkuY7TsaZle32cpverhY7TSqefvl2e5udzNBwX1+9of5xWl3ll59LfO1fHD+veO0c6HYPDgyPVbR5OB2H+fj+3Oh6Dt2aHs5PZsWyqdu1I7Xiq1NY1flt3x+BI+LPc75Xr2hyDW5qW7fUxmL6OLXTsVYbmP/geaH4+R8Nx8cJt7Y/B6jJ37u7t965bwiVpmbrvXZt/vrbQz7xuatpNV/JnXtXt/Ovd7X82W13m2J7F5sz2++mWcMk1+UUj9fup+fW70GtqKlue/bQubOfrexbeT9XtqS7ztb1dHk/7syw798QdtZ/3hn9f+bOz3/t2w7+7tPo3nXNP3PHGtUf+ZjHbD8DK91Y+1uRf6+r+Zaqbf/8HAAAAVoSY+wfCTOR/AAAAKIyY++P/Ck/kfwAAACiMmPuHwkxKkv/X3fn6zFvnstTMnwvi9Wk33JsvFzuuk+HzsblLqpff8eL0T/7iXHfrHsiy7Kf3/nrL5dfdG7crNxa28+JdjZfPv+G5rtZ/8OFLy9X3178e7j8+nm4Pg1YV3Mksy16+7vnaesYevVCbr9x7sDYfOP/cs9Vl3tybfx5v/9q78uV/P5R/9x851HD718J++EGYk/e13h/xdt+68KH1ux+5tL54u8rGt9ce9guP5fcbf0/OV5/Nl4/7eaHt/8uvvPSt6vJPfqD19p8baL39L4X7fTHM/35vvnz9c1D9PN7uS2H74/ri7W795ndbbv/FL+fLn7o7X+5gmHH9W8Lnm+5+faZ+fz1ZOdTwuLKP58vF9U9+77dq18f7i/ffvP2jBy407I/m4+OVf8rvZ6Jp+Xh5XE/0503rr95P/fEZ1//Sbx5s2M+d1n/xgdfeW73f5vXf0rTcYNPtm39j0x986fmW64vbs/9PTzU8nv33h9dxWP8Lj4XjMVz/Pxefb1hvdPD+xvefuPzX155reDzRPT/O13/x9qO1+e9jP/m9a9527dvPv7+677Ls1Qfz++u0/qN/eLJh+79xw9ba8xGvjx395vUvJK7/9OfHT5ycPTszVbdXa78755P59qwaXb2mur3XhffW5s8PnDzz+PTpscmxySwbK+6v0Lts3wzzjXycX+zttz4cns+bfvflNZv/8Svx8n9+KL/8wn35160PhuW+Gi5fmz9/c5Ulrv+FDTfUXt+VV/LPG3rsPbB+03/s6WrB8Pibvy+Ix/updz9e2w/V62pfN+Lreonb//2p/H6+E/brXPjNzBtvuLS++uXj70a48GD+el/y/gtvc/F5/ePwfH/qB/n9x+2Kj/f74fuY765rfL+Lx8d3zg0033/tt3icD+8n2fn8+rhU3N8X3ryh5ebF30OSnb+x9vlvp/u5cVEPcyGzT81OHJs5cfbJiTPTs2cmZp96+sDxk2dPnDlQ+12eBz7b6faX3p/W1N6fpqZ37cwmV2dZdjKbXIY3rCuz/dWPutv+Uw8fnto9uXlq+sihs0fOPHxq+vTRw7Ozh6enZjcfOnJk+vOdbj8ztW/b9r07dm8fPzoztW/P3r079o7PnDhZ3Yx8ozrYNfm58ROnD9RuMrtv595tt922c3L8+Mmp6X27JyfHz3a6fe1r03j11r82fnr62KEzM8enx2dnnp7et23vrl3bO/42wOOnjsyOTZw+e2Li7Oz06Yn8sYydqV1c/drX6fYU0+y/5t/PNqvkv4gv+/Qtu9LvZ6168QsL3lW+SNMvEH09/C6av3/HqT3dfB5z/3CYSUnyPwAAAJRBzP0jYSbyPwAAABRGzP2rwkzkfwAAACiMmPtHw0xKkv/1//X/u+v/59fr/5er/3/qibxXutL7/7E/r/9fDle5/7/k9ev/6/8Xr//ffX9+pW+//r/+P/P1W/8/5v7VWVbK/A8AAABlEHP/mjAT+R8AAAAKI+b+a8JM5H8AAAAojJj73xZmUpL8r//fVf9/e6fCVfH7/87/r/+frcz+f3xy9P9LY9H9+0ceavhU/z/Q/9f/1//X/9f/Z8mGF7zmavX/Y+6/NsykJPkfAAAAyiDm/reHmcj/AAAAUBgx918XZiL/AwAAQGHE3L82zKQk+V//3/n/9f/1/wvd/1/q+f/rNkb/f2Vw/v/2Ft3/X6X/313/f1T/fyX2/4d7u/393f/vuPn6/1wR/Xb+/5j73xFmUpL8DwAAAGUQc/87w0zkfwAAACiMmPvfFWYi/wMAAEBhxNx/fZhJSfK//r/+v/6//r/+f+v1dz7/f/6R/n9/0f9vz/n/O3D+/3L1/3u8/f3d/+/1+f+H72q+vf4/rfRb/z/m/neHmZQk/wMAAEAZxNx/Q5iJ/A8AAACFEXP/e8JM5H8AAAAojJj714WZlCT/6//r/+v/6//r/7def+f+f07/v7/o/7en/9+B/r/+v/5/d/3/Ft/86v/TSr/1/2PuvzHMpCT5HwAAAMog5v6bwkzkfwAAACiMmPv/X5iJ/A8AAACFEXP/+jCTkuR//X/9f/3/cvX/bxnR/9f/L7Zi9v97902J/n8H+v/6//r/XZ7/f77F9P9XdbozCqPf+v8x9783zKQk+R8AAADKIOb+94WZyP8AAABQGDH3vz/MRP4HAACAwoi5fyzMpCT5X/+/WP3/P/mrF96f6f/r/3dYf0H7//Ew0P8vuWL2/3tH/78D/X/9f/3/Zen/Ux791v+PuX9DmElJ8j8AAACUQcz9G8NM5H8AAAAojJj7bw4zkf8BAACgMGLu3xRmUpL8r/9frP5/pP+v/99u/QXt/yf6/+Wm/99C3YtU/78D/X/9/9L3/+N3v/r/9Ea/9f9j7v9AmElJ8j8AAACUQcz9m8NM5H8AAAAojJj7PxhmIv8DAABAYcTcvyXMpCT5X/9f/1//X/9f/7/1+vX/Vyb9//YW2/8f0f/X/9f/L1n/3/n/6a1+6//H3P+hMJOS5H8AAAAog5j7t4aZyP8AAABQGPH/b+b/71X+BwAAgCKKuX88zKQk+V//X/+/TP3/iv6//r/+f+Hp/7fn/P8d6P/r/+v/6//TU/3W/4+5/8NhJiXJ/wAAAFAGMfffGmYi/wMAAEBhxNw/EWYi/wMAAEBhxNw/GWZSkvyv/6//X6b+v/P/6//r/xef/n97+v8d6P/r/xet/59l+v9cVf3W/4+5f1uYSUnyPwAAAJRBzP3bw0zkfwAAACiMmPt3hJnI/wAAAFAYMffvDDMpSf7X/y9q/38u0//X/19o/fr/+v9Fpv/fnv5/B/r/+v9F6/87/z9XWb/1/2Puvy3MpCT5HwAAAMog5v5dYSbyPwAAABRGzP27w0xC/m/1/7oBAACAlSXm/j1hJiX593/9/4L0/3/j7xrW7fz/+v/t1t+b/v9q/f8w9f/7S0H7/80vi8um/9+B/r/+v/6//j891W/9/5j794aZlCT/AwAAQBnE3P+RMBP5HwAAAAoj5v7/H2Yi/wMAAEBhxNz/M2EmJcn/+v8F6f830f/X/2+3fuf/1/8vsoL2/3umUP3/Af1//f/+2n79f/1/5rvy/f/4UXf9/5j794WZlCT/AwAAQBnE3P+zYSbyPwAAABRGzP23h5nI/wAAAFAYMffvDzMpSf7X/9f/1//X/78y/f/bs2b92P+vHjz6/8Wi/99eofr/zv+v/99n26//r//PfP12/v+Y+z8aZlKS/A8AAABlEHP/HWEm8j8AAAAURsz9Hwszkf8BAACgMGLuvzPMpCT5X/9f/1//X//f+f9br1//f2XS/29P/78D/X/9f/1//X96qt/6/zH33xVmUpL8DwAAAGUQc//dYSbyPwAAABRGzP0fDzOR/wEAAKAwYu6/J8ykJPlf/1//X/9f/1//v/X69f9XJv3/9vT/O9D/1//X/9f/p6f6rf8fc/8nwkxKkv8BAACgDGLuvzfMRP4HAACAwoi5/74wE/kfAAAACiPm/k+GmZQk/+v/6//r/+v/6/+3Xr/+/8qk/9+e/n8H+v/6//r/+v/0VL/1/2Pu/1SYSUnyPwAAAJRBzP0/F2Yi/wMAAEBhxNz/6TAT+R8AAAAKI+b+nw8zKUn+1//X/++v/v/cufrb6f/r/2e96v9Xb9Rd/38k3o/+/8qk/9+e/n8HLfr/q/T/9f/1//X/uWz91v+Puf/+MJOS5H8AAAAog5j7Hwgzkf8BAACgMGLufzDMRP4HAACAwoi5/6Ewk5Lkf/3/Uvb/00Puv/6/8//r/zv/v/7/0uj/t6f/34Hz/+v/6//r/9NT/db/j7n/4TCTkuR/AAAAKIOY+x8JM5H/AQAAoDBi7v+FMBP5HwAAAAoj5v7PhJmUJP9fVv8/ll71/5MV1v/v4/P/F63/P9RwfJSp/z9a93ym41L/X/9/Gej/t6f/34H+v/5/P/f/w9G8eoHb6//Tj/qt/x9z/6NhJiXJ/wAAAFAGMff/YpiJ/A8AAACFEXP/L4WZyP8AAABQGDH3/3KYSUnyv/P/6//r/9f3/z/h/P/O/6//v8Lp/7en/9+B/r/+fz/3/zvQ/6cf9Vv/P+b+XwkzWTD4vfGfXTxMAAAAoI/E3P9YmElJ/v0fAAAAyiDm/gNhJvI/AAAAFEbM/QfDTEqS//X/m/v/8Yyq+v/l7P/3+vz/jceH/r/+v/7/lde7/v97rs0y/X/9f/1//f/l7P8P6P9TOP3W/4+5/1CYSUnyPwAAAJRBzP2/GmYi/wMAAEBhxNx/OMxE/gcAAIDCiLl/KsykiPm/uVR7dfv/w/3Z/3f+/8vt//9U/1//P9D/b03/f3k4/397+v8d6P/r/zv/v/4/PdVv/f+Y+6fDTIqY/wEAAKBc0o+DY+4/EmYi/wMAAEBhxNx/NMxE/gcAAIDCiLn/8TCTkuR/5//X/3f+/6vR/x9qWF7/P6f/r//fC/r/7en/d6D/r/+v/6//T0/1W/8/5v6ZMJOS5H8AAAAog5j7PxtmIv8DAABAYcTc/7kwE/kfAAAACiPm/mNhJiXJ//r/+v9l7/9Xsuy88//r/7dav/7/yqT/357+fwf6//r/+v/6//RUv/X/Y+4/HmZSkvwPAAAAZRBz/4kwE/kfgP9j7z6a7DqrPQ4f+9oKo8tHYMyIIYzMR2DKjCrGFMnkYJucweQcTM45J5NzztnkHE00VImStNaSWn20j8LpPnu/63km60pl3e62W771v6qfXwAAhpG7/15xi/0PAAAAw8jdf++4pcn+1//r/7v3/6udvP+/96/X/5+m/9f/b8O+/v6q9X/d+aLw8/b/d7zTtXfX/+v/9f+T9P/6f/0/55pb/5+7/z5xS5P9DwAAAB3k7r9v3GL/AwAAwDBy998vbrH/AQAAYBi5+6+NW5rsf/2//l//r//f0//frP/X/y+b9/+n6f830P/r//X/+n+2am79f+7++8ctTfY/AAAAdJC7/wFxi/0PAAAAw8jd/8C4xf4HAACAYeTuf1Dc0mT/6//1//r/pfT/R7z/f87Xo//X/6+j/5+m/99A/6//1//r/9mqufX/ufsfHLc02f8AAADQQe7+h8Qt9j8AAAAMI3f/Q+MW+x8AAACGkbv/YXFLk/2v/9f/6/+X0v8f0vv/+n/9/8LdtDrz74TD7v+PbOG/P6D/n3f/v1rp/6dccD+//stbzud/Hvp//T/7za3/z93/8LjlLqvVkUv9IgEAAIBZyd3/iLilyZ//AwAAQAe5+6+LW+x/AAAAGEbu/uvjlib7X/+v/9f/6//1/+s/vv5/mbz/P+3y+/873O6e9+jb/3v/f5r3/7fd/5/8ztD/s2xz6/9z998QtzTZ/wAAANBB7v5Hxi32PwAAAAwjd/+j4hb7HwAAAIaRu//RcUuT/a//H63//789v+6s/v9U7aL/1//r//X/o9P/T/P+/wan/jV3vH6o/9f/e/9f/8/lmVv/n7v/MXFLk/0PAAAAHeTuf2zcYv8DAADAMHL3Py5usf8BAABgGLn7Hx+3NNn/+v/R+v+9v877//r/dR9f/6//H5n+f5r+f4NR3v+/xO+aXffzl2vXn7/+X//PfnPr/3P3PyFuabL/AQAAoIPc/U+MW+x/AAAAGEbu/ifFLfY/AAAADCN3/5Pjlib7X/+v/19G/58fQf+v/z/4/j/p/5dJ/z9N/7/BKP3/Jdp1P7/0z1//r/9nv7n1/7n7nxK3NNn/AAAA0EHu/qfGLfY/AAAADCN3/9PiFvsfAAAAhpG7/+lxS5P9r//X/y+j//f+v/7f+//6/wuj/5+m/99A/6//1//r/9mqufX/uftvjFua7H8AAADoIHf/M+IW+x8AAACGkbv/mXGL/Q8AAADDyN3/rLilyf7X/+v/9f/6f/3/+o+v/18m/f80/f8G+n/9v/5f/89Wzaj/P+tXHVs9O25psv8BAACgg9z9z4lb7H8AAAAYRu7+58Yt9j8AAAAMI3f/8+KWJvtf/z+b/v9UzjdW/398tVrp/1dN+//jZ/3zrO9L/b/+/xDo/6fp/zc4+RvyxBX6f/2//l//z5Ycbv9/8t/50/89gNz9z49bmux/AAAA6CB3/wviFvsfAAAAhpG7/4Vxi/0PAAAAw8jd/6K4pcn+1//Ppv8/Zaz+3/v/535/dOr/vf+/n/7/cOj/p+n/N/D+v/5f/6//Z6sOt//f/OPc/S+Om45cfclfIgAAADAzuftfErc0+fN/AAAA6CB3/0vjFvsfAAAAFurGfT+Tu/9lcUuT/a//327/f+Ssn9P/6//P/f7Q/+v/9f8HT/8/Tf+/gf5f/6//1/+zVXPr/3P3vzxuabL/AQAAoIPc/TfFLfY/AAAADCN3/yviFvsfAAAAhpG7/5VxS5P9r//3/r/+X/+v/1//8fX/y6T/n6b/30D/r//fbf9/9Mz/eLD9//E1v17/z0G4iP7/xIkT1x14/5+7/1VxS5P9DwAAAB3k7n913GL/AwAAwDBy978mbrH/AQAAYBi5+18btzTZ//r/pv1/fqsvq/+/frXS/+v/9f/6/2n6/2n6/w30//p/7//r/9mqub3/n7v/dXFLk/0PAAAAHeTuf33cYv8DAADAMHL3vyFusf8BAABgGLn73xi3NNn/+v+m/b/3//X/+v/D7v9vW+n/D8Ui+v91D2+Huff/N+j/9f8T2vX/d73znh/q//X/7De3/j93/5vilib7HwAAADrI3f/muMX+BwAAgGHk7n9L3GL/AwAAwDBy9781brqqyf7X/+v/9f/6f/3/+o9/yO//H1mtVvr/LVhE/z9h7v3/dt7/P/d3+Rn6f/3/kj9//b/+n/3m1v/n7n9b3NJk/wMAAEAHufvfHrfY/wAAADCM3P3viFvsfwAAABhG7v53xi1N9r/+X/+v/9f/D9//37CI/t/7/1ui/582j/7//PT/+v8lf/76f/0/F25X/X/u/nfFLU32PwAAAHSQu//dcYv9DwAAAMPI3f+euMX+BwAAgGHk7n9v3NJk/+v/9f8X0//n56n/H6v/Pzq7/v/Ynv99Td7/1/9vif5/mv5/A/2//l//f6P+n22a2/v/ufvfF7c02f8AAADQQe7+98et/9et/Q8AAADDyN3/gbjF/gcAAIBh5O7/YNzSZP/r//X/3v/X/w///r/+vxX9/zT9/wb6f/2//t/7/2zV3Pr/3P0filua7H8AAADoIHf/h+MW+x8AAACGkbv/I3GL/Q8AAADDyN1/c9zSZP/r//X/+n/9v/7/9D9D/f8Y9P/TDqf/P67/1/9XP39F/C7Q/+v/N/16xjS3/j93/0fjlib7HwAAADrI3f+xuMX+BwAAgGHk7v943GL/AwAAwCJdtebncvd/Im5psv/1//p//b/+X/+//uPr/5dpJ/1/flPo/73/H/r0/7ff86Olvf9/7v/90v/r/9m+ufX/ufs/Gbc02f8AAADQQe7+T8Ut9j8AAAAMI3f/p+MW+x8AAACGkbv/M3FLk/2v/9f/6//1//r/9R9f/79M3v+fpv/fQP+/0/fzl/756//1/+w3t/4/d/9n45Ym+x8AAAA6yN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwTu3+jMsa7n/9v/5f/6//1/+v//j6/2XS/0/T/2+g/9f/6//1/2zV3Pr/L5z6VcdWX4xbmux/AAAA6CB3/5fiFvsfAAAAhpG7/8txi/0PAAAAw8jd/5W4pcn+1//r/5fR/584ceI6/b/+f+/Xc6b/v0X/T9H/T9P/b6D/1//r//X/bNXc+v/c/V+NW5rsfwAAAOggd//X4hb7HwAAAIaRu//rcYv9DwAAAMPI3f+NuKXJ/tf/z6D/P6b/9/6//n/l/X/9/5bo/6fp/zcYsf8/duFf/q77+cu1689f/6//Z7+59f+5+78ZtzTZ/wAAANBB7v5vxS32PwAAAAwjd/+34xb7HwAAAIaRu/87cUuT/a//P7z+/+Tfuy7v/x9frf/89f/6f/2//v+g6f+n6f83GLH/vwi77ueX/vnr//X/7De3/j93/3fjlr3D7+qL+yoBAACAOcnd/724pcmf/wMAAEAHufu/H7fY/wAAADCM3P0/iFua7H/9/wze/x+w//f+//rvD/3/rPv/K/X/Y9D/T9P/b6D/1//r/7fU/+d3s/6/u7n1/7n7fxi3NNn/AAAA0EHu/h/FLfY/AAAADCN3/4/jFvsfAAAAhpG7/5a45az9v67tHoX+X/+v/9f/6//Xf3z9/zLp/6ddaP9/dHV5/X/S/+v/9f9d+3/v/3Pa3Pr/3P0/iVv8+T8AAAAsztXn+fnc/T+NW+x/AAAAGEbu/p/FLfY/AAAADCN3/8/jlluv3NWndKj0//p//b/+X/+//uPr/5dJ/z/N+/8b6P+30c9fo/8fo/9frfT/XL659f+5+38Rt/jzfwAAABhG7v5fxi32PwAAAAwjd/+v4hb7HwAAAIaRu//XcUuT/a//1/9fZv9/Ks3U/5+m/z9N/7+e/v9w6P+n6f830P97/1//7/1/tmpu/X/u/t/ELU32PwAAAHSQu/+3cYv9DwAAAMPI3f+7uMX+BwAAgGHk7v993NJk/++s/4+/1fr/xff/3v8/8P7/5Fen/9f/6/8vlP5/mv5/A/2//l//r/9nq+bW/+fu/0Pc0mT/AwAAQAe5+/8Yt9j/AAAAMIzc/X+KW+x/AAAAGEbu/j/HLU32v/f/9f/6/7n3/0O//79a6f/1/1um/5+m/1+v/kHp//X/+n/9P1s1t/4/d/9f4pYm+x8AAAA6yN3/17jF/gcAAIBh5O6/NW6x/wEAAGAYufv/Frc02f/6f/2//l//7/3/9R9f/79M+v9pu+z/7/b/mz+s9/933v/np6D/1//r/9mKufX/ufv/Hrc02f8AAADQQe7+f8Qt9j8AAAAMI3f/P+MW+x8AAACGkbv/X3FLk/2/of8/Wn+h/n+S/n/v56//X//9of/X/+v/D57+f9p0/3/W7+Zm7/8X/b/3//X/+n+2am79f+7+f8ctTfY/AAAAdJC7/7a4xf4HAACAYeTu/0/cYv8DAADAMHL3/zduabL/vf+/pP7/Gv2//l//r//X/2+g/5+2y/f/L4T+X/+/5M9f/6//Z7+59f+5+/8XAAD//1wjSv8=")
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000400)='./file2\x00', 0xc3804, &(0x7f00000001c0)=ANY=[@ANYBLOB='errors=continue,iocharset=iso8859e=00000000000000000000005,iocharset=koi8-r,uid=\x00'/93, @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,iocharset=maciceland,errors=remount-ro,discard,discard,\x00'], 0x5, 0x1518, &(0x7f0000002280)="$eJzs3AuYjVX7MPD7Xms9Y0jaTXIY1lr3wyaHZZIkhyQ5JEmSJDklJE3ySl4khpCkIQnJYUgOQ0gOE5PG+Xw+JknSJElITsn6rgmft7f63n/f2//1v/5z/67rufa693rWetba97Nnr+fZM/Nt16G1mtSu3oiI4N+CFx+SACAWAAYCwHUAEABA+bjycVn1OSUm/XsHYX+th1Ov9gjY1cT5z944/9kb5z974/xnb5z/7I3zn71x/rM3zj9j2dnm6QWv5y37bnz/Pzvjz///RTLLjP1ybZkbu/2JJpz/7I3z/79W8F/ZifOfvXH+szfOf/bG+c8OcvxhDec/u7p4TnD+GcvOrvb9Z96u7na1zz/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY9nDGX+FAoDL5as9LsYYY4wxxhhjjP11fI6rPQLGGGOMMcYYY4z990MQIEFBADGQA2IhJ+QCAQDXQh64DiJwPcTBDZAXboR8kB8KQEGIh0JQGDQYsEAQQhEoClEoBsXhJigBJaEUlAYHZSABboaycAuUg1uhPNwGFeB2qAiVoDJUgTugKtwJ1eAuqA53Qw2oCbWgNtwDdeBeqAv3QT24H+rDA9AAHoSG8BA0goehMTwCTeBRaAqPQTNoDi2gJbT6/2r/AvSEF6EX9IYk6AN94SXoB/3/7ysyCF6FwfAaJMMQGAqvwzB4A4bDmzACRsIoeAtGw9swBsbCOBgPKTABJsI7MAnehckwBabCNEiF6TAD3oOZMAtmw/swBz6AuTAP5sMCSIMPYSEsgnT4CBbDx5ABS2ApLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+2wA3bCLtgNn8Ae+BT2wmewDz7/k+1P/1P7bggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYF/NiPsyHBbAAxmM8FsbCaNAgIWERLIJRjGJxLI4lsASWwlLo0GECJmBZvAXLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oP3YB+si3WxHtbD+lj/8u0pbISNsDE2xibYBJtiU2yGzbAFtsBW2ApbY2tsg22wHbbD9tgeO2AHTMRE7IgdsRN2ws7YGbtgF+yKXbEbdsfu+EIOwBfxReyNNUQf7It9sR8m5xiAL+PL+AoOwlfxVXwNk3EIDsXX8XV8A4fjKRyBI3EUjsKqvjcAjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsL3cQ5+gB/gPJyHCzAN03AhLsJ0TMfFeBozcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/BT/FTTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyJJ/EUnsYzeAbP4Tk8j8/Hf914V8k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxW2igrhdVBSVRFtXRVQRVUU7V03cJaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+aCAeFA1FHxyAD4uszDQRQ7CpGIrNRHMhL71fW4vh2Ea0Fe3Ek2IkjsAOorVLFM+IjmIMdhJ/E2PxOdFFjMeu4u+im+gueogXRE/RxvUSvcVk7CP6imnYT/QXA8TLYibWFO/jnJy1xGsiWQwRQ8XrYgG+IYaLN8UIMVKMEm+J0eJtMUaMFePEeJEiJoiJ4h0xSbwrJospYqqYJlLFdDFDvCdmillitnhfzBEfiLlinpgvFog08aFYKBaJdPGRWCw+FhliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Cl2id3iE7FHfCr2is/EPvG52C++EAfEl+Kg+Epkiq/FIfGNOCy+FUfEd+Ko+F4cE8fFCfGDOCl+FKfEaXFGnBXnxE/ivPhZXBBegEQppJRKBjJG5pCxMqfMJa+RuWVw6dW9XsbJG2ReeaPMJ/PLArKgjJeFZGGppZFWkgxlEVlURmUxWVzeJEvIkrKULC2dLCMT5M2yrLxFlpO3yvLyNllB3i4rykqysqwi75BV5Z0SIhePUUPWlLVkbXmPrCPvlXXlfbKevF/Wlw/IBvJB2VA+JBvJh2Vj+YhsIh+VTeVjsplsLlvIlrKVfFy2lk/INrKtbCeflO3lU7KDfFomymdkR+kvnSLPyS7yedlV/l12k91lD/mzvCC97CV7S4A+sq98SfaT/eUA+bIcKF+Rg+SrcrB8TSbLIXKofF0Ok2/I4fJNOUKOlKPkW3K0fFuOkWPlODlepsgJcqJ8R06S78rJcoqcKqfJVDldDrjU02wp/2X7d36n/eBfjr5JbpZb5Fa5TW6XO+ROuUvulrvlHrlH7pV75T65T+6X++UBeUAelAdlpsyUh+QheVgelkfkEXlUHpXH5HF5Vv4gT8of5Sl5Wp6WZ+U5eU6ev/QagEIllFRKBSpG5VCxKqfKpa5RudW1Ko+6TkXU9SpO3aDyqhtVPpVfFVAFVbwqpAorrYyyilSoiqiiKqqK4aUTRpVSpZVTZVSCuvnPtFfF1U2qhCr5q/aXx6f/YHytVCvVWrVWbVQb1U61U+1Ve9VBdVCJKlF1VB1VJ9VJdVadVRfVRXVVXVU31U31UD1UT9VT9VK9VJJKUn3VS6qf6q8GqJfVQPWKGqQGqcFqsEpWyWqoGqqGqWFquBquRqgRapQapUar0WqMGqPGqXEqRaWoiWqimqQmqclqspqqpqpUlapmqBlqppqpZqvZao6ao+aquWq+mq/SVJpaqBaqdJWuFqvFKkMtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5tUBtUhtqsNqutaqvarrarnWqn2q12qz1qj9qr9qp9ap/ar/arA+qAOqgOqkyVqQ6pQ+qwOqyOqCPqqDqqjqlj6oQ6oU6qk+qUOqXOqDPqnDqnzqvz6oK6kLXsC0QgAhWoICaICWKD2CBXkCvIHeQO8gR5gkgQCeKCuCBvcGOQL8gfFAgKBvFBoaBwoAMT2EBcSno0KBYUD24KSgQlg1JB6cAFZYKE4OagbHBLUC64NSgf3BZUCG4PKgaVgspBleCOoGpwZ1AtuCuoHtwd1AhqBrWC2sE9QZ3g3qBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBI0GT4NGgafBY0CxoHrQIWgat/tL+vT+V/wnXS/fWSbqP7qtf0v10fz1Av6wH6lf0IP2qHqxf08l6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XKXqCnqjf0ZP0u3qynqKn6mk6VU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtMf6oV6kU7XH+nF+mOdoZfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdKb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QP+iT+kd9Sp/WZ/RZfU7/pM/rn/UF7bMW91kf70YZZWJMjIk1sSaXyWVym9wmj8ljIiZi4kycyWvymnwmnylgCph4E28Km8ImCxkyRUwREzVRU9wUNyVMCVPKlDLOOJNgEkxZU9aUM+VMeVPeVDAVTEVT0VQ2lc0d5g5zp7nT3GXuMnebu01NU9PUNrVNHVPH1DV1TT1Tz9Q39U0D08A0NA1NI9PINDaNTRPTxDQ1TU0z08y0MC1MK9PKtDatTRvTxrQz7Ux70950MB1Mokk0HU1H08l0Mp1NZ9PFdDFdTVfTzXQzPUwP09P0NL1ML5Nkkkxf09f0M/3MADPADDQDzSAzyAw2g02ySTZDzVAzzAwzw81wM8KMNKOyFqrmbTPGjDXjzHiTYlLMRDPRTDKTzGQz2Uw13qSaVDPDzDAzzUwz28w2c8wcM9fMNfPNfJNm0sxCs9Ckm3Sz2Cw2GSbDLDVLzXKz3Kw0K81qs9qsNWvNelhvNpqNZrPZbLaarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloMk2mOWQOmcPmsDlijpij5qg5Zo6ZE+aEOWlOmlPmlDljzphzJv+lz0tvYm1Om8teY3Pba20ee53957iALWjjbSFb2Gqbz+b/VWystSVsSVvKlrbOlrEJ9ubfxBVtJVvZVrF32Kr2TlvtN3Ede6+ta++z9ez9tra951dxffuAbWAftQ0RAWxz29i2tE3so7apfcw2s81tC9vStrdP2Q72aZton7Ed7bO/iRfaRXa1XWPX2nV2j/3UnrFn7WH7rT1nf7K9bG870L5iB9lX7WD7mk22Q34Tj7Jv2dH2bTvGjrXj7PjfxFPtNJtqp9sZ9j070876TZxmP7RzbLqda+fZ+XbBL3HWmNLtR3ax/dhm2CV2qV1ml9sVdqVddXmsl7+tt7vtJ3ar3Wa32x12p931S5w1j732M7vPfm4P2W/sAfulPWiP2Ez79S9x1vyO2O/sUfu9PWaP2xP2B3vS/mhP2dO/zD9r7j/Yn+0F6y0QEpAkRQHFUA6KpZyUi66h3HQt5aHrKELXUxzdQHnpRspH+akAFaR4KkSFSZMhS0QhFaGiFKVidHmdXopKk6MylEA3U1m6hcrRrVSebqMKdDtVpEpUmarQHVSV7qRqdBdVp7upBtWkWlSb7qE6dC/VpfuoHt1P9ekBakAPUkN6iBrRw9SYHqEm9Cg1pceoGTWnFtSSWtHj1JqeoDbUltrRk9SenqIO9DQl0jPUkZ6lTvQ36kzPURd6nrrS36kbdace9AL1pBepF/WmJOpDfekl6kf9aQC9TAPpFRpEr9Jgeo2SaQgNpddpGL1Bw+lNGkEjaRS9RaPpbRpDY2kcjacUmkAT6R2aRO/SZJpCU2kapdJ0mkHv0UyaRbPpfZpDH9BcmkfzaQGl0Ye0kBZROn1Ei+ljyqAltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdtpBO2kX7aZPaA99SnvpM9pHn9N++oIO0Jd0kL6iTPqaDtE3dJi+pSP0ne9N39MxOk4n6Ac6ST/SKTpNZ+gsnaOf6Dz9TBfIE4QYilCGKgzCmDBHGBvmDHOF14S5w2vDPOF1YSS8PowLbwjzhjeG+cL8YYGwYBgfFgoLhzo0oQ0pDMMiYdEwGhYLi4c3hSXCkmGpsHTowjJhQnhzWDa8JSwX3hqWD28LK4S3hxXDSuGj91cJ7wirhneG1cK7wurh3WGNsGZYK6wd3hPWCe8N64b3hfXC+8Ny4QNhg/DBsGH4UNgofDhsHD4SNgkfDZuGj4XNwuZhi7Bl2Cp8PGwdPhG2CduG7cInw/bhU2GH8OkwMXwm7Bg++0v9A4v+uD4p7BP2DV8KXwq9v0/Ojy6IpkU/jC6MLoqmRz+KLo5+HM2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel87Bzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qKumCvubnIlXElXypV2zpVxCa6la+VaudbuCdfGtXXt3JPuSfeUe8o97Z52z7iO7lnXyf3NdXbPuS7ueRUD4Lq57q6He8H1dBPyXHxPJrm+rq/r5/q5AW6AG+gGukFukBvsBrtkl+yGuqFumBvmhrvhboTLCQCj3Gg32o1xY9w4N86luBQ30U10k9wkN9lNdlPdVJfqUt0MN8PNdDNd1VkXjzLXzXXz3XyX5tLcQpe1Zkx3i91il+Ey3FK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdTrfT7Xa73R5/3cVO3T633+13B9wBd9B95TLd1+6Q+8Yddt+6I+47d9R974654+6E+8GddD+6U+60O+POunPuJ3fe/ewuOO9SIhMiEyPvRCZF3o1MjkyJTI1Mi6RGpkdmRN6LzIzMisyOvB+ZE/kgMjcyLzI/siCSFvkwsjCyKJIe+SiyOPJxJCOyJLI0siyyPLIi4n2hraEv4ov6qC/mi/ubfAlf0pfypb3zZXyCv9mX9bf4cv5WX97f5iv4231FX8lX9o/5Zr65b+Fb+lb+cd/aP+Hb+La+nX/St/dP+Q7+aZ/on/Ed/bO+k/+b7+yf8138876r/7vv5rv7Hv4F39O/6Hv53j7J9/F9/Uu+n+/vB/iX/UD/ih/kX/WD/Ws+2Q/xQ/3rfph/ww/3b/oRfqQfFfOWH335EhnG+xQ/wU/07/hJ/l0/2U/xU/00n+qn+xn+PT/Tz/Kz/ft+jv8Akvw8P98v8Gn+Q7/QL/Lp/iO/2H/sM/ySy7dQ/Uq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/xOv8vv9p/4Pf5Tv9d/5vf5z/1+/4U/4L/0B/1XPtN/7Q/5b/xh/60/4r/zR/33/pg/7k/4H/xJ/6M/5U/7M/6sP+d/8uf9z/4C/80aY4wxxth/yYQrRfF79X1+5znxDzv3BYBrtxXM/Mf6rBXl+nwXy/1FfPsIADzTu+vDl7caNZKSki7tmyEhKDoP4PI3QVli4Eq8BNrBU5AIbaHs746/v+h+jv5F/9HbAHL9Q5tYuBJf6f+LP+j/8SdHLawQnon7f/Q/D6BE0Sttsq6TLsdLoJ3KemwL5f6g//yt/8X4c36ZAtDmH9rkhivxlfEnwBPwLCT+ak/GGGOMMcYYY+yi/qJy58vXn5d/4/P3rs/j1ZU2OeBK/K+uzxljjDHGGGOMMXb1Pde9x9OPX1OsbedfComJf6JQ7c/szIXfK3j4HzGMiwXvAS4/owDg3+wQ4JfCuP/gLLb8R46VfOmt889Vy8/6AP5npPKvKFzlH0yMMcYYY4yxv9yVRf+vn1dXa0CMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlg29J/4d2JXe46MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbY1fZ/AgAA//81OQSC")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x61, &(0x7f00000001c0)=ANY=[], 0xfd, 0x0, &(0x7f0000000000))

12.063215093s ago: executing program 3 (id=2424):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x180000e, &(0x7f00000001c0)={[{@usrjquota}, {@mblk_io_submit}, {@acl}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=")
r1 = socket$kcm(0xa, 0x3, 0x3a)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000240)=""/140, 0x8c}], 0x1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0xf, &(0x7f0000000780)={&(0x7f00000000c0)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x4, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_DATA={0x0, 0x3, "45f03ddbd8aa8987fe6255b1f0ce25722d4fbc3e175fdc7e099d8e96fb9e1684b3ce5ba5138c0597ab9dbe76c14ef51028ce0cbae0c1f2a920ddddc3faa3406091ba1969da904569a5ef5112d5b196a9c9326e7d3812d3d5ea0aa140"}}}}]}, 0x38}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/rt_acct\x00')
sendmsg$kcm(r1, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000480)="9eb8a2c0e241fb0402ac8d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad7a3db73f4f12d0728bada715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1", 0x9b}, {0x0}], 0x2, &(0x7f0000000800)=ANY=[@ANYBLOB="1800cb54f152ada499552b4f9463e0440eb2e7df1d000004000000bf0000000000000092a8d072f0d45fc7d30afad0c55504f49b26d663fd3e4e2bb14965e2a03c9c522c79fc617e33b70ab8ec1eab9cec94a1b7b6fb2f5ef3f28a649a7f5bacb67527f925cd85f0e31cbe83934b05ebb5f4"], 0x18}, 0x8080)
sendmsg$kcm(r1, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x0)
mount(0x0, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)='affs\x00', 0x2010000, &(0x7f00000007c0)='\x00')
r4 = syz_open_dev$vim2m(&(0x7f0000000200), 0x7, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000000)={0x38, 0x0, 0x0, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}]}, 0x38}}, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000000)={0x50, 0x1, 0x0, "ff16406e0000003e783b9db3ada49694c00000000000000000000000000086a6"})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000140)={0xffffffffffffffff, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@newsa={0x140, 0x10, 0x1, 0x0, 0x0, {{@in6=@private1, @in6=@dev}, {@in=@local, 0x0, 0x6c}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @tfcpad={0x8}]}, 0x140}}, 0x0)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, 0x0, 0x0)

7.959993364s ago: executing program 3 (id=2446):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB='\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000380)='ext4_ext_remove_space_done\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)

6.198301153s ago: executing program 4 (id=2461):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x3}, 0x8)
sendto$inet6(r0, &(0x7f0000000300)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, 0x1c)
sendto$inet6(r0, &(0x7f0000000140)="11", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000002c0), 0x8)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="040e0a010e04"], 0xd)
pipe(0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000240)={'syztnl0\x00', <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}})
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_user_confirm_req={{0x33, 0xa}, {@none, 0x3}}}, 0xd)
syz_emit_ethernet(0xb3, 0x0, 0x0)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000180)={@remote, @loopback, @remote, 0x4, 0xff, 0xcd, 0x400, 0x20, 0x1800000, r3})
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
shutdown(r4, 0x1)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000440)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000040)=0x84)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000340)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x46}, @l2cap_cid_signaling={{0x42}, [@l2cap_conf_req={{0x4, 0x20, 0x13}, {0x4, 0x8, [@l2cap_conf_flushto={0x2, 0x2, 0x4faf}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x807d}, @l2cap_conf_ews={0x7, 0x2, 0x9}]}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x6, 0x6a21}}, @l2cap_move_chan_req={{0xe, 0x9, 0x3}, {0xaf, 0x3}}, @l2cap_conf_rsp={{0x5, 0x0, 0x18}, {0x9, 0xb9, 0x3ff, [@l2cap_conf_efs={0x6, 0x10, {0x3f, 0x0, 0x100, 0x3, 0x7f, 0x80}}]}}]}}, 0x4b)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r6 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
unshare(0x2a020400)
fcntl$setpipe(r6, 0x2, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "81d90d", 0x8, 0x0, 0x0, @mcast1, @ipv4={'\x00', '\xff\xff', @remote}, {[@dstopts={0x2}]}}}}}, 0x0)

5.818959194s ago: executing program 2 (id=2467):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x3}, 0x25)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000040)={0x0, 0x8000001, 0x0, 0x8, 0x0, "dadd1023b1df022dace17a32d21100000000de"})
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f00000006c0)=0xd)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed0744", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bind$unix(r5, &(0x7f0000000200)=@abs={0x1}, 0x6e)
getpid()
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r6, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003a9dd27753f7f0000ffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000005b00))
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)

5.799382054s ago: executing program 4 (id=2468):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000300)='./file0\x00', 0x800, &(0x7f0000000040)=ANY=[], 0x1, 0x694, &(0x7f0000000640)="$eJzs3c9vHGf9B/D3bBwnm/abuGnS5osq1WokQFgk/iEXzIWAEDJShapy4GwlTmNlkxbbRW6FqMPPaw/9A3rxBXFC4sQlUuHABW69IR8rIXHpBXNaNLOz6836R9ZNYjvl9YrGzzPzzPPM5/nMzP5UtAH+Z81PZOR+isxPvLZWrm9uzLQ2N2budOtJTiVZT0aSNJIU/2632x8n15KiN0wxUO7w4dLcG598tvlpZ22kXqr9G/v1G1Dvtz6web27bTzJibp8BA+Md/2Rxyt6kV9Lcrku4cidTNJun0y75yd/fbbXUjae65TN3XqfPrxAgSem6Dxvpn4+7hlLztQ3evk6oPvM2zj8CIdzasj9Bl9BAAAAwNNmmPfA57aylbXi7CGEAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8I69u//1/US6NbH0/R/f3/0Xpb6vrx8vLBdr//pOIAAAAAAAAAgEP08la2spaz3fV2UX3n/0q1cqH6+0zeyUoWs5wrWctCVrOa5UwlGesbaHRtYXV1eWqIntO79px+SKCn6rL5eOYNAAAAAAAAAF8wv8j89vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHBTJiU6R4l7f5rE0RpKcTjJablhP/t6tP83uH3UAAAAAcAjObWUraznbXW8XuZDkheozgNN5J3ezmqWsppXF3Kg+F+i8629sbsy0Njdm7pTLznG/868DhVGNmM5nD7sf+VK1RzM3s1RtuZLreSut3Eij6lm6VMfTHXUgrntlTMW3a0NGdqMuy5l/UJc7vH+gye7lgB+mjFUZOdnLyGQdW5mN57pnZvczdMCzM3ikqTR6wV4YONLAJD5Xzs/UZTmf3+yV8yMxmInpvqvvhf1znnzlj7//8WRdPz5TGs6JumxXf5s7MzHTl4kXh8nErdbd27durkw8bZnYYbLKxMXe+ny+nx9lIuN5PctZyk+zkNUsZjzfq2oL9ckv+m75PTJ17YG11x9Ym9+ZuNH6Cu2crIPF9ErV92yW8sO8lRtZzKvVv+lM5RuZzWzm+s7wxf3PcHXXN/a469v/t2saL3+1rjST/LYud7Vnw5NS5vW5vrz2P+aOVW39W7azdH6ILA0+Nv5p/1BGvlRXymP8si6Ph8FMTPVl4vn9MtG9kFdad28v31p4e7jDnf+gr/uvj9VDanm9nC9PVronaPvqKNue77YN5Ktsu9Bra+xou9hr69yp63veqaP1a7idI01XbS/u2jZTtV3qa9vt9VbnWyAAjrEzXzsz2vxn82/Nj5q/at5qvnb6u6e+eeql0Zz888lvjUye+HLjpeIP+Sg/337/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfH4r7753e6HVWlweqLTb7ff3aDrsyshDQt1Ryfg/nik7dLe002vq/pzZIc7i/59Nhu9V/wJPjkXmH2PlP+12u95S7LHP7/5ykET1V0aHvzYeUjndqbRrxyJ1R1Q5ogck4NBcXb3z9tWVd9/7+tKdhTcX31y8Ozc7Ozc5N/vqzNWbS63Fyc7fo44SeBK2n/SPOhIAAAAAAAAAAABgWMP9f4BH++8oRz1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ok2P5GR+ykyNXllslzf3JhplUu3vr3nSJJGkuJnSfFxci2dJWN9wxV7HefDpbk3Pvls89PtscolP7j+kH7DWa+XjCc50SnvPa7xrtflvor9plD0Zlgm7HI3cXDU/hsAAP//kxkBhg==")
open(&(0x7f0000002000)='./bus\x00', 0x103042, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
unlink(&(0x7f0000000080)='./bus\x00')
write$char_usb(r0, &(0x7f00000002c0)="9f", 0x1)

5.323756375s ago: executing program 4 (id=2472):
syz_emit_ethernet(0xae, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x18, 0x1, "00d414ce8ad4"}, {0x18, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "005ff92900ddab4992020900"}]}}}}}}, 0x0)

4.551410771s ago: executing program 4 (id=2473):
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000002080)={@broadcast, @multicast, @val, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "13209f", 0x0, "0dc1e8"}}}}}}, 0x0)

4.415475901s ago: executing program 0 (id=2474):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB='uid=forget,noadinicb,iocharset=koi8-u,gid=ignore,dmode=00000000000000000000004,rootdir=00000000000005,iocharset=iso8859-2,nostrict,mode=00000000000000000004622,\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0xc39, &(0x7f0000000240)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LNkkJcr6fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lBtwIAuJ/OT3/1+AnPfwB4pFzw//8AAAAAAAAAAAAAAHDQpSjiiUixdH4rzVafu4bPtTtXr81MTN6+2kiqag5U5cuf4edPnDz1pRfGT/fyw+vvtafitekLZ+svL15ZWm6trLTm6zOd9tzifOuet7Db+jcbqw5A/crrV+cvXVqpn3ju5A1fXxv9YOjxI6Nnxp859nSv7MzE5OR0X5na4Mfe+y3uNMLjUBRxLFI8+/0fp2ZEFLH7Y3GXa2e/jVSdGKs6MTMxWXVkod3srJZfTvUORBFR76vU6B2j+3AudqURsVY2v2zwWNm96aXmcvPiQqs+1Vxeba+2FztTqdvasj/1KOJ0iliPiM2hWzc3GEXUIsV3D2+lixEx0DsOX6wGBt+5HcU+9vEelO2sD0asFw/BOTvAhqKIVyPFT94pYq48ZvknvhDxapn/GPFWmS9FpPLCOBXxfnUdjTzglrMXalHEn5Xn/8xWmq/uB737yrmv1b/SubTYV7Z3X3nonw/30wG/Nw1HEc3qjr+VPv5vdgAAAAAAAAAAAAAAAADYayNRxFOR4pV//4NqXHFU49IPnxn/3dGf7x8z/uRdtlOWfS4i1op7G5N7KA8hnkpTKT3gscSPsuEo4o/y+L9vP+jGAAAAAAAAAAAAAAAAAAAAPNKKeC9SvPju0bQe/XOKtzuX6xeaFxe60+X25v7tzZm+vb29XU/dbOSczbmWcz3nRs7NnFHk+jkbOWdzruVcz7mRczNnDOT6ORs5Z3Ou5VzPuZFzM2fUcv2cjZyzOddyrufcyLmZMw7I3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8kRRTxs0jxnW9spUgR0YiYjW5uDPXKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0lAq4geRov57jevrahGRqn+7jpa/nIrGoTI/HY3xMl+KxtmczSprjW8/gPazO4OpiB9FiqHht6+f8Hz+B7ufrl8G8dY3dz79Uq2bA70vRz8YevzI4TPjk7/y5J2W0+0aMHau3bl6rT4zMTk53be6lvf+6b51o3m/xd50nYhYeePN15sLC61lC4/GQq27UIs93fJIxN5ucO8Wat2FfL+KB96eOyw0DkYzdhaiuvff9p7NJ0b5/H8/Uvzmu//Re+D3nv8/1/10/QkfP/3jnef/izdvaJ+e/0/0rXsx/25ksBYxvHplafBIxPDKG28ea19pXm5dbnVOHT/+5fHxL588PngoYvhSe6HVt7TrQwUAAAAAAAAAAAAAAABwf6UifjtSNH+0leoRca0arzV6ZvyZY08PxEA13uqGcVuvTV84W3958crScmtlpTVfn+m05xbnW/e6u+FquNfMxOS+dOauRva5/SPDLy8uvbHcvvz7q7f9/rHhsxdXVpebc7f/OkaiiGj0rxmrGjwzMVk1eqHd7FRVp/ZoYOZgKuI/I8XcqXr6fF6Xx/+V8d5gX9n+8f9rfeur5X0a//epm/aTUhE/jRS/8edPxuerdj4WtxyzXO6vI8XY6c/lcnGoLNdrQ/e9At2RgWXZ/40Uf/+zG8v2+v7ETtnnP9rRPfjK8384UvzgT78Xv5rX3fj+h53xn/3n/7GbN7RP5/8zfeseu+F9BbvuOvn8H4sULz3xdvxaXvdh7/8oYnt7+1sRR3Ph6+/n2Kfz/9m+daPR3e+v7133AQAAAAAAAAAAHlqDqYi/iRRPT9bSC3ndvfz9v/mbN7RPf//rF/vWzd+n+Yp2fVABAAAA4IAYTEW8Fykur759fQx13/jvG8d//tbO3OsT6aZvqz/n+4XqvQF7+ed//Ubzfmd3320AAAAAAAAAAAAAAAAAAAA4UFIq4oU8n/rsXeZT34gUr/z3s7lcOlKW680DP1r9Onx+sXPs7MLC4lxztXlxoVWfXmrOtcq6n4kUW3/1uVy3qOZX7803353jfXi7Nxf7cqSY/Nte2e5c7L25ybvzgXfnYi/LfipS/Nff3Vi2N4/1Z3fKnijL/mWk+Po/3b7skZ2yJ8uy34sUP/x6vVf2sbJs7/2o3XeSDtdiofXc3OLCLa9CrRS7PjUAAAAAAAAAAAAAAAAAAAA8QgZTEX8SKf7nynqs5WH/ef7/3gz8tV7Zt77ZN9//Ta5V8/yPVvP/32n548z/P7pnPQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIdHiiLejBRL57fSxlD5uWv4XLtz9drMxOTtq42kquZAVb78GX7+xMlTX3ph/HQvP7z+XnsqXpu+cLb+8uKVpeXWykprvj7Tac8tzrfueQu7rb9z6LrGqgNQv/L61flLl1bqJ547ecPX10Y/GHr8yOiZ8WeOPd0rOzMxOTndV6Y2+BH2/pEat+NQFPEXkeLZ7/84/fNQRBG7PxZ3uXb220jVibGqEzMTk1VHFtrNzmr55VTvQBQR9b5Kjd4xug/nYlcaEWtl88sGj5Xdm15qLjcvLrTqU83l1fZqe7EzlbqtLftTjyJOp4j1iNgcunVzg1HE65Hiu4e30r8MRQz0jsMXz09/9fiJO7ej2Mc+3oOynfXBiPXiIThnB9hQFPEPkeIn7xyNfx2KqEX3J74Q8Wp/wZciUnlhnIp4/zbXEQ+nWhTxf+X5P7OV3hkq7we9+8q5r9W/0rm02Fe2d185SM+H7Y9+LY7swW7v3QG/Nw1HET+s7vhb6d/8dw0AAAAAAAAAAAAAAABwgBTxy5HixXePpmp88PUxxe3O5fqF5sWF7rC+3ti/esQflrm9vb1dT91s5JzNuZZzPedGzs2cUeT6ORs5Z3Ou5VzPuZFzM2cM5Po5Gzlnc67lXM+5kXMzZ9Sq2N7e/la3fi3Xz7mWc70WUZT18+fNnHFAxu4BAAAAAAAAAAAAAAAAAACfLEX1T4rvfGMrVXOpNiJmo5sb5gP9xPv/AAAA//+ZYP5q")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
lseek(r0, 0x7ffb, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}}, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$FUSE_ATTR(r0, &(0x7f0000000600)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, 0x78)
write$cgroup_type(r2, &(0x7f0000000200), 0x175d9003)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r6, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee05", 0xa7, 0x840, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
r7 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r7, &(0x7f00000000c0)='./file0\x00')

4.411630764s ago: executing program 2 (id=2475):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000000)="82", 0x1}], 0x1}}], 0x1, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000180)="2e260f009d040000000f3266ba4100ec36650fc75d85b9800000c00f3235000800000f30b805000000b9060000000f01c10f1bde652e0f309a004800006700c4e29d026a05", 0x45}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
capset(&(0x7f0000000000), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.285964494s ago: executing program 4 (id=2476):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x16, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c)
memfd_create(0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="d64018d045425ac05ef8825ab12f4cdfaf249ed25b2237ec697b1a2672f0eebf752b42a90d7ce1bb6cecde79137894996f34a9ddd06068a9360753eac71eb73e721b50443ae5e8577a1d34201aee2aa328c12d859757fb0edfbdea0f3628fe3f4a7644a465df876afdcdcd2e30859763deda795aefd8d36d1fba16e6c96c78a38742063c8de5acbfc6308a7fd282d958725da202db52c2d49bed515de5035d8fb6b24ae8d37accc6181d74535e8f01aaabd131cd5f44030f5d26eda9c4f7f0168557ca9e3a9f0ee806", 0xc9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180400000100f1ff0000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="8f9f000000000000000004000000180001801400020076657468300001000000000000000000"], 0x2c}}, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f0000000100))
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x3000, 0x0, 0x1ff}})
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x1b, 0x0, "05be04f85f24b3154478c908c2f6ecd93900e179a582b52ce9cfeb10f466693ce04d4c38eef0cdc8075077a1f8d2e67f41bbcb62a57680a053b58536349d9c41", "e3c055e4c17b5fec8c1737c24bc5bbb0751fe63b9e0c55b1e82eac590b9d7f057b8d7c7af91d8d9d0b4f7525250c81dd277b5b6cbc5b00", "7a91b590b9c06821ef5c606d5f4ba751aae2edcc2717a215ed6e2285e774391e", [0x7, 0x2]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000000)=[{0x15}, {0x5}, {0x6, 0x8d, 0x0, 0x1}]})
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x80100, 0x0, 0x20}, 0x18)
fcntl$setownex(r7, 0xf, &(0x7f00000000c0))
open_tree(r7, &(0x7f0000000100)='./file0\x00', 0x9000)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x400280, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001780)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
pipe(&(0x7f0000000140)={<r8=>0xffffffffffffffff})
connect$inet(r8, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)

3.957463073s ago: executing program 1 (id=2478):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001740)=0x6)
ioprio_set$pid(0x3, 0x0, 0x0)
ioprio_get$pid(0x3, 0x0)

3.781975537s ago: executing program 1 (id=2479):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0xc, 0x0, &(0x7f00000001c0)=[@acquire, @enter_looper], 0x0, 0x0, 0x0})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r3, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death, @clear_death], 0x0, 0x0, 0x0})

2.76427254s ago: executing program 2 (id=2480):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1000400, &(0x7f0000000200)={[{@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x41d7}}]}, 0x6, 0x588, &(0x7f00000008c0)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE01491kd7ObbOOPie3fTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vLBvdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmzvAV/rHZfpmO3OSiMiP3Jv7H3vT4RT3fqcLrsgPJb87/FzEfF8N31PtbwyAQAHK8vOR3a+P39fOpDLsmTEOgDA0ZNf889Gkta61/+zkaa1WtGHV30mzqTNVrtz+UZr/VbS6+KbTm/cbDauFH2FEZWYTvL8fERcKKbd/MJQ/mpEPB0RP6/MFPlavdVcKuU/HgDg7ND5/z+V/PxfmWRTdwgA4ChzJgeAk+fB8/90KeUAAA6P638AOHn6zv8T3fkHAI6+6tCz/yNlyaGUBQA4HCP7/98+dz/9bDL0ii8A4Khz/x8ATpQfvPlmPmU7WVK8/3rp3Y31lda7Ly412iu11fV6rd5au11bbrWWi3f2rI7YxZ3+TLPVuj3/Uqy/N9dptDtz7Y3N66ut9Vud68V7va83PFgAAOV7+rkP/5pExParM8UUvbEcHv2DAOCISyNmyi4DUI5TZRcAKM1U2QUASqM/HnjUj3tH/kRoJiLeH7+NjgV4sl36wpj+/+H/DQbvB/x/H0bHBkrW/VrrBoATaG/9/3oP4Ch7+Infg0FwnGVZYjx/ADhhJriC9xNBOOYe6/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FH6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5eDrAAD0mRqe0TtPF599F/Kf3N2q96bDLODH394dXDSPu3N3q35/POKpbuGrkc878+9koDLJPg1MvH0nIp4drn96b/mF7sinw/Hz2OcOLH4UNZwdiD/4b1RaLNv9zI/F52cmjLcPZYbj4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZw82ro+h1/7tZLvt305f/Hz/3z9XLdqaUe3fxUljvPTH745ddudU9sWpiF7snb72Z1e1SI2K/8KE8f/2pa88P+5gZb+KuBQPi7+bmuus3p5rb2z+9nsf/Gm5sdy4tbBwbf7alVeuvrwwV/RRz/V6qh/0z1cvPzW+/hFnxsSvPqL+X5+w/r/+3ztvf/Uh8b/5tVHx03jmIfHzc+I3Ym2i+ItnPhg7fHcef2lM/acG4p8e2C6fd3l4Z2P+ID/6++bSRAUFAA5Fe2NzZbHZbKxNkkhjc2Wxd6E58VYDiZnH2mrCRBzYnkcnpgcOQvWgYp0ds+g3n3mH03Gox2ffEnc+w8qVcop6Kpq9/qhHrtxdb3svQbNsD2W+OME6JTVIwKG5/6UvuyQAAAAAAAAAAAAAAMA47R92X/m3zw9F9T8MV3YdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL4+DQAA//+T6cce")
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x6}, 0x1c)
sendto$inet6(r0, &(0x7f0000000100)="80000fdc2208", 0x6, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000005ac0)="4b2491b461bedcb9048c176a7382f91f7a6483b2a1586d010993885efce3d556a22a448b9235a4a34121cc80b619b8e437e9873df079ca643e34e2bc1a535d9b2a9715b4e5857bc20df3038c4a552abba5397e029e19754b57555e01956a5f0cca8ca6a8e7047b2ecb5a9cfd9aa1073df281cf12de3a7c659616d560d5615d5e610a1f72fa41807627908f23a797dc3766289b04fa3187c07de31e49056a916103908501dd83aca8d2a5a66f6ce934164edaf5a7e372a86b3b1e66bbe3c50409717e5947cf16f71bc84ec60723acb7de047af2667135c2865db451b7c7c92c858f374e86b8bf5ece0da6c5970fccf1714fba7be72122dc6fe77b8620421b55af59d9a0256a168ffd531ff9290a3142104a55b1e5c2b11ffa0a00f7b40167c228eef62d7bfd0b50c7b07ffdea383fe89812f6e1f1b006e31d0b5fdcf7c1725f9ceb355b133ec8ab9cddfe7052d418393e5cb4b5a08bfd036e8aa93fec6a62f03cf34d0024aad605bc3344c920733ce3b4defb22a1a5839faffa2e0a1c19b3db8a499e996781e8061c0f4b9f193bbd8ae74971e821b0cf5af91ebd14f49443264e1a03e419589dff9d10e2e491a6f0a020de6afe564aa5f49342ddda455049eff63a96dd4f2db86d75b60f7617e9afe6299379b13b1d10e230e4f38941f24006eb981424264740c66afc4d3f7a78f3deffac4ae559f5d0f3da9fb7e0855b4746dda982506d1a3a52dc12d6abff23454f35d7d96a75a561b4286e4c62edb28da1899974319f3a7d5b90a3082805d6f800f3360893130281d3f1e4f5569ce40007bdd9e798b19217ff1db4b74ca41ea760c4de95680e4b82d00981271898685e618463ee69175f68b707fba213b36f63826ba07700a27d17d70e50bba2c603499285df2286b5d74926e0d0c7aec135d1981373d0db8ae14b4c4451f207ba6c9959b57f5e26cda62b9268ec21495e49beffcc8899058232cee856f26ee47afb06fd6bac8512e65bc5d4bfeedfdb75e75786e2770aa9bc89aa1e038c8b6f4b78460d4734b2ecab7d9e8609c1731731d9cf776c1334191e57cf00434e1a9745e50a54e28f324bc3dda179c57f45264c6e8f5e95b79f2934e0c2a68efa79918ec4274ec0b33120398c9c7c7c763554859a6a6ca5038cdba2d4fd04b845f4c0f0ce027d8f2a848f4cd3604fe198aa8c6668d572567855cebad36f87e6983bd88fc07357ba9d7fbbd325db7f24297b5122c9aa6eacd915d32bc87f63c108f256151a318c7061cef2fdaecede878d4ea6db06ece2a57cc01436bbba663140acbf6f33946e8349cfe41a528ce72a43c244dcd2a5d8b56934ffb2cba99a1c112c0eb4c13afaf21a88bdaf58378a1b9abc8e57b6dfbbdb66cf27b869fa74ceedf9fbf528c3e2cf8111712aa48fc62e4f2ca4ab09032d57b91dd39d7bd798a4c6d567ab75001e926ff74d71bc566d102632ac3e36852a334d8e889568d135bba35a8b77955e85982c95ef57ec4d385c9d71917b3eab51e23a646c3e4a6ecd616f007746c6a05504ba28b223e39a670005856f39e3ad012ada10dd841cc63bee98792fe8aeafb31bd9c8c2e8f5264b9abc433bfbd40fa82e9308f56134d904ee718b6804b06a3407210bb40da9231007ca30f72d0e1b24c279f5e1f57e81c0c37de3ea8adc0daabb8c1572a64ebad81be98c51dd1794594d19b1de2f9d239568515b5aac3a342a3ba4d24c5f1a83b096be25df7d1744a59a691a2b3bc73045dbd73d8392a048659bfeed84fe028fdb45959bba31c6c1d756a05c9c5275f1d4182056e6114562b9adb5dfeb7ac90e4084c61034b16974cca62b757a8040a4ad5f7e0aaca84433f1d7b86075e35b3c90249a7ecf73ce1c41fda2d55179010b51c4e80cbc0ac14bf285942710e9dcd0788ed5863250163e0d6938d3470af3e3deb61b9dcb5443378f915c25d3bb26958cbb34bfc59e770c456bbb03fda3ab9bb446144ed1ff2323d05b5fb34282fdb1567b24c511026e1d103894fcad880baddc55fb8a21c62f8baa4f460841b556ce62586e0a4953604e6322115bcf4616d6a07056c11b11506f4ef7ccd585030a1c48bee3a27e2357a8e0045177fe14de7d44b888153bfaaea4b507685c18d90aa6b8d2297d18897f82eee25c12243fb968c11bf2540bedc6354420258477eedf5d1b18da6432b9b61d1823e2b591b624642b52b1d4c5f6ec6467e72ee924d3b7cabf481c0d616288000f57a6df18deded00b7e1d9673f836b1ecc20f14fff609c839a0f18db8c60defa3aca368c48cc174753e643d32a75034d07c608545036160f304e8c7db02d96e6bdc20e5bb3c8c5c513016c0365bfdfda47100aa5aeaf1e3f751b7a5ca10ab74050ac0ccf28cf1cb13c57c9b0cd7a3c421cb604620902273aee2db6ac3047331b68460248d5d7c91bdfbd29df2f702146a3debd443c46c62705db392bdf021f89de1ffc236b9dc0f0bb94a4ca62f8e8bb0010f0585a738ef840ee980424a15d3662efc4a51965bcb6935b61308f497293e7af7ceb972fa9184aaa8433123811f825ed203b4141274c66c7334116dede159bcf62e15ab39d4fae9789052dd3a91ffd0015a25ec03fda69786a0a002abee9b0d452bde1a6eba15a01ad7c73ab90d078c1fab6775e7dde159f7d79efd28c79c598b8ee38e9a01f93c4f98ef9c1c1ddafbf2db0685a70ec0720e95702036ca46243c95c917791d80ebafe63305783efa474652245cf542a8e05e74af8b5b9efa9a31d1b5cf5d695ae84caeec2215b02d599fa85013740129c97fa6be073c02c212aa34dfb4f2084df2ba973c6a03487f2540e877ee6020a885ac8591e113f154fd954145336b338a2f7e5b4e154c9ec444febd8e9054144480990b4672d5c022ad373effa865be24d74000666943fa4c4fd5c714cf489a01da6cc3558292d0174f335707bf315a33aa0ff2586815cee5aa34f443f3297e8d83ffb38b0081ef99682d1a332f92bbd0cf159e291f8499d0f71f696b97832fd507f526c48d70fe2e2c11969a46d203f6bbbe2a91551b41ea7f0e1c4407f2c553aa11148fdb00830409e516aebe506757dc8070f8f8204522ec035574a8e7849b9d8223de69b66400095c46482d252ee3996d163bbd7afe4a9d02f65d7644d3a8be257f563d56e62c8edfe4abb173670511905aa89876a8dfe3f866706c10443863b2f0f33967a8b97fd09bd268d25772602a76953d5518fb15c987ce36ff7ef906cb8b32f1da6d6a248b1e4db10302f61feb5d0fb9a38b4583d2c59b7c3922b9f67533f7697dad383723198c8132b9f8b56c2ab4767a30b117126911e3ce3d147df6b621e6f4c6cff4b0b99b7ce2ae8c770342fea1d4e71e96b27fb08efafcf187e31e93c049c214c7c6d9db652907da7d4b274946adf25d0030c5abacbb987069f0cf977e3675fde0ad23c87edbecafcb3b63f1c96dff5406630a02b1bbf6ffdd7c2072a3e6bb536718e26fe262fd25b574495e9877bdf11fb5c4bb300b0687da710c1464841757d52be584f8783d10f857141b725b31e21e6ae56a53c033da14a7007ade63bccc1b79c27de989902fe849e6f56b7762ef00d2f5f8c8aa7a37d0d5da02f1db50b22de67f572b9f596645b5b8ad48a107c709ccdc31c2b22ccc75c6aa644cbc669eefb7b2798e848615748db19dfbb1fcd378209a08eca2db3ea53bfe0bc768cf2d4658579d7c17586c93d945cb6e85b80bcdb13f49f091272f25824ab4d361f79556d4b227164c1ed431874a88d6bb9612ea8edba924ff2be24641a1a9dc16c54290583785dd07ef437f5c4838ac4c1b2031d5f117f2fc696faf7fc76473b9066782209739956d8cc6147ca640f63db6b373d0837af31238041adb39d7ce97a5ea03b64f0a8e3301c24604026130a56f9666f270ec77bdcbe8210ce6ef1bf65f3ac73518a3bbbb18105a849ff99a2485a9cf70ed6a656d242db20b284facd0786c4c471a221df68e13a5e710977df026edb52443f59bfe48178cc50bf5042fce96a7ee788ea529b83e5cd06e42dbf49b499756271e8ad2bdeac76481eb04a36b7ca413f303da44143c691bd13c61e064e4f7ce278d9cfb105f381e0c37a5dcf0dd96ecfff04df387471a829204585fa77a671b702e6139061449647eb30584f3ce36031b5cdbddf8e04f71f517240cc8dc54fa691b531a1c6c39367e2f2d731c10d0eb706dfaa089e173f17d68385ad79d1a01d12534915e13a932106789b9527e794cace8a3faedb65042258085c1f4a61bc862fcc627a36bb2159b8197a5a350448abaeec8636d972485feb05c1a4a669ed138ca5fb1baf68d7bf643df5677ecc1b2e0d0cd6293daa2fb69c1c769c1972110034b2d247e6884b1fc741c9448fb199ba93c6dd90e406fa0e07e513511ed008d58cc4fd804cce55d4b4da598c0b6c259d311a71a02a533ad5aed6267936c4e990cbbae547ce511431ec217b19392ca7625522df6615514f1cc54d9ada3f9aa731ec1a379bffd0dc5e7dfc0befe97311995ffb3e84e7aa2fb017a6502576ceed10b07feb61c9d1c4d7cbd80f33a0f35ac97e632ab87af457e02ecb5e57eeac2103561fe22d0af63bda651ca2ff02d72cc29e8725265909bf3bae72320cc3c0d54f5d0e8cedc33f7f1eb01974a0385fe534d3f04b56a23c7fb4e48ceb3c5d52535a2adeb32d21c17ebea71696381cd87350bce38ec78ce7233bbed809609eabd442cd3e30567adb6dbd337586d54c44d701b917e2ee6c46d87132c1a8c2baeee898820fa39c1304c5590fb75b070d8231931138767e85f518556e5712b419027b0c4397fcc48b4b15cfd06bddad3dfb369bb29b13c6721cc22da9bb33d9f49b60e6cc051750dee1b20e7d084a7444be72201c3eb5bb81cce7c07c3d35b0896ed59381fd171d216df24e6061dd17ffb80e2d4e64b13f285b9ed8ade9ee4d831dd5c3a34e1420bc0ce51b6a8c8a5c315d6c10082548669eb31f6c1feb171a95749e3fb8b217867aff419a7c06b16ee024028b0d0ade0af2ba5ed09100d5f26587f686fa15a2022a35a462b7bbbeac496c096a39c4d7413450e945322cc41019cce595a3f5f96002101829b45a7d3148236692dcfcdd0bbb8f0db5b58f84d136f8db06de1b8229a99da0908abd2bddd7039a978518467d0e5b64b05ed16c0170eaa5ce390c5415d76da48c8363ce81703420780919c12a7eab01a1dc5707f72f4efb7b4e94e30a5ecd3c997f730fb39b8e4604ada9a60b57d8efb9e3806959544d83fef509cf0289e7919c9ad5b9412cbefc16ae039d41706c43911496db03dcd948c9d823ac7f804c8d7afa18f3176a2a803ae672a43981fb19aa68f566c9e6d88f583a3fc148476b019d581bdb008db71dee2af7370f30aaaf6930cc3c283ddd34c2faf87ca7ecb7922ab8904486e5b04174fa24de1d068225c32e0603ad586a6f5f7a1be1e237703b4e61d52bd6f7468f841cd92c5269b15bc69be65740f22d72c39159daa03b3a9dbddf3a2fcd212c2dbef7197234661952852d65e989302a6db5663835784e7d0a0bd6f51988d9f43b52a1b7d3d0fcfa9963549cd45d3d5486fdb639603c05dc684517532c444c0650a48331835f41373e6f6b2835caa28426d8145135b9102d31ff614e9766eb95d095376b8854f7923d0ff3ad89d253a7cb4fae9ac8189c863c23fcf234090f13750b64fbea2e9c527a37363df2f7b2db115c400dd3831b33f986b2b379ab786908ab86fffb43052f2b7dda9ddc646f534aafdb4214686d22e91fdb1de42be04bfa7327bc37a4f38b80300496ddc794cb73f4c31e558a19ebad905fb86244fac48a7784c282809556dc4b2978efc15b85764836346f9741bb5bc7cd4d454764f4a88fce7f64cd6a9a0b2eceb52c955527b327d4991bac7a1a7c0a30ec1232f53994978a4d7979d927c24c28ab052345cf89ef48ab27d5e115244dcdd1ce2c8093e753ea83351bbb03922dc4ac34633d270d2ec0156b2cece1c7c91c86f60cce3d1babe05ace441474ed90d0dd400841816419a18b715fb2ac1eb073b23f0a16741fd4596fc546c39e38087af4f96357fa8eb39047f638fbc8fbf9ba35e19e7608dfcef5e6093b5c0afded071c0cdde8fc57fdb555f2753a96cbc65393df09236b69e8a3788384d4a0b40da6b621c1052905d2a6c43bc7e181068a5907be47e224f66a777747e77523961685b672591d8a1cb4b7560ac9eb96f4346704797d786973914f7d339041f1249c93f9758314a9b7a3884b174184fcb4c3cf033c1245a6acad4ca2b6223e9fedaa1044897a9d54990eb37c2fb0ea047624115471fc69d543a6b864fd91974cdbc0242512c049f35788adc533705658c16157f479558f6ae604384249d1463f66f53f061036372bf281e425c31cc12e70c485ea561a0c7cd405d1755c7e5a5c1f734d480f6c5e9d61c60dc9abcb132bd34f6b97393569a8af11f513a747702a385711eff08422acd0f4103b9f29588e0a6f2b9e72f863c9919f594daafa0767a6bf63dd6622a0eeab18837b91201b00d4b10feabf20d47a347ace80f2c82a6bb83cb85bff6113037136684afa631b7eba48c9ff51fab22635a3b4a2a90ff91714cec24368e8c0c3094ed353d590b32b00ffaa782555cf0f2cef6fbfe01add053cb96a9ccad0ddc99b6fbb922cd00dec303d628289843f17dc2dd145fcb507c65fafad0125cd81e01d89db180c3f4ce304991d796c87b4f273260812929e0a518780167489ce8d4282ba9d53eeb3ebb249a7d15139056fcbc37ccf6d9f9c44936aa96f9b1d9be9965c2cb0f95b4d838e99dd451b64900035f15c5942e566cea549a7fb900a766c76c77f275030842937f344ee17fccec14e58c14eee8fb39e462edb3c7ba6c489c7d3331ada9d5d9626181a61a2d78ca6c0b3047858b254be43194fb5f94e172b633dc4c2c4c9ee911655627299fa7579f2c2671c7176567e195bb154d6cd4af71a13eaf9a727d3a6b4dd6852a14c8c443aabbcb766e8ba417738a7a5cc392a8ed4d1c3b39b87c19be38f95b118e4bcf5d42402d70379a20393f2b5e3e4dba70e5bcc8373dc0fe84bfc0ac6a4267e9e36f5716cf70eb85e20717f9892830c71217c95fb612f64179acf2546934286df6529efcf5d53762d53c96c59ec5acbc65a08da76f8ff1e89a0bac78bfde18787612d3d1491ae8ae28a5f4ece0267dbae8367ceaf219cc33bbf901691ac64f599e1427affb1712176c3902d225afe4e33eac3c03ce701fb50d20f0aa4b58285a3416ddda4b87748f7a9b5996552711f361a1896c0ce1413c580919284e6ff3eb7bfca7522d86a0c3a18c97d6752732e1d124ae6d2a2bb9adee47878875fd7cf311488a97d2894a12f3b4d744145c8d3ed6aef533f28588703bb1628388264fd1d94b35fa054a663a22d542047f1a089f7b0670a9c4dd1769510bdecccb545df9dcd43ff81361cec08ff60cadd0a0d0f4f51403454b0ccaf6b8921611a10b7e8db805e5c05bb413a311cc7788fe35e136498f089ab618a2384098406cedc65eefaee3636abbce5b4265ff05a748d13bf19678ea7182cadddd7c59ef86c476eff9090f69dc6b1b42add9d47103d16263372dc740d1853a0251d390d480e7383f3be0fbe309faa86ae3fe44ca87a3fd32e6f49ad8a8eae13c4dc864382ee80b7012f7c1b74e003a37ae27aca499e14e165ab2e7739ac8318fe35720c1e5b7f5f31ff6b6b0c25b1227f39250353a4f2f69c4908e7cbc457c5f237455367e5f42d457aae2de3cb87eaad4546d465de31d07c1870d28812651e9504c882b692e1ec25f3ea72de270dc437f4ae7c7f31938290d6a7e13ef9285de082cddcc91d7e5699438a0cfcfbcba986f0e2b1d916e649e277a062121f913312c614ac6d3998c81b1938bd0360bedb2c27280c39eaa3b81cfd56bab9aa87cccdf0125ab6fe9b0bb1e60ee8ebae26d4fc0e4935278aef43e0211d36f1fee615dbb59cb28da37fad05a89ccc435a6bd9cd88e6a56724593f5a5db6ea25298ec9104efabbc8a65bc75a8f9c76b22c2d28f65f2bd51185465c5594873aba967cd6df3a72916be6031a7b56ed9976fb1db48fb1d5af3e7949cd932cb32ba7f337bc7341382fa8192788a9eda6d69c844b90cd9bfceeb8ba5703536f9334eeb1efabb02de6e9594ccd70883be2f5f5508c6158adde35ea19160009384ec15570e2a8a31c7d16f3cf1962b3a56f516e578dc98d2bd0421e0ee652440432dd4c255452ad42171afa6b8bd367873af00266b604d5401a34e45eea22cfcb804359513235603cd504c8ff308345da31463befc763d5cd60dd27c10baa4b1336433dac7ad640753fba5f4842d82f707f793cad401056f88d1532710193119e992677a4e48f5dc70ced64339a483a3883fd95e21f32ef603f452045ca0ad0b21e439eeeca0b00cbee143158f445fcf69b14f16c4aa7b47c7192ce821c368d57caeaa1da9b42c1c8bf1dada1fd3d7b92daf3cb5279e5fc578de099e7ec45f7e38b31653a98006d53ef7fcd39716822cf7b0824f2556a8e2af830877e3e331bb6a31c9278697aa6cab9ec816968580f64a35af7169351d1c81fc0cbe6c5b5bbbc9d2b25b62d7000c27f3828023c3bcce22226a8c40ff1a7f4167ce93c3c07ebd859b31277854b09adc2d0d7c63b0026aa4e5e6a67256a2a1ea954465c71c159fdcb603f543da7f6a39a29faa617a4fdd520334f0945f1c7233708c13592254fcfd29188ddd062e66b94ea4edb392cbc4a5bac87267000b685c346d817fba73590e33d981daeed3301caf643cb418bf0df9b09e1b5c3b6194a0115af20ace4670a2d8d13e782266d412f0f464e3f11df2a141e451da458cba86e163206e1578b327d002d5a1b8a24e7035686e5af36d5846a3d5d92638e5f992901051395d6fcb9fa359ea1c934a4f0bc64268a88b99a09402a17a02cf93c7c79e855db26fb74b2905b4e3ed316a319f7c7d9e37f7f93629329af6156fb1bfdb127f27f158f9b602700d8986fc02f9edd7fc9b6acc433cece4f03aed8edf8d7d3bce9edd64448657ba3df5d0fc886a725ad135fcf2566b94f29c7cd2dbac3c6e5b838e0f85ba920a26c68935be333de3e21645d18f9bc8acfe4f84ed2b5b300a08949290e08f83c8da4fdc96be04d9b8a9c36089b318166d72f2d5f8184aaa3eef2b75f659c9f3712d8a66c8c043b48f4505de1f8cc54d6835a3a6407d91eea56617047e140b078409bb3299d022fd895c259cc4f2b901f2002e23c8d0afa643c339c50f08ff8f3d7f92c17ad644a3dad5a6a095992cd87defba1e9597da116938ae632c1160164f3f1f4a2e2feb1eb8a179a5308929e5fb65badc814cf6e30fa81bfc63967531e93f8644761c45f0b7d7e6163e7384f16685bf33df2fdeb27cf54edf7f9b87ae6eb60c77d197fb8b2c465165235d5a8ebc072ba72bee190a667e193e9057ae1f3e474eff54d3e8d330f0dba651cc54dcb475b307884f3d74a5b275da064f4d2063de25c8d99dc5385e1784f842924a3369af81c133385fef6efc0e8b7d9e52f4cc716836b07782844cde998def45361bf6a51d1ec5e53376251c595e017489c27680c380ad6fe44b3d4953cb9649d9b0c14c7c2333a5387f31f6dea457374bc834cb8209129c00cb56a8ffeeddcf15f93fdc9beefddb6ae5b535c8b06edb09cfb14f2e3240fb6ced025d9c9255490302573490f990bae971001cc1e8bba93c50b6fd3a5c94249b6718781776efd1efbbd5bf19ad7c5c15d780c8292073ae3f2494c070dcc6297fea78be5ef76b183b1bb00f300e46645fc22ab2a404d5dba9849370ea19d8961fb887e41d50358a8dd752d93d636f0693c3e6af18ccff4a82574dc1fe3a038b482b4ca14edfa64a8c3a0554181356b82b43732db6625c8619a2eea6a451bebba2d24940310b7dd40ae7e768ed3a115db3f0dfd06ca912a9d74142bc2e52ddf82317583b622aee9d3c36c1c604b0ac089fee53d1dce3ab25cca18b112912e2377ef028f55767586f4db93a27a17a215c463fba811df547a6c38726c94263ae4090fa2abb14e73d3329710554f56eafd2ea125319611aa66051870b13672acab2b773ce26b985db74ab2f51e421032c44cbdf2a523d277eef612c3b67819383c1fff0ad2669beb9a087bc144ede0573a13be82227228a08cc2f8b5ad05a5f3d31831763a357d58dfec1a4e94e4c6c65cf792f61a2e081e6aabb7717d91db37fb4f64b9bcdc65640833ce9dc0cf4de69e13dc5219a81cd7b2df8fbf012cbeaab5244578ac592dac0b715d5a91a4dd040d7c60950627ec2622cf4482f3568420efa31e4e0bb77bd7567868cb6f5c4b7a21b6dc8cace15687a3bbea014e78fdd4e7140fe06d8c91e76f65935510cd25c4b4226eced3780d406ab631a2ba25d52f1a3e1931d540f0c3a7ec2ba2d43e80749e2b7b5178419155cc7f69ff2c8d5a2dd941d275ca6e5f8637f1113d487379acf0232e969accb10bc273cdffbd3ee33a02d0f21872a401af794e8a008d6567e6eeea6b52575d7d79ac36f380c42801f01e08e3d45beb977d40bce86bfeacaea1a27a38434248c127eca4f77a223aae190013792a77818d053d566913630869a0f948b7714c4ed39057fa8d0aa4de9bb08e9ccb5838092ede6b749a90a2120124e0a146e092ec967b56a3ba8469433256660904dee6eb2b34cf00446216c98d748a1be1893f8877608f8bed44db52fc743eb47ba6a18aebcb20776c3f42cfae69679b5b32bbc3a26a5909848dcf65e9118ee14702c1e42fea811934a8319dd6fafa593c0648afe21b612c005775c96c6006cf910f179af08b299fdb866f77881ab7d8270f9388a901e30219d25fd9a1ad24df35adfc013237f0ae177079c4e0f90e76ccaa3a41f88c1ba1b0e6a4a3a04bffee9d170395d150ac335758d02b130f1ebf2e257a7d960d82693da9a2615949dd29a71aaedaa678729faa05cc327d7255be061e5e59f97bfb402a2f9b7c3095b0f85399e7d83a6da8c3cbd1f88535d5d44d1efdda60a9ab91542a37a65805e43d222781161035766770e24f7930099f5e08ff1efcef0985e08671c1f3e20188b3fec5ae5594fc8fa45e29be0429399a980b06954ece629e9ab0267d5bf17a638dad14079bd96fbddba65426229c69f69def765d2aae1a52a9c59c280eb5beb6ae189747bdc4774883d9e77fa3b1439e26e35c3de07e229447139129ff5d4c7f3eb7b8849c3570187786572aaf859e55cf939e0925f951acfe3240c1964ee40b3717a8a1fb2b15a0784744952535283e777b400558a4fbadd0163273d62a58fc40e124e893ca03ce0ea396762d2c0e497cfbb041d75fe678fc309f5744af7c704357d678b2600962ba7550a794f3632f802c5aaaf76541d6a4ac54900a0a8543dec8117ae961ddea6889c018e444f9a86e656579d9e748222b5efb148a174919a2c733769089f436ec59a9d4ca5d930ac16b7001ed3935448a3158ce8cafe9b82753634e9e7d9cde132550d88f6d165b04c48db6e42254c651963abd7964f2dfff92be5d4845e2d952fe37b2e19c2", 0x2000, 0x0)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$USBDEVFS_BULK(r1, 0xc0185502, &(0x7f0000000040)={{}, 0x0, 0x0, 0x0})
creat(&(0x7f0000000040)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f00000000c0)="510003000000", 0x6)

2.600759707s ago: executing program 1 (id=2481):
bpf$MAP_CREATE(0x0, &(0x7f0000000100), 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040))
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000001c0)=0x10000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.56696995s ago: executing program 2 (id=2482):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
dup2(r0, 0xffffffffffffffff)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], 0x0, 0x0, 0x0, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$l2tp6(0xa, 0x2, 0x73)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@local, @mcast1, @private0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8460000f})
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_getoverrun(0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
ioctl$mixer_OSS_GETVERSION(r5, 0x40086608, &(0x7f0000000000))

2.507416877s ago: executing program 0 (id=2483):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r0, &(0x7f0000000000)="c5", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x15}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x16, 0x0, 0x4)

2.208094935s ago: executing program 1 (id=2484):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
unshare(0x6040600)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x401c2103, 0x0)

1.492859612s ago: executing program 2 (id=2485):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x3}, 0x25)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000040)={0x0, 0x8000001, 0x0, 0x8, 0x0, "dadd1023b1df022dace17a32d21100000000de"})
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f00000006c0)=0xd)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed0744", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bind$unix(r5, &(0x7f0000000200)=@abs={0x1}, 0x6e)
getpid()
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r6, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003a9dd27753f7f0000ffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000005b00))
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)

1.106899534s ago: executing program 0 (id=2486):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x1, r1, 0x0, 0xfffffffffffffffe})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000280)={0x48, 0x1, r1, 0x0, 0xfffffffffffffffe})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r1})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x0, r1, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000})

374.186866ms ago: executing program 1 (id=2487):
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x28, 0x1, 0x0, 0x0, "", [@nested={0x105, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@dev}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x0)

253.759801ms ago: executing program 2 (id=2488):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0x1a08800, &(0x7f0000000140)=ANY=[], 0x1, 0x67c, &(0x7f0000000440)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqS1ZKK16idtD0SGU4B5CoRdhy7HwWgmSUpRQWvX92kP+gPSgQ6GXFno3pNBT21voTfRQAoVectLNZWZnpZX1kl1Z0lrN52Nm95l5Xue3M89odjET4HNr7mqaD1Nk7urra+X65sZ0a3Nj+lyd3UpSphtJs/2WYikpPkpupr3ki+XGunxxUD8fLM7e+vjTzU/aa816qco3DqvXm/V6yUSSofp9r+EjtXf7wPYON7+dKrb3sAzYlU7gYNAe7bHeT/UnPG+Bp0HRvm7uMZ6cTzJa/x2QenZonO7ojl9fsxwAAACcUc9sZStruTDocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUj//v6iXRic9kaLz/P+Relvq9K3GgMf8JB4OegAAAAAAAAAAcAy+vJWtrOVC6h/3H7V/2X+5er1YvX4h72YlC1nOtaxlPqtZzXKmkox3NTSyNr+6ujzVQ80b+9a8cbTx//Fo1QAAAAAAAADg/83PM9f+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4WRTLUfquWi530eBrNJKNJRspy68k/Oukzothv48PTHwcAAAA8kdEj1HlmK1tZy4XO+qOiuue/XN0vj+bdLGU1i1lNKwu5U99Dl3f9jc2N6dbmxvSDzY3pquMfPmprt/Pt//Y1jKrFtL972L/nF6sSY7mbxWrLtdyuBnMnjapm6cV6PNvL7k5+Vo5p7LVajyO7U7+Xnf32oG8RjkOj3wrjVaXh7YhM1mMrG3r28Eh85qfTPLSnqTS2v/m5eEhPnV0q+oz5+U69JL9+LOav/fv3P+ixmROwHYlGqkjc6Dr6Lh8e8+Qrf/7Dm/daS/fv3V25emKH0Wl5/JiY7orEC2c6Es0+y09Wkbi0vT6X7+b7uZqJvJHlLOZHmc9qFlLPjJmvj+fydbwrSsmeSN3ctfbGZ41kpP5c2rNoL2OayLkqNZ+Xq7oXspgib+dOFvJq9e9GpvKNzGQms12f8KUDP+Fq36qZttHfWX/lq9k51X9TztS91Uv+2mvB/rUvqWVcn+2Ka/ecO17ldW/ZidJzPVyP+pwbm1+qE2UfvzjKZePEPB6Jqa5IPH94JH5XnRsrraX7y/fm3zmg/fXH1l8Z3kn/6iSvzH0rj5fnMlrPJLuPjjLv+e1ZZne8RupfXNp5jT15l6q8ouicqd/b50wtIz5blb68b0s3qrwX9uYN1SP/57+68nb9vZW3/zaYeALQp/NfOz8y9p+xv499OPbLsXtjr49+59w3z700kuG/DH+rOTn0SuOl4k/5MD/Zuf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACObuW99+/Pt1oLy/snGgdnHW+iqB/kc1CZZsZyCsM4zUSRrB97yxn8fvWQ6DxE8EnbefPmU7E7ZzoxlKTe8tNk5/ipP6KjPFwUOBOurz545/rKe+9/ffHB/FsLby0sDc/MzE7Ozrw6ff3uYmthsv066FECJ2Hn74FBjwQAAAAAAAAAAADo1Wn8T4Ou7iYGuKsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGTV3Nc3hFJmavDZZrm9uTLfKpZPeKdlM0mgkxY+T4qPkZtpLxruaKw7q54PF2Vsff7r5yU5bzU75xmH1erNeL5lIMlS/7zFytPZuH9Rez4rtPSwDdqUTOBi0/wUAAP//6PAGzw==")
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = open(&(0x7f0000007fc0)='./bus\x00', 0x262043, 0x0)
r5 = open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, r5}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r6}, 0x10)
r8 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r8, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x60, 0x13, 0x53b, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_sample={0x48, 0x100, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x2}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0)
r9 = bpf$ITER_CREATE(0x21, &(0x7f00000010c0)={r4}, 0x8)
r10 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r10, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600), 0x70}}, 0x0)
sendmmsg$unix(r3, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f0000000d00)=ANY=[@ANYRES8=r5, @ANYRES8=r4, @ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX=r6, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000fa000000", @ANYRESHEX, @ANYBLOB, @ANYRESOCT=r1, @ANYRES32=r8, @ANYRESOCT=r7, @ANYRES32=r0, @ANYRES32=r9, @ANYRES32=r10], 0xa8, 0x40040}}], 0x1, 0x4000)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/address_bits', 0x200, 0x54)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB="3d00001126ee28dcd11ce5ec583d7039267bfd91e686737de5b57db34d10740fd023", @ANYRES32=0x0, @ANYBLOB="0c00990004000000580000000800010057000000080001002e0000000800db00", @ANYRES32=r11], 0x48}, 0x1, 0x0, 0x0, 0x4001}, 0x11)
ioctl$sock_SIOCSIFBR(r8, 0x8941, &(0x7f0000000680)=@add_del={0x2, &(0x7f00000001c0)='syzkaller1\x00'})
ftruncate(r5, 0x2007ffb)
sendfile(r4, r5, 0x0, 0x1000000211005)
fsopen(&(0x7f0000000000)='debugfs\x00', 0x0)

207.119064ms ago: executing program 4 (id=2489):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000b6a36b3605", @ANYRES32=r2, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c40)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_CACHEINFO={0x14, 0x6, {0x0, 0x3f}}, @IFA_ADDRESS={0x14, 0x1, @private1}]}, 0x40}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x49b, &(0x7f0000000100)="$eJzs3E9sFFUYAPBvdltaQKQioiBqEY2NxhYKCgcvGE08aGLEgx6bthCkUENrIoRoSQweDYl349GrB6/qzXgy8YpHE0NCDBfA05jZndlu909Ly7Zb2N8vWfrezJt979uZN/Nm3i4B9Kzh7J8k4pGIuB4RO6vZpQWGq3/u3Lo8effW5clYSNOT/yaVcrezfK7YbnueGSlFlL5KIvqa6527eOnsxMzM9IU8PzZ/7tOxuYuXXj1zbuL09Onp8+PHjx89cvjY6+OvrT6opHlRFtftfV/M7t/7zsfX3pustWgw/1sfR6cMx3CrplS82OnKumxHXTppsb/ZnMpR7Z79lf6/M8qtOivwUErTNB1ov3ohbXSlaQnwwEqi2y0AuqO40Gf3v8Vrg4Yem8LNE9UboCzuO/mruqYvSnmZ/ob7204ajoiPFv77LnvFOj2HAACo98uJYiTYOP4rxZ66co/mcyhDEfFYROyKiMcjYndEPBFRKftkRDzV8P7Z+CZdpv7hhnzz+Kd0474CXEE2/nsjn9taOv4rRn8xVM5zOyKKAfP0ofwzGYn+gVNnZqYPL1PHr2/9+U27dfXjv+yV1V+MBfN23OhreEA3NTE/seaAG9y8ErGvrzH+pC8iqc0EJBGxNyL2reJ9h+rSZ17+YX8t07+03MrxV6Qt59E6MFWRfh/xUnX/L8SS/b9YY7L8/OTYYMxMHxrLjoJDLev4/Y+r77erf8X4f/q7cZO3j/188n7Drsn2/7a64z+K+dvF+IeSiKQ2Xzu3+jqu/vV123uatR7/W5IPK+kt+bLPJ+bnLxyO2JK827x8fHHbIl+Uz+IfOdi6/+/Kt8k+iacjIjuIn4mIZyPiubztByLi+Yg4uEz8v735widrj399ZfFPtTz/Ldn/i/P1a0iUzx64frfNyePe9v/RSmokX9L6/JcsOUXcawM78BECAADApleKynf/S6O1dKk0Olp9BrQ7tpVmZufmXzk1+9n5qepvBIaiv1Q86ao+D+5PiuefQ3X58Yb8kfy58bflrZX86OTszFS3g4cet73S55Om/p/5p9zt1gHrzk9+oHet1P/3XNughgAbzvUfeldd/19oU2TBN2Xg4eT6D72rVf//cg3bAA+WVF+Gnqb/Q+/qiw9q6VJXWwJsNNd/6En387v+lRPpQOtVg9FcOAbXpxlbW9TVlUQ2supK7VvXslXxvym0LROl1b3hQDSvKkdX9sXpPR0/+NP8u/KdbuqPG9JPWyW6cjoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADouP8DAAD//zy63n8=")

144.520097ms ago: executing program 0 (id=2490):
socket$unix(0x1, 0x2, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/unix\x00')
lseek(r0, 0x38, 0x0)
close(0x3)
read$FUSE(r0, &(0x7f0000000c00)={0x2020}, 0x2020)

143.826542ms ago: executing program 1 (id=2491):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1000400, &(0x7f0000000200)={[{@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x41d7}}]}, 0x6, 0x588, &(0x7f00000008c0)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE01491kd7ObbOOPie3fTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vLBvdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmzvAV/rHZfpmO3OSiMiP3Jv7H3vT4RT3fqcLrsgPJb87/FzEfF8N31PtbwyAQAHK8vOR3a+P39fOpDLsmTEOgDA0ZNf889Gkta61/+zkaa1WtGHV30mzqTNVrtz+UZr/VbS6+KbTm/cbDauFH2FEZWYTvL8fERcKKbd/MJQ/mpEPB0RP6/MFPlavdVcKuU/HgDg7ND5/z+V/PxfmWRTdwgA4ChzJgeAk+fB8/90KeUAAA6P638AOHn6zv8T3fkHAI6+6tCz/yNlyaGUBQA4HCP7/98+dz/9bDL0ii8A4Khz/x8ATpQfvPlmPmU7WVK8/3rp3Y31lda7Ly412iu11fV6rd5au11bbrWWi3f2rI7YxZ3+TLPVuj3/Uqy/N9dptDtz7Y3N66ut9Vud68V7va83PFgAAOV7+rkP/5pExParM8UUvbEcHv2DAOCISyNmyi4DUI5TZRcAKM1U2QUASqM/HnjUj3tH/kRoJiLeH7+NjgV4sl36wpj+/+H/DQbvB/x/H0bHBkrW/VrrBoATaG/9/3oP4Ch7+Infg0FwnGVZYjx/ADhhJriC9xNBOOYe6/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FH6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5eDrAAD0mRqe0TtPF599F/Kf3N2q96bDLODH394dXDSPu3N3q35/POKpbuGrkc878+9koDLJPg1MvH0nIp4drn96b/mF7sinw/Hz2OcOLH4UNZwdiD/4b1RaLNv9zI/F52cmjLcPZYbj4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZw82ro+h1/7tZLvt305f/Hz/3z9XLdqaUe3fxUljvPTH745ddudU9sWpiF7snb72Z1e1SI2K/8KE8f/2pa88P+5gZb+KuBQPi7+bmuus3p5rb2z+9nsf/Gm5sdy4tbBwbf7alVeuvrwwV/RRz/V6qh/0z1cvPzW+/hFnxsSvPqL+X5+w/r/+3ztvf/Uh8b/5tVHx03jmIfHzc+I3Ym2i+ItnPhg7fHcef2lM/acG4p8e2C6fd3l4Z2P+ID/6++bSRAUFAA5Fe2NzZbHZbKxNkkhjc2Wxd6E58VYDiZnH2mrCRBzYnkcnpgcOQvWgYp0ds+g3n3mH03Gox2ffEnc+w8qVcop6Kpq9/qhHrtxdb3svQbNsD2W+OME6JTVIwKG5/6UvuyQAAAAAAAAAAAAAAMA47R92X/m3zw9F9T8MV3YdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL4+DQAA//+T6cce")
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x6}, 0x1c)
sendto$inet6(r0, &(0x7f0000000100)="80000fdc2208", 0x6, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000005ac0)="4b2491b461bedcb9048c176a7382f91f7a6483b2a1586d010993885efce3d556a22a448b9235a4a34121cc80b619b8e437e9873df079ca643e34e2bc1a535d9b2a9715b4e5857bc20df3038c4a552abba5397e029e19754b57555e01956a5f0cca8ca6a8e7047b2ecb5a9cfd9aa1073df281cf12de3a7c659616d560d5615d5e610a1f72fa41807627908f23a797dc3766289b04fa3187c07de31e49056a916103908501dd83aca8d2a5a66f6ce934164edaf5a7e372a86b3b1e66bbe3c50409717e5947cf16f71bc84ec60723acb7de047af2667135c2865db451b7c7c92c858f374e86b8bf5ece0da6c5970fccf1714fba7be72122dc6fe77b8620421b55af59d9a0256a168ffd531ff9290a3142104a55b1e5c2b11ffa0a00f7b40167c228eef62d7bfd0b50c7b07ffdea383fe89812f6e1f1b006e31d0b5fdcf7c1725f9ceb355b133ec8ab9cddfe7052d418393e5cb4b5a08bfd036e8aa93fec6a62f03cf34d0024aad605bc3344c920733ce3b4defb22a1a5839faffa2e0a1c19b3db8a499e996781e8061c0f4b9f193bbd8ae74971e821b0cf5af91ebd14f49443264e1a03e419589dff9d10e2e491a6f0a020de6afe564aa5f49342ddda455049eff63a96dd4f2db86d75b60f7617e9afe6299379b13b1d10e230e4f38941f24006eb981424264740c66afc4d3f7a78f3deffac4ae559f5d0f3da9fb7e0855b4746dda982506d1a3a52dc12d6abff23454f35d7d96a75a561b4286e4c62edb28da1899974319f3a7d5b90a3082805d6f800f3360893130281d3f1e4f5569ce40007bdd9e798b19217ff1db4b74ca41ea760c4de95680e4b82d00981271898685e618463ee69175f68b707fba213b36f63826ba07700a27d17d70e50bba2c603499285df2286b5d74926e0d0c7aec135d1981373d0db8ae14b4c4451f207ba6c9959b57f5e26cda62b9268ec21495e49beffcc8899058232cee856f26ee47afb06fd6bac8512e65bc5d4bfeedfdb75e75786e2770aa9bc89aa1e038c8b6f4b78460d4734b2ecab7d9e8609c1731731d9cf776c1334191e57cf00434e1a9745e50a54e28f324bc3dda179c57f45264c6e8f5e95b79f2934e0c2a68efa79918ec4274ec0b33120398c9c7c7c763554859a6a6ca5038cdba2d4fd04b845f4c0f0ce027d8f2a848f4cd3604fe198aa8c6668d572567855cebad36f87e6983bd88fc07357ba9d7fbbd325db7f24297b5122c9aa6eacd915d32bc87f63c108f256151a318c7061cef2fdaecede878d4ea6db06ece2a57cc01436bbba663140acbf6f33946e8349cfe41a528ce72a43c244dcd2a5d8b56934ffb2cba99a1c112c0eb4c13afaf21a88bdaf58378a1b9abc8e57b6dfbbdb66cf27b869fa74ceedf9fbf528c3e2cf8111712aa48fc62e4f2ca4ab09032d57b91dd39d7bd798a4c6d567ab75001e926ff74d71bc566d102632ac3e36852a334d8e889568d135bba35a8b77955e85982c95ef57ec4d385c9d71917b3eab51e23a646c3e4a6ecd616f007746c6a05504ba28b223e39a670005856f39e3ad012ada10dd841cc63bee98792fe8aeafb31bd9c8c2e8f5264b9abc433bfbd40fa82e9308f56134d904ee718b6804b06a3407210bb40da9231007ca30f72d0e1b24c279f5e1f57e81c0c37de3ea8adc0daabb8c1572a64ebad81be98c51dd1794594d19b1de2f9d239568515b5aac3a342a3ba4d24c5f1a83b096be25df7d1744a59a691a2b3bc73045dbd73d8392a048659bfeed84fe028fdb45959bba31c6c1d756a05c9c5275f1d4182056e6114562b9adb5dfeb7ac90e4084c61034b16974cca62b757a8040a4ad5f7e0aaca84433f1d7b86075e35b3c90249a7ecf73ce1c41fda2d55179010b51c4e80cbc0ac14bf285942710e9dcd0788ed5863250163e0d6938d3470af3e3deb61b9dcb5443378f915c25d3bb26958cbb34bfc59e770c456bbb03fda3ab9bb446144ed1ff2323d05b5fb34282fdb1567b24c511026e1d103894fcad880baddc55fb8a21c62f8baa4f460841b556ce62586e0a4953604e6322115bcf4616d6a07056c11b11506f4ef7ccd585030a1c48bee3a27e2357a8e0045177fe14de7d44b888153bfaaea4b507685c18d90aa6b8d2297d18897f82eee25c12243fb968c11bf2540bedc6354420258477eedf5d1b18da6432b9b61d1823e2b591b624642b52b1d4c5f6ec6467e72ee924d3b7cabf481c0d616288000f57a6df18deded00b7e1d9673f836b1ecc20f14fff609c839a0f18db8c60defa3aca368c48cc174753e643d32a75034d07c608545036160f304e8c7db02d96e6bdc20e5bb3c8c5c513016c0365bfdfda47100aa5aeaf1e3f751b7a5ca10ab74050ac0ccf28cf1cb13c57c9b0cd7a3c421cb604620902273aee2db6ac3047331b68460248d5d7c91bdfbd29df2f702146a3debd443c46c62705db392bdf021f89de1ffc236b9dc0f0bb94a4ca62f8e8bb0010f0585a738ef840ee980424a15d3662efc4a51965bcb6935b61308f497293e7af7ceb972fa9184aaa8433123811f825ed203b4141274c66c7334116dede159bcf62e15ab39d4fae9789052dd3a91ffd0015a25ec03fda69786a0a002abee9b0d452bde1a6eba15a01ad7c73ab90d078c1fab6775e7dde159f7d79efd28c79c598b8ee38e9a01f93c4f98ef9c1c1ddafbf2db0685a70ec0720e95702036ca46243c95c917791d80ebafe63305783efa474652245cf542a8e05e74af8b5b9efa9a31d1b5cf5d695ae84caeec2215b02d599fa85013740129c97fa6be073c02c212aa34dfb4f2084df2ba973c6a03487f2540e877ee6020a885ac8591e113f154fd954145336b338a2f7e5b4e154c9ec444febd8e9054144480990b4672d5c022ad373effa865be24d74000666943fa4c4fd5c714cf489a01da6cc3558292d0174f335707bf315a33aa0ff2586815cee5aa34f443f3297e8d83ffb38b0081ef99682d1a332f92bbd0cf159e291f8499d0f71f696b97832fd507f526c48d70fe2e2c11969a46d203f6bbbe2a91551b41ea7f0e1c4407f2c553aa11148fdb00830409e516aebe506757dc8070f8f8204522ec035574a8e7849b9d8223de69b66400095c46482d252ee3996d163bbd7afe4a9d02f65d7644d3a8be257f563d56e62c8edfe4abb173670511905aa89876a8dfe3f866706c10443863b2f0f33967a8b97fd09bd268d25772602a76953d5518fb15c987ce36ff7ef906cb8b32f1da6d6a248b1e4db10302f61feb5d0fb9a38b4583d2c59b7c3922b9f67533f7697dad383723198c8132b9f8b56c2ab4767a30b117126911e3ce3d147df6b621e6f4c6cff4b0b99b7ce2ae8c770342fea1d4e71e96b27fb08efafcf187e31e93c049c214c7c6d9db652907da7d4b274946adf25d0030c5abacbb987069f0cf977e3675fde0ad23c87edbecafcb3b63f1c96dff5406630a02b1bbf6ffdd7c2072a3e6bb536718e26fe262fd25b574495e9877bdf11fb5c4bb300b0687da710c1464841757d52be584f8783d10f857141b725b31e21e6ae56a53c033da14a7007ade63bccc1b79c27de989902fe849e6f56b7762ef00d2f5f8c8aa7a37d0d5da02f1db50b22de67f572b9f596645b5b8ad48a107c709ccdc31c2b22ccc75c6aa644cbc669eefb7b2798e848615748db19dfbb1fcd378209a08eca2db3ea53bfe0bc768cf2d4658579d7c17586c93d945cb6e85b80bcdb13f49f091272f25824ab4d361f79556d4b227164c1ed431874a88d6bb9612ea8edba924ff2be24641a1a9dc16c54290583785dd07ef437f5c4838ac4c1b2031d5f117f2fc696faf7fc76473b9066782209739956d8cc6147ca640f63db6b373d0837af31238041adb39d7ce97a5ea03b64f0a8e3301c24604026130a56f9666f270ec77bdcbe8210ce6ef1bf65f3ac73518a3bbbb18105a849ff99a2485a9cf70ed6a656d242db20b284facd0786c4c471a221df68e13a5e710977df026edb52443f59bfe48178cc50bf5042fce96a7ee788ea529b83e5cd06e42dbf49b499756271e8ad2bdeac76481eb04a36b7ca413f303da44143c691bd13c61e064e4f7ce278d9cfb105f381e0c37a5dcf0dd96ecfff04df387471a829204585fa77a671b702e6139061449647eb30584f3ce36031b5cdbddf8e04f71f517240cc8dc54fa691b531a1c6c39367e2f2d731c10d0eb706dfaa089e173f17d68385ad79d1a01d12534915e13a932106789b9527e794cace8a3faedb65042258085c1f4a61bc862fcc627a36bb2159b8197a5a350448abaeec8636d972485feb05c1a4a669ed138ca5fb1baf68d7bf643df5677ecc1b2e0d0cd6293daa2fb69c1c769c1972110034b2d247e6884b1fc741c9448fb199ba93c6dd90e406fa0e07e513511ed008d58cc4fd804cce55d4b4da598c0b6c259d311a71a02a533ad5aed6267936c4e990cbbae547ce511431ec217b19392ca7625522df6615514f1cc54d9ada3f9aa731ec1a379bffd0dc5e7dfc0befe97311995ffb3e84e7aa2fb017a6502576ceed10b07feb61c9d1c4d7cbd80f33a0f35ac97e632ab87af457e02ecb5e57eeac2103561fe22d0af63bda651ca2ff02d72cc29e8725265909bf3bae72320cc3c0d54f5d0e8cedc33f7f1eb01974a0385fe534d3f04b56a23c7fb4e48ceb3c5d52535a2adeb32d21c17ebea71696381cd87350bce38ec78ce7233bbed809609eabd442cd3e30567adb6dbd337586d54c44d701b917e2ee6c46d87132c1a8c2baeee898820fa39c1304c5590fb75b070d8231931138767e85f518556e5712b419027b0c4397fcc48b4b15cfd06bddad3dfb369bb29b13c6721cc22da9bb33d9f49b60e6cc051750dee1b20e7d084a7444be72201c3eb5bb81cce7c07c3d35b0896ed59381fd171d216df24e6061dd17ffb80e2d4e64b13f285b9ed8ade9ee4d831dd5c3a34e1420bc0ce51b6a8c8a5c315d6c10082548669eb31f6c1feb171a95749e3fb8b217867aff419a7c06b16ee024028b0d0ade0af2ba5ed09100d5f26587f686fa15a2022a35a462b7bbbeac496c096a39c4d7413450e945322cc41019cce595a3f5f96002101829b45a7d3148236692dcfcdd0bbb8f0db5b58f84d136f8db06de1b8229a99da0908abd2bddd7039a978518467d0e5b64b05ed16c0170eaa5ce390c5415d76da48c8363ce81703420780919c12a7eab01a1dc5707f72f4efb7b4e94e30a5ecd3c997f730fb39b8e4604ada9a60b57d8efb9e3806959544d83fef509cf0289e7919c9ad5b9412cbefc16ae039d41706c43911496db03dcd948c9d823ac7f804c8d7afa18f3176a2a803ae672a43981fb19aa68f566c9e6d88f583a3fc148476b019d581bdb008db71dee2af7370f30aaaf6930cc3c283ddd34c2faf87ca7ecb7922ab8904486e5b04174fa24de1d068225c32e0603ad586a6f5f7a1be1e237703b4e61d52bd6f7468f841cd92c5269b15bc69be65740f22d72c39159daa03b3a9dbddf3a2fcd212c2dbef7197234661952852d65e989302a6db5663835784e7d0a0bd6f51988d9f43b52a1b7d3d0fcfa9963549cd45d3d5486fdb639603c05dc684517532c444c0650a48331835f41373e6f6b2835caa28426d8145135b9102d31ff614e9766eb95d095376b8854f7923d0ff3ad89d253a7cb4fae9ac8189c863c23fcf234090f13750b64fbea2e9c527a37363df2f7b2db115c400dd3831b33f986b2b379ab786908ab86fffb43052f2b7dda9ddc646f534aafdb4214686d22e91fdb1de42be04bfa7327bc37a4f38b80300496ddc794cb73f4c31e558a19ebad905fb86244fac48a7784c282809556dc4b2978efc15b85764836346f9741bb5bc7cd4d454764f4a88fce7f64cd6a9a0b2eceb52c955527b327d4991bac7a1a7c0a30ec1232f53994978a4d7979d927c24c28ab052345cf89ef48ab27d5e115244dcdd1ce2c8093e753ea83351bbb03922dc4ac34633d270d2ec0156b2cece1c7c91c86f60cce3d1babe05ace441474ed90d0dd400841816419a18b715fb2ac1eb073b23f0a16741fd4596fc546c39e38087af4f96357fa8eb39047f638fbc8fbf9ba35e19e7608dfcef5e6093b5c0afded071c0cdde8fc57fdb555f2753a96cbc65393df09236b69e8a3788384d4a0b40da6b621c1052905d2a6c43bc7e181068a5907be47e224f66a777747e77523961685b672591d8a1cb4b7560ac9eb96f4346704797d786973914f7d339041f1249c93f9758314a9b7a3884b174184fcb4c3cf033c1245a6acad4ca2b6223e9fedaa1044897a9d54990eb37c2fb0ea047624115471fc69d543a6b864fd91974cdbc0242512c049f35788adc533705658c16157f479558f6ae604384249d1463f66f53f061036372bf281e425c31cc12e70c485ea561a0c7cd405d1755c7e5a5c1f734d480f6c5e9d61c60dc9abcb132bd34f6b97393569a8af11f513a747702a385711eff08422acd0f4103b9f29588e0a6f2b9e72f863c9919f594daafa0767a6bf63dd6622a0eeab18837b91201b00d4b10feabf20d47a347ace80f2c82a6bb83cb85bff6113037136684afa631b7eba48c9ff51fab22635a3b4a2a90ff91714cec24368e8c0c3094ed353d590b32b00ffaa782555cf0f2cef6fbfe01add053cb96a9ccad0ddc99b6fbb922cd00dec303d628289843f17dc2dd145fcb507c65fafad0125cd81e01d89db180c3f4ce304991d796c87b4f273260812929e0a518780167489ce8d4282ba9d53eeb3ebb249a7d15139056fcbc37ccf6d9f9c44936aa96f9b1d9be9965c2cb0f95b4d838e99dd451b64900035f15c5942e566cea549a7fb900a766c76c77f275030842937f344ee17fccec14e58c14eee8fb39e462edb3c7ba6c489c7d3331ada9d5d9626181a61a2d78ca6c0b3047858b254be43194fb5f94e172b633dc4c2c4c9ee911655627299fa7579f2c2671c7176567e195bb154d6cd4af71a13eaf9a727d3a6b4dd6852a14c8c443aabbcb766e8ba417738a7a5cc392a8ed4d1c3b39b87c19be38f95b118e4bcf5d42402d70379a20393f2b5e3e4dba70e5bcc8373dc0fe84bfc0ac6a4267e9e36f5716cf70eb85e20717f9892830c71217c95fb612f64179acf2546934286df6529efcf5d53762d53c96c59ec5acbc65a08da76f8ff1e89a0bac78bfde18787612d3d1491ae8ae28a5f4ece0267dbae8367ceaf219cc33bbf901691ac64f599e1427affb1712176c3902d225afe4e33eac3c03ce701fb50d20f0aa4b58285a3416ddda4b87748f7a9b5996552711f361a1896c0ce1413c580919284e6ff3eb7bfca7522d86a0c3a18c97d6752732e1d124ae6d2a2bb9adee47878875fd7cf311488a97d2894a12f3b4d744145c8d3ed6aef533f28588703bb1628388264fd1d94b35fa054a663a22d542047f1a089f7b0670a9c4dd1769510bdecccb545df9dcd43ff81361cec08ff60cadd0a0d0f4f51403454b0ccaf6b8921611a10b7e8db805e5c05bb413a311cc7788fe35e136498f089ab618a2384098406cedc65eefaee3636abbce5b4265ff05a748d13bf19678ea7182cadddd7c59ef86c476eff9090f69dc6b1b42add9d47103d16263372dc740d1853a0251d390d480e7383f3be0fbe309faa86ae3fe44ca87a3fd32e6f49ad8a8eae13c4dc864382ee80b7012f7c1b74e003a37ae27aca499e14e165ab2e7739ac8318fe35720c1e5b7f5f31ff6b6b0c25b1227f39250353a4f2f69c4908e7cbc457c5f237455367e5f42d457aae2de3cb87eaad4546d465de31d07c1870d28812651e9504c882b692e1ec25f3ea72de270dc437f4ae7c7f31938290d6a7e13ef9285de082cddcc91d7e5699438a0cfcfbcba986f0e2b1d916e649e277a062121f913312c614ac6d3998c81b1938bd0360bedb2c27280c39eaa3b81cfd56bab9aa87cccdf0125ab6fe9b0bb1e60ee8ebae26d4fc0e4935278aef43e0211d36f1fee615dbb59cb28da37fad05a89ccc435a6bd9cd88e6a56724593f5a5db6ea25298ec9104efabbc8a65bc75a8f9c76b22c2d28f65f2bd51185465c5594873aba967cd6df3a72916be6031a7b56ed9976fb1db48fb1d5af3e7949cd932cb32ba7f337bc7341382fa8192788a9eda6d69c844b90cd9bfceeb8ba5703536f9334eeb1efabb02de6e9594ccd70883be2f5f5508c6158adde35ea19160009384ec15570e2a8a31c7d16f3cf1962b3a56f516e578dc98d2bd0421e0ee652440432dd4c255452ad42171afa6b8bd367873af00266b604d5401a34e45eea22cfcb804359513235603cd504c8ff308345da31463befc763d5cd60dd27c10baa4b1336433dac7ad640753fba5f4842d82f707f793cad401056f88d1532710193119e992677a4e48f5dc70ced64339a483a3883fd95e21f32ef603f452045ca0ad0b21e439eeeca0b00cbee143158f445fcf69b14f16c4aa7b47c7192ce821c368d57caeaa1da9b42c1c8bf1dada1fd3d7b92daf3cb5279e5fc578de099e7ec45f7e38b31653a98006d53ef7fcd39716822cf7b0824f2556a8e2af830877e3e331bb6a31c9278697aa6cab9ec816968580f64a35af7169351d1c81fc0cbe6c5b5bbbc9d2b25b62d7000c27f3828023c3bcce22226a8c40ff1a7f4167ce93c3c07ebd859b31277854b09adc2d0d7c63b0026aa4e5e6a67256a2a1ea954465c71c159fdcb603f543da7f6a39a29faa617a4fdd520334f0945f1c7233708c13592254fcfd29188ddd062e66b94ea4edb392cbc4a5bac87267000b685c346d817fba73590e33d981daeed3301caf643cb418bf0df9b09e1b5c3b6194a0115af20ace4670a2d8d13e782266d412f0f464e3f11df2a141e451da458cba86e163206e1578b327d002d5a1b8a24e7035686e5af36d5846a3d5d92638e5f992901051395d6fcb9fa359ea1c934a4f0bc64268a88b99a09402a17a02cf93c7c79e855db26fb74b2905b4e3ed316a319f7c7d9e37f7f93629329af6156fb1bfdb127f27f158f9b602700d8986fc02f9edd7fc9b6acc433cece4f03aed8edf8d7d3bce9edd64448657ba3df5d0fc886a725ad135fcf2566b94f29c7cd2dbac3c6e5b838e0f85ba920a26c68935be333de3e21645d18f9bc8acfe4f84ed2b5b300a08949290e08f83c8da4fdc96be04d9b8a9c36089b318166d72f2d5f8184aaa3eef2b75f659c9f3712d8a66c8c043b48f4505de1f8cc54d6835a3a6407d91eea56617047e140b078409bb3299d022fd895c259cc4f2b901f2002e23c8d0afa643c339c50f08ff8f3d7f92c17ad644a3dad5a6a095992cd87defba1e9597da116938ae632c1160164f3f1f4a2e2feb1eb8a179a5308929e5fb65badc814cf6e30fa81bfc63967531e93f8644761c45f0b7d7e6163e7384f16685bf33df2fdeb27cf54edf7f9b87ae6eb60c77d197fb8b2c465165235d5a8ebc072ba72bee190a667e193e9057ae1f3e474eff54d3e8d330f0dba651cc54dcb475b307884f3d74a5b275da064f4d2063de25c8d99dc5385e1784f842924a3369af81c133385fef6efc0e8b7d9e52f4cc716836b07782844cde998def45361bf6a51d1ec5e53376251c595e017489c27680c380ad6fe44b3d4953cb9649d9b0c14c7c2333a5387f31f6dea457374bc834cb8209129c00cb56a8ffeeddcf15f93fdc9beefddb6ae5b535c8b06edb09cfb14f2e3240fb6ced025d9c9255490302573490f990bae971001cc1e8bba93c50b6fd3a5c94249b6718781776efd1efbbd5bf19ad7c5c15d780c8292073ae3f2494c070dcc6297fea78be5ef76b183b1bb00f300e46645fc22ab2a404d5dba9849370ea19d8961fb887e41d50358a8dd752d93d636f0693c3e6af18ccff4a82574dc1fe3a038b482b4ca14edfa64a8c3a0554181356b82b43732db6625c8619a2eea6a451bebba2d24940310b7dd40ae7e768ed3a115db3f0dfd06ca912a9d74142bc2e52ddf82317583b622aee9d3c36c1c604b0ac089fee53d1dce3ab25cca18b112912e2377ef028f55767586f4db93a27a17a215c463fba811df547a6c38726c94263ae4090fa2abb14e73d3329710554f56eafd2ea125319611aa66051870b13672acab2b773ce26b985db74ab2f51e421032c44cbdf2a523d277eef612c3b67819383c1fff0ad2669beb9a087bc144ede0573a13be82227228a08cc2f8b5ad05a5f3d31831763a357d58dfec1a4e94e4c6c65cf792f61a2e081e6aabb7717d91db37fb4f64b9bcdc65640833ce9dc0cf4de69e13dc5219a81cd7b2df8fbf012cbeaab5244578ac592dac0b715d5a91a4dd040d7c60950627ec2622cf4482f3568420efa31e4e0bb77bd7567868cb6f5c4b7a21b6dc8cace15687a3bbea014e78fdd4e7140fe06d8c91e76f65935510cd25c4b4226eced3780d406ab631a2ba25d52f1a3e1931d540f0c3a7ec2ba2d43e80749e2b7b5178419155cc7f69ff2c8d5a2dd941d275ca6e5f8637f1113d487379acf0232e969accb10bc273cdffbd3ee33a02d0f21872a401af794e8a008d6567e6eeea6b52575d7d79ac36f380c42801f01e08e3d45beb977d40bce86bfeacaea1a27a38434248c127eca4f77a223aae190013792a77818d053d566913630869a0f948b7714c4ed39057fa8d0aa4de9bb08e9ccb5838092ede6b749a90a2120124e0a146e092ec967b56a3ba8469433256660904dee6eb2b34cf00446216c98d748a1be1893f8877608f8bed44db52fc743eb47ba6a18aebcb20776c3f42cfae69679b5b32bbc3a26a5909848dcf65e9118ee14702c1e42fea811934a8319dd6fafa593c0648afe21b612c005775c96c6006cf910f179af08b299fdb866f77881ab7d8270f9388a901e30219d25fd9a1ad24df35adfc013237f0ae177079c4e0f90e76ccaa3a41f88c1ba1b0e6a4a3a04bffee9d170395d150ac335758d02b130f1ebf2e257a7d960d82693da9a2615949dd29a71aaedaa678729faa05cc327d7255be061e5e59f97bfb402a2f9b7c3095b0f85399e7d83a6da8c3cbd1f88535d5d44d1efdda60a9ab91542a37a65805e43d222781161035766770e24f7930099f5e08ff1efcef0985e08671c1f3e20188b3fec5ae5594fc8fa45e29be0429399a980b06954ece629e9ab0267d5bf17a638dad14079bd96fbddba65426229c69f69def765d2aae1a52a9c59c280eb5beb6ae189747bdc4774883d9e77fa3b1439e26e35c3de07e229447139129ff5d4c7f3eb7b8849c3570187786572aaf859e55cf939e0925f951acfe3240c1964ee40b3717a8a1fb2b15a0784744952535283e777b400558a4fbadd0163273d62a58fc40e124e893ca03ce0ea396762d2c0e497cfbb041d75fe678fc309f5744af7c704357d678b2600962ba7550a794f3632f802c5aaaf76541d6a4ac54900a0a8543dec8117ae961ddea6889c018e444f9a86e656579d9e748222b5efb148a174919a2c733769089f436ec59a9d4ca5d930ac16b7001ed3935448a3158ce8cafe9b82753634e9e7d9cde132550d88f6d165b04c48db6e42254c651963abd7964f2dfff92be5d4845e2d952fe37b2e19c2", 0x2000, 0x0)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$USBDEVFS_BULK(r1, 0xc0185502, &(0x7f0000000040)={{}, 0x0, 0x0, 0x0})
creat(&(0x7f0000000040)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f00000000c0)="510003000000", 0x6)

52.170313ms ago: executing program 0 (id=2492):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
connect$pppl2tp(r0, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}, 0x1, 0x3}}, 0x26)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
getsockopt$bt_BT_SECURITY(r0, 0x111, 0x5, 0x0, 0x20001f00)

0s ago: executing program 0 (id=2493):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000002200000c0000000000fee300760000000f8a49dc75000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x2c49, &(0x7f0000002240))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x18, &(0x7f0000000000), 0x1)

kernel console output (not intermixed with test programs):

ttempt to access beyond end of device
[  539.817712][T11665] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  540.814529][T11676] loop2: detected capacity change from 0 to 64
[  541.259785][T11680] netlink: 'syz.2.1788': attribute type 1 has an invalid length.
[  542.062993][    C1] DEBUG: waiting rtnl_mutex for 523 jiffies.
[  542.069083][    C1] task:syz-executor    state:D stack:21024 pid:11484 tgid:11484 ppid:11479  flags:0x00004002
[  542.079380][    C1] Call Trace:
[  542.082697][    C1]  <TASK>
[  542.085678][    C1]  __schedule+0x1800/0x4a60
[  542.090224][    C1]  ? __pfx___schedule+0x10/0x10
[  542.095181][    C1]  ? __pfx_lock_release+0x10/0x10
[  542.100273][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  542.105831][    C1]  ? schedule+0x90/0x320
[  542.110113][    C1]  schedule+0x14b/0x320
[  542.114329][    C1]  schedule_preempt_disabled+0x13/0x30
[  542.119802][    C1]  __mutex_lock+0x6a4/0xd70
[  542.124380][    C1]  ? __mutex_lock+0x527/0xd70
[  542.129095][    C1]  ? nsim_create+0x408/0x890
[  542.133754][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  542.138859][    C1]  ? kmemdup_noprof+0x45/0x60
[  542.143613][    C1]  ? nsim_udp_tunnels_info_create+0x592/0x7c0
[  542.149756][    C1]  ? get_rtnl_holder+0x144/0x190
[  542.154737][    C1]  nsim_create+0x408/0x890
[  542.159190][    C1]  ? debugfs_create_symlink+0x191/0x1f0
[  542.164830][    C1]  __nsim_dev_port_add+0x6c0/0xae0
[  542.169979][    C1]  ? __pfx___nsim_dev_port_add+0x10/0x10
[  542.175685][    C1]  ? queue_delayed_work_on+0x267/0x390
[  542.181191][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  542.187087][    C1]  ? init_timer_key+0x197/0x310
[  542.191989][    C1]  nsim_dev_port_add_all+0x33/0xf0
[  542.197173][    C1]  nsim_drv_probe+0x85f/0xb80
[  542.201875][    C1]  ? __pfx_nsim_drv_probe+0x10/0x10
[  542.207162][    C1]  ? kernfs_create_link+0x187/0x1f0
[  542.212434][    C1]  ? sysfs_do_create_link_sd+0xdd/0x110
[  542.218166][    C1]  ? driver_sysfs_add+0x1de/0x1f0
[  542.223360][    C1]  ? really_probe+0x147/0xad0
[  542.228093][    C1]  ? __pfx_nsim_bus_probe+0x10/0x10
[  542.233377][    C1]  really_probe+0x2b8/0xad0
[  542.237940][    C1]  __driver_probe_device+0x1a2/0x390
[  542.243292][    C1]  driver_probe_device+0x50/0x430
[  542.248371][    C1]  __device_attach_driver+0x2d6/0x530
[  542.253901][    C1]  bus_for_each_drv+0x24e/0x2e0
[  542.258783][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  542.264750][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  542.270169][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  542.275262][    C1]  __device_attach+0x333/0x520
[  542.280072][    C1]  ? __pfx___device_attach+0x10/0x10
[  542.285436][    C1]  bus_probe_device+0x189/0x260
[  542.290358][    C1]  device_add+0x856/0xbf0
[  542.294739][    C1]  new_device_store+0x3f3/0x890
[  542.299613][    C1]  ? kernfs_fop_write_iter+0x1eb/0x500
[  542.305142][    C1]  ? __pfx_new_device_store+0x10/0x10
[  542.310561][    C1]  ? sysfs_kf_write+0x182/0x2a0
[  542.315453][    C1]  ? bus_attr_store+0x4f/0xa0
[  542.320139][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[  542.325408][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[  542.330747][    C1]  vfs_write+0xa72/0xc90
[  542.335032][    C1]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  542.340941][    C1]  ? __pfx_vfs_write+0x10/0x10
[  542.345784][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  542.351810][    C1]  ksys_write+0x1a0/0x2c0
[  542.356225][    C1]  ? __pfx_ksys_write+0x10/0x10
[  542.361119][    C1]  ? do_syscall_64+0x100/0x230
[  542.365953][    C1]  ? do_syscall_64+0xb6/0x230
[  542.370750][    C1]  do_syscall_64+0xf3/0x230
[  542.375295][    C1]  ? clear_bhb_loop+0x35/0x90
[  542.379985][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.385953][    C1] RIP: 0033:0x7f6e7237475f
[  542.390396][    C1] RSP: 002b:00007ffd4054af30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  542.398872][    C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f6e7237475f
[  542.406928][    C1] RDX: 0000000000000003 RSI: 00007ffd4054af80 RDI: 0000000000000005
[  542.414961][    C1] RBP: 00007f6e723e45c4 R08: 0000000000000000 R09: 00007ffd4054ad87
[  542.422988][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  542.430991][    C1] R13: 00007ffd4054af80 R14: 00007f6e73034620 R15: 0000000000000003
[  542.439048][    C1]  </TASK>
[  542.442085][    C1] DEBUG: waiting rtnl_mutex for 560 jiffies.
[  542.448101][    C1] task:syz-executor    state:D stack:20816 pid:11522 tgid:11522 ppid:11502  flags:0x00000000
[  542.458321][    C1] Call Trace:
[  542.461693][    C1]  <TASK>
[  542.464692][    C1]  __schedule+0x1800/0x4a60
[  542.469290][    C1]  ? __pfx___schedule+0x10/0x10
[  542.474226][    C1]  ? __pfx_lock_release+0x10/0x10
[  542.479345][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  542.484971][    C1]  ? schedule+0x90/0x320
[  542.489266][    C1]  schedule+0x14b/0x320
[  542.493488][    C1]  schedule_preempt_disabled+0x13/0x30
[  542.498981][    C1]  __mutex_lock+0x6a4/0xd70
[  542.503557][    C1]  ? __mutex_lock+0x527/0xd70
[  542.508286][    C1]  ? rtnetlink_rcv_msg+0x847/0x1180
[  542.513574][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  542.518652][    C1]  ? get_rtnl_holder+0x144/0x190
[  542.523654][    C1]  rtnetlink_rcv_msg+0x847/0x1180
[  542.528753][    C1]  ? rtnetlink_rcv_msg+0x208/0x1180
[  542.534039][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  542.539539][    C1]  ? is_bpf_text_address+0x285/0x2a0
[  542.544909][    C1]  ? __pfx_validate_chain+0x10/0x10
[  542.550154][    C1]  ? __pfx_validate_chain+0x10/0x10
[  542.555421][    C1]  ? arch_stack_walk+0x16d/0x1b0
[  542.560377][    C1]  ? mark_lock+0x9a/0x360
[  542.564775][    C1]  ? __pfx_validate_chain+0x10/0x10
[  542.570017][    C1]  ? __lock_acquire+0x1359/0x2000
[  542.575134][    C1]  ? mark_lock+0x9a/0x360
[  542.579509][    C1]  ? __lock_acquire+0x1359/0x2000
[  542.584636][    C1]  netlink_rcv_skb+0x1e3/0x430
[  542.589535][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  542.595061][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  542.600423][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  542.605779][    C1]  netlink_unicast+0x7f0/0x990
[  542.610591][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  542.615940][    C1]  ? __virt_addr_valid+0x183/0x530
[  542.621098][    C1]  ? __check_object_size+0x49c/0x900
[  542.626454][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  542.631658][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  542.636508][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  542.641820][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  542.647844][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  542.652812][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  542.658170][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  542.663726][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  542.669026][    C1]  __sock_sendmsg+0x221/0x270
[  542.673770][    C1]  __sys_sendto+0x3a4/0x4f0
[  542.678349][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  542.683475][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  542.689497][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  542.695900][    C1]  __x64_sys_sendto+0xde/0x100
[  542.700713][    C1]  do_syscall_64+0xf3/0x230
[  542.705257][    C1]  ? clear_bhb_loop+0x35/0x90
[  542.709977][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.715934][    C1] RIP: 0033:0x7fd98eb7796c
[  542.720408][    C1] RSP: 002b:00007ffe19208d60 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  542.728887][    C1] RAX: ffffffffffffffda RBX: 00007fd98f834620 RCX: 00007fd98eb7796c
[  542.736962][    C1] RDX: 0000000000000064 RSI: 00007fd98f834670 RDI: 0000000000000003
[  542.745117][    C1] RBP: 0000000000000000 R08: 00007ffe19208db4 R09: 000000000000000c
[  542.753166][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  542.761164][    C1] R13: 0000000000000000 R14: 00007fd98f834670 R15: 0000000000000000
[  542.769200][    C1]  </TASK>
[  542.772231][    C1] DEBUG: holding rtnl_mutex for 593 jiffies.
[  542.778265][    C1] task:kworker/u8:5    state:D stack:20536 pid:968   tgid:968   ppid:2      flags:0x00004000
[  542.788512][    C1] Workqueue: netns cleanup_net
[  542.793355][    C1] Call Trace:
[  542.796663][    C1]  <TASK>
[  542.799636][    C1]  __schedule+0x1800/0x4a60
[  542.804263][    C1]  ? __pfx___schedule+0x10/0x10
[  542.809178][    C1]  ? __pfx_lock_release+0x10/0x10
[  542.814289][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  542.820221][    C1]  ? kthread_data+0x52/0xd0
[  542.824784][    C1]  ? wq_worker_sleeping+0x66/0x240
[  542.829920][    C1]  ? schedule+0x90/0x320
[  542.834221][    C1]  schedule+0x14b/0x320
[  542.838409][    C1]  synchronize_rcu_expedited+0x684/0x830
[  542.844118][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  542.850323][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  542.855703][    C1]  ? __pfx___might_resched+0x10/0x10
[  542.861190][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  542.867248][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  542.873495][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  542.879896][    C1]  synchronize_rcu+0x11b/0x360
[  542.884709][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  542.890048][    C1]  lockdep_unregister_key+0x556/0x610
[  542.895485][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  542.901459][    C1]  ? rcu_is_watching+0x15/0xb0
[  542.906275][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  542.910903][    C1]  __qdisc_destroy+0x165/0x410
[  542.915762][    C1]  dev_shutdown+0x9b/0x440
[  542.920218][    C1]  unregister_netdevice_many_notify+0x9c7/0x1d20
[  542.926700][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  542.933608][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  542.939586][    C1]  ? batadv_softif_destroy_netlink+0x1e0/0x270
[  542.945823][    C1]  default_device_exit_batch+0xa0f/0xa90
[  542.951671][    C1]  ? __pfx___might_resched+0x10/0x10
[  542.957017][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  542.963254][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  542.968554][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  542.974785][    C1]  cleanup_net+0x89d/0xcc0
[  542.979239][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  542.984222][    C1]  ? process_scheduled_works+0x945/0x1830
[  542.989959][    C1]  process_scheduled_works+0xa2c/0x1830
[  542.995611][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  543.001635][    C1]  ? assign_work+0x364/0x3d0
[  543.006268][    C1]  worker_thread+0x86d/0xd40
[  543.010882][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  543.016939][    C1]  ? __kthread_parkme+0x169/0x1d0
[  543.022006][    C1]  ? __pfx_worker_thread+0x10/0x10
[  543.027163][    C1]  kthread+0x2f0/0x390
[  543.031276][    C1]  ? __pfx_worker_thread+0x10/0x10
[  543.036447][    C1]  ? __pfx_kthread+0x10/0x10
[  543.041075][    C1]  ret_from_fork+0x4b/0x80
[  543.045566][    C1]  ? __pfx_kthread+0x10/0x10
[  543.050203][    C1]  ret_from_fork_asm+0x1a/0x30
[  543.055072][    C1]  </TASK>
[  543.058198][    C1] 
[  543.058198][    C1] Showing all locks held in the system:
[  543.066028][    C1] 3 locks held by kworker/u8:3/53:
[  543.071164][    C1]  #0: ffff888029d26948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  543.082798][    C1]  #1: ffffc90000bd7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  543.096609][    C1]  #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  543.106252][    C1] 5 locks held by kworker/u8:5/968:
[  543.111482][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  543.122444][    C1]  #1: ffffc90003ed7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  543.133107][    C1]  #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  543.142606][    C1]  #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  543.152727][    C1]  #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  543.163796][    C1] 3 locks held by kworker/u8:6/1087:
[  543.169112][    C1]  #0: ffff8880b943ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  543.179266][    C1]  #1: ffff8880b9428948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x3a7/0x770
[  543.190718][    C1]  #2: ffff8880b942a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240
[  543.200109][    C1] 2 locks held by getty/4849:
[  543.204830][    C1]  #0: ffff88802a5e60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  543.214711][    C1]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  543.224939][    C1] 3 locks held by kworker/1:3/5148:
[  543.230162][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  543.241212][    C1]  #1: ffffc90003de7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  543.252261][    C1]  #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  543.261406][    C1] 7 locks held by syz-executor/11484:
[  543.266852][    C1]  #0: ffff88801e41a420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  543.275870][    C1]  #1: ffff88802d730488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  543.285806][    C1]  #2: ffff888022499b48 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  543.295898][    C1]  #3: ffffffff8ef05248 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890
[  543.306356][    C1]  #4: ffff88805cf440e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520
[  543.315656][    C1]  #5: ffff88805cf40250 (&devlink->lock_key#23){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80
[  543.325775][    C1]  #6: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nsim_create+0x408/0x890
[  543.334753][    C1] 1 lock held by syz-executor/11522:
[  543.340087][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  543.349660][    C1] 2 locks held by syz.3.1773/11632:
[  543.354905][    C1]  #0: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  543.365097][    C1]  #1: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  543.375025][    C1] 2 locks held by syz.4.1785/11667:
[  543.380247][    C1]  #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0
[  543.389045][    C1]  #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x78b/0x1cd0
[  543.397897][    C1] 1 lock held by syz.4.1785/11668:
[  543.403049][    C1]  #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0
[  543.411784][    C1] 1 lock held by syz.2.1789/11682:
[  543.416948][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  543.426591][    C1] 
[  543.428940][    C1] =============================================
[  543.428940][    C1] 
[  543.651490][  T968] team0 (unregistering): Port device team_slave_1 removed
[  543.748653][  T968] team0 (unregistering): Port device team_slave_0 removed
[  544.469544][    C1] DEBUG: waiting rtnl_mutex for 664 jiffies.
[  544.475639][    C1] task:kworker/1:3     state:D stack:19920 pid:5148  tgid:5148  ppid:2      flags:0x00004000
[  544.485967][    C1] Workqueue: events linkwatch_event
[  544.491232][    C1] Call Trace:
[  544.494594][    C1]  <TASK>
[  544.497569][    C1]  __schedule+0x1800/0x4a60
[  544.502144][    C1]  ? __pfx___schedule+0x10/0x10
[  544.507088][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  544.513187][    C1]  ? __pfx_lock_release+0x10/0x10
[  544.518280][    C1]  ? kick_pool+0x45c/0x620
[  544.522880][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[  544.528324][    C1]  ? schedule+0x90/0x320
[  544.532609][    C1]  schedule+0x14b/0x320
[  544.536874][    C1]  schedule_preempt_disabled+0x13/0x30
[  544.542416][    C1]  __mutex_lock+0x6a4/0xd70
[  544.547028][    C1]  ? __mutex_lock+0x527/0xd70
[  544.551785][    C1]  ? linkwatch_event+0xe/0x60
[  544.556572][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  544.561757][    C1]  ? get_rtnl_holder+0x144/0x190
[  544.566786][    C1]  ? process_scheduled_works+0x945/0x1830
[  544.572570][    C1]  linkwatch_event+0xe/0x60
[  544.577167][    C1]  process_scheduled_works+0xa2c/0x1830
[  544.582802][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  544.588903][    C1]  ? assign_work+0x364/0x3d0
[  544.593593][    C1]  worker_thread+0x86d/0xd40
[  544.598261][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  544.604259][    C1]  ? __kthread_parkme+0x169/0x1d0
[  544.609343][    C1]  ? __pfx_worker_thread+0x10/0x10
[  544.614525][    C1]  kthread+0x2f0/0x390
[  544.618613][    C1]  ? __pfx_worker_thread+0x10/0x10
[  544.623784][    C1]  ? __pfx_kthread+0x10/0x10
[  544.628426][    C1]  ret_from_fork+0x4b/0x80
[  544.632963][    C1]  ? __pfx_kthread+0x10/0x10
[  544.637614][    C1]  ret_from_fork_asm+0x1a/0x30
[  544.642411][    C1]  </TASK>
[  544.645501][    C1] DEBUG: waiting rtnl_mutex for 604 jiffies.
[  544.651504][    C1] task:syz.4.1785      state:D stack:23800 pid:11667 tgid:11666 ppid:7077   flags:0x00004004
[  544.661801][    C1] Call Trace:
[  544.665161][    C1]  <TASK>
[  544.668132][    C1]  __schedule+0x1800/0x4a60
[  544.672741][    C1]  ? __pfx___schedule+0x10/0x10
[  544.677714][    C1]  ? __pfx_lock_release+0x10/0x10
[  544.682778][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  544.688364][    C1]  ? schedule+0x90/0x320
[  544.692763][    C1]  schedule+0x14b/0x320
[  544.697036][    C1]  schedule_preempt_disabled+0x13/0x30
[  544.702551][    C1]  __mutex_lock+0x6a4/0xd70
[  544.707164][    C1]  ? __mutex_lock+0x527/0xd70
[  544.711895][    C1]  ? ppp_ioctl+0x78b/0x1cd0
[  544.716469][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  544.721519][    C1]  ? alloc_netdev_mqs+0xb6f/0xff0
[  544.726717][    C1]  ? get_rtnl_holder+0x144/0x190
[  544.731717][    C1]  ppp_ioctl+0x78b/0x1cd0
[  544.736128][    C1]  ? __pfx_ppp_ioctl+0x10/0x10
[  544.740938][    C1]  ? __fget_files+0x3f6/0x470
[  544.745704][    C1]  ? __fget_files+0x29/0x470
[  544.750361][    C1]  ? bpf_lsm_file_ioctl+0x9/0x10
[  544.755386][    C1]  ? security_file_ioctl+0x87/0xb0
[  544.760531][    C1]  ? __pfx_ppp_ioctl+0x10/0x10
[  544.765451][    C1]  __se_sys_ioctl+0xfc/0x170
[  544.770879][    C1]  do_syscall_64+0xf3/0x230
[  544.775463][    C1]  ? clear_bhb_loop+0x35/0x90
[  544.780176][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.786159][    C1] RIP: 0033:0x7f0499775bd9
[  544.790623][    C1] RSP: 002b:00007f049a5cb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  544.799116][    C1] RAX: ffffffffffffffda RBX: 00007f0499903f60 RCX: 00007f0499775bd9
[  544.807167][    C1] RDX: 0000000020001400 RSI: 00000000c004743e RDI: 0000000000000003
[  544.815233][    C1] RBP: 00007f04997e4e60 R08: 0000000000000000 R09: 0000000000000000
[  544.823292][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  544.831295][    C1] R13: 000000000000000b R14: 00007f0499903f60 R15: 00007ffe0cba9c08
[  544.839342][    C1]  </TASK>
[  544.842379][    C1] DEBUG: waiting rtnl_mutex for 800 jiffies.
[  544.848413][    C1] task:syz-executor    state:D stack:21024 pid:11484 tgid:11484 ppid:11479  flags:0x00004002
[  544.858649][    C1] Call Trace:
[  544.861949][    C1]  <TASK>
[  544.864939][    C1]  __schedule+0x1800/0x4a60
[  544.869497][    C1]  ? __pfx___schedule+0x10/0x10
[  544.874480][    C1]  ? __pfx_lock_release+0x10/0x10
[  544.879544][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  544.885080][    C1]  ? schedule+0x90/0x320
[  544.889440][    C1]  schedule+0x14b/0x320
[  544.893656][    C1]  schedule_preempt_disabled+0x13/0x30
[  544.899175][    C1]  __mutex_lock+0x6a4/0xd70
[  544.903749][    C1]  ? __mutex_lock+0x527/0xd70
[  544.908484][    C1]  ? nsim_create+0x408/0x890
[  544.913157][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  544.918220][    C1]  ? kmemdup_noprof+0x45/0x60
[  544.922966][    C1]  ? nsim_udp_tunnels_info_create+0x592/0x7c0
[  544.929112][    C1]  ? get_rtnl_holder+0x144/0x190
[  544.934139][    C1]  nsim_create+0x408/0x890
[  544.938622][    C1]  ? debugfs_create_symlink+0x191/0x1f0
[  544.944275][    C1]  __nsim_dev_port_add+0x6c0/0xae0
[  544.949440][    C1]  ? __pfx___nsim_dev_port_add+0x10/0x10
[  544.955212][    C1]  ? queue_delayed_work_on+0x267/0x390
[  544.960731][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  544.966611][    C1]  ? init_timer_key+0x197/0x310
[  544.971491][    C1]  nsim_dev_port_add_all+0x33/0xf0
[  544.976703][    C1]  nsim_drv_probe+0x85f/0xb80
[  544.981445][    C1]  ? __pfx_nsim_drv_probe+0x10/0x10
[  544.986719][    C1]  ? kernfs_create_link+0x187/0x1f0
[  544.991961][    C1]  ? sysfs_do_create_link_sd+0xdd/0x110
[  544.997575][    C1]  ? driver_sysfs_add+0x1de/0x1f0
[  545.002629][    C1]  ? really_probe+0x147/0xad0
[  545.007358][    C1]  ? __pfx_nsim_bus_probe+0x10/0x10
[  545.012570][    C1]  really_probe+0x2b8/0xad0
[  545.017147][    C1]  __driver_probe_device+0x1a2/0x390
[  545.022475][    C1]  driver_probe_device+0x50/0x430
[  545.027567][    C1]  __device_attach_driver+0x2d6/0x530
[  545.033022][    C1]  bus_for_each_drv+0x24e/0x2e0
[  545.037931][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  545.043994][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  545.049406][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  545.054494][    C1]  __device_attach+0x333/0x520
[  545.059310][    C1]  ? __pfx___device_attach+0x10/0x10
[  545.064703][    C1]  bus_probe_device+0x189/0x260
[  545.069730][    C1]  device_add+0x856/0xbf0
[  545.074170][    C1]  new_device_store+0x3f3/0x890
[  545.079064][    C1]  ? kernfs_fop_write_iter+0x1eb/0x500
[  545.084590][    C1]  ? __pfx_new_device_store+0x10/0x10
[  545.090034][    C1]  ? sysfs_kf_write+0x182/0x2a0
[  545.094975][    C1]  ? bus_attr_store+0x4f/0xa0
[  545.099702][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[  545.104962][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[  545.110294][    C1]  vfs_write+0xa72/0xc90
[  545.114601][    C1]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  545.120443][    C1]  ? __pfx_vfs_write+0x10/0x10
[  545.125283][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  545.131335][    C1]  ksys_write+0x1a0/0x2c0
[  545.135731][    C1]  ? __pfx_ksys_write+0x10/0x10
[  545.140611][    C1]  ? do_syscall_64+0x100/0x230
[  545.145433][    C1]  ? do_syscall_64+0xb6/0x230
[  545.150139][    C1]  do_syscall_64+0xf3/0x230
[  545.154701][    C1]  ? clear_bhb_loop+0x35/0x90
[  545.159444][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.165395][    C1] RIP: 0033:0x7f6e7237475f
[  545.169933][    C1] RSP: 002b:00007ffd4054af30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  545.178441][    C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f6e7237475f
[  545.186495][    C1] RDX: 0000000000000003 RSI: 00007ffd4054af80 RDI: 0000000000000005
[  545.194540][    C1] RBP: 00007f6e723e45c4 R08: 0000000000000000 R09: 00007ffd4054ad87
[  545.202546][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  545.210564][    C1] R13: 00007ffd4054af80 R14: 00007f6e73034620 R15: 0000000000000003
[  545.218592][    C1]  </TASK>
[  545.221620][    C1] DEBUG: waiting rtnl_mutex for 838 jiffies.
[  545.227650][    C1] task:syz-executor    state:D stack:20816 pid:11522 tgid:11522 ppid:11502  flags:0x00000000
[  545.237922][    C1] Call Trace:
[  545.241238][    C1]  <TASK>
[  545.244238][    C1]  __schedule+0x1800/0x4a60
[  545.248814][    C1]  ? __pfx___schedule+0x10/0x10
[  545.253759][    C1]  ? __pfx_lock_release+0x10/0x10
[  545.258829][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  545.264368][    C1]  ? schedule+0x90/0x320
[  545.268659][    C1]  schedule+0x14b/0x320
[  545.272909][    C1]  schedule_preempt_disabled+0x13/0x30
[  545.278398][    C1]  __mutex_lock+0x6a4/0xd70
[  545.282960][    C1]  ? __mutex_lock+0x527/0xd70
[  545.287691][    C1]  ? rtnetlink_rcv_msg+0x847/0x1180
[  545.292970][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  545.298074][    C1]  ? get_rtnl_holder+0x144/0x190
[  545.303150][    C1]  rtnetlink_rcv_msg+0x847/0x1180
[  545.308249][    C1]  ? rtnetlink_rcv_msg+0x208/0x1180
[  545.313536][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  545.319115][    C1]  ? is_bpf_text_address+0x285/0x2a0
[  545.324676][    C1]  ? __pfx_validate_chain+0x10/0x10
[  545.329929][    C1]  ? __pfx_validate_chain+0x10/0x10
[  545.335196][    C1]  ? arch_stack_walk+0x16d/0x1b0
[  545.340171][    C1]  ? mark_lock+0x9a/0x360
[  545.344563][    C1]  ? __pfx_validate_chain+0x10/0x10
[  545.349825][    C1]  ? __lock_acquire+0x1359/0x2000
[  545.355467][    C1]  ? mark_lock+0x9a/0x360
[  545.359847][    C1]  ? __lock_acquire+0x1359/0x2000
[  545.364983][    C1]  netlink_rcv_skb+0x1e3/0x430
[  545.369794][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  545.375318][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  545.380676][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  545.385937][    C1]  netlink_unicast+0x7f0/0x990
[  545.390767][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  545.396128][    C1]  ? __virt_addr_valid+0x183/0x530
[  545.401282][    C1]  ? __check_object_size+0x49c/0x900
[  545.406635][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  545.411808][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  545.416658][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  545.422008][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  545.428128][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  545.433124][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  545.438459][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  545.444003][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  545.449313][    C1]  __sock_sendmsg+0x221/0x270
[  545.454062][    C1]  __sys_sendto+0x3a4/0x4f0
[  545.458622][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  545.463761][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  545.469800][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  545.476253][    C1]  __x64_sys_sendto+0xde/0x100
[  545.481078][    C1]  do_syscall_64+0xf3/0x230
[  545.485668][    C1]  ? clear_bhb_loop+0x35/0x90
[  545.490382][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.496337][    C1] RIP: 0033:0x7fd98eb7796c
[  545.500777][    C1] RSP: 002b:00007ffe19208d60 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  545.509272][    C1] RAX: ffffffffffffffda RBX: 00007fd98f834620 RCX: 00007fd98eb7796c
[  545.517321][    C1] RDX: 0000000000000064 RSI: 00007fd98f834670 RDI: 0000000000000003
[  545.525371][    C1] RBP: 0000000000000000 R08: 00007ffe19208db4 R09: 000000000000000c
[  545.533409][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  545.541404][    C1] R13: 0000000000000000 R14: 00007fd98f834670 R15: 0000000000000000
[  545.549425][    C1]  </TASK>
[  545.552470][    C1] DEBUG: holding rtnl_mutex for 871 jiffies.
[  545.558493][    C1] task:kworker/u8:5    state:R  running task     stack:20536 pid:968   tgid:968   ppid:2      flags:0x00004008
[  545.570325][    C1] Workqueue: netns cleanup_net
[  545.575156][    C1] Call Trace:
[  545.578468][    C1]  <IRQ>
[  545.581338][    C1]  sched_show_task+0x506/0x6d0
[  545.586184][    C1]  ? report_rtnl_holders+0x29e/0x3f0
[  545.591526][    C1]  ? __pfx__printk+0x10/0x10
[  545.596200][    C1]  ? __pfx_sched_show_task+0x10/0x10
[  545.601542][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  545.607506][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  545.613909][    C1]  report_rtnl_holders+0x320/0x3f0
[  545.619084][    C1]  call_timer_fn+0x18e/0x650
[  545.623830][    C1]  ? call_timer_fn+0xc0/0x650
[  545.628551][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  545.634275][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  545.639455][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  545.645162][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  545.650847][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  545.656570][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  545.661826][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  545.667103][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  545.672781][    C1]  __run_timer_base+0x66a/0x8e0
[  545.677737][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  545.683203][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  545.689589][    C1]  run_timer_softirq+0xb7/0x170
[  545.694565][    C1]  handle_softirqs+0x2c4/0x970
[  545.699456][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  545.704374][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  545.709717][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  545.714975][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  545.719576][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  545.724838][    C1]  irq_exit_rcu+0x9/0x30
[  545.729120][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  545.734810][    C1]  </IRQ>
[  545.737741][    C1]  <TASK>
[  545.740673][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  545.746820][    C1] RIP: 0010:preempt_schedule_irq+0xf6/0x1c0
[  545.752755][    C1] Code: 89 f5 49 c1 ed 03 eb 0d 48 f7 03 08 00 00 00 0f 84 8b 00 00 00 bf 01 00 00 00 e8 15 24 c8 f5 e8 10 c3 00 f6 fb bf 01 00 00 00 <e8> 55 ad ff ff 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 45 de 5f f6 48
[  545.772413][    C1] RSP: 0018:ffffc90003ed7440 EFLAGS: 00000286
[  545.778544][    C1] RAX: a44c6f04a6043f00 RBX: 1ffff920007dae90 RCX: ffffffff816fddda
[  545.786618][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcac900 RDI: 0000000000000001
[  545.794673][    C1] RBP: ffffc90003ed7500 R08: ffffffff9301078f R09: 1ffffffff26020f1
[  545.802702][    C1] R10: dffffc0000000000 R11: fffffbfff26020f2 R12: 1ffff920007dae88
[  545.810854][    C1] R13: 1ffff920007dae8c R14: ffffc90003ed7460 R15: dffffc0000000000
[  545.818918][    C1]  ? mark_lock+0x9a/0x360
[  545.823355][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  545.829128][    C1]  irqentry_exit+0x5e/0x90
[  545.833607][    C1]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  545.839109][    C1] RIP: 0010:lockdep_unregister_key+0x56d/0x610
[  545.845464][    C1] Code: ff 92 48 c7 c6 10 bc 6f 81 e8 8f 04 0a 00 e8 fa 18 0a 00 e9 e5 fb ff ff e8 c0 62 21 0a 41 f7 c7 00 02 00 00 74 d0 fb 45 84 f6 <75> cf eb e0 90 0f 0b 90 45 31 f6 e9 62 ff ff ff 90 0f 0b 90 e9 a1
[  545.865113][    C1] RSP: 0018:ffffc90003ed75c0 EFLAGS: 00000246
[  545.871189][    C1] RAX: dffffc0000000000 RBX: 1ffff920007daec0 RCX: ffffffff947f4803
[  545.879224][    C1] RDX: 0000000000000001 RSI: ffffffff8bcad5e0 RDI: ffffffff8c207f20
[  545.887260][    C1] RBP: ffffc90003ed7698 R08: ffffffff92ffedbf R09: 1ffffffff25ffdb7
[  545.895298][    C1] R10: dffffc0000000000 R11: fffffbfff25ffdb8 R12: ffffc90003ed7600
[  545.903354][    C1] R13: 1ffff920007daebc R14: 0000000000000000 R15: 0000000000000206
[  545.911372][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  545.917352][    C1]  ? rcu_is_watching+0x15/0xb0
[  545.922169][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  545.926835][    C1]  __qdisc_destroy+0x165/0x410
[  545.931667][    C1]  dev_shutdown+0x9b/0x440
[  545.936198][    C1]  unregister_netdevice_many_notify+0x9c7/0x1d20
[  545.942602][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  545.949515][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  545.955484][    C1]  ? batadv_softif_destroy_netlink+0x1e0/0x270
[  545.961681][    C1]  default_device_exit_batch+0xa0f/0xa90
[  545.967393][    C1]  ? __pfx___might_resched+0x10/0x10
[  545.972708][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  545.978941][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  545.984312][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  545.990520][    C1]  cleanup_net+0x89d/0xcc0
[  545.995000][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  545.999976][    C1]  ? process_scheduled_works+0x945/0x1830
[  546.005755][    C1]  process_scheduled_works+0xa2c/0x1830
[  546.011532][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  546.017583][    C1]  ? assign_work+0x364/0x3d0
[  546.022211][    C1]  worker_thread+0x86d/0xd40
[  546.026877][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  546.032817][    C1]  ? __kthread_parkme+0x169/0x1d0
[  546.038103][    C1]  ? __pfx_worker_thread+0x10/0x10
[  546.043390][    C1]  kthread+0x2f0/0x390
[  546.047564][    C1]  ? __pfx_worker_thread+0x10/0x10
[  546.052735][    C1]  ? __pfx_kthread+0x10/0x10
[  546.057443][    C1]  ret_from_fork+0x4b/0x80
[  546.061908][    C1]  ? __pfx_kthread+0x10/0x10
[  546.066598][    C1]  ret_from_fork_asm+0x1a/0x30
[  546.071438][    C1]  </TASK>
[  546.074525][    C1] 
[  546.074525][    C1] Showing all locks held in the system:
[  546.082260][    C1] 2 locks held by kworker/u8:0/11:
[  546.087435][    C1]  #0: ffff8880b943ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  546.097433][    C1]  #1: ffffc90000107d00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  546.110687][    C1] 3 locks held by kworker/u8:3/53:
[  546.115853][    C1]  #0: ffff888029d26948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  546.127526][    C1]  #1: ffffc90000bd7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  546.141267][    C1]  #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  546.150844][    C1] 6 locks held by kworker/u8:5/968:
[  546.156092][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  546.167074][    C1]  #1: ffffc90003ed7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  546.177683][    C1]  #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  546.187235][    C1]  #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  546.197423][    C1]  #4: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  546.207619][    C1]  #5: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  546.217550][    C1] 2 locks held by getty/4849:
[  546.222239][    C1]  #0: ffff88802a5e60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  546.232079][    C1]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  546.242343][    C1] 3 locks held by kworker/1:3/5148:
[  546.247568][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  546.258611][    C1]  #1: ffffc90003de7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  546.269696][    C1]  #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  546.278739][    C1] 2 locks held by kworker/u8:9/6139:
[  546.284066][    C1]  #0: ffff8880b943ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  546.294063][    C1]  #1: ffffc9000486fd00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  546.307312][    C1] 1 lock held by syz-executor/10613:
[  546.312617][    C1]  #0: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  546.323563][    C1] 7 locks held by syz-executor/11484:
[  546.328933][    C1]  #0: ffff88801e41a420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  546.337992][    C1]  #1: ffff88802d730488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  546.347930][    C1]  #2: ffff888022499b48 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  546.358030][    C1]  #3: ffffffff8ef05248 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890
[  546.368464][    C1]  #4: ffff88805cf440e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520
[  546.377789][    C1]  #5: ffff88805cf40250 (&devlink->lock_key#23){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80
[  546.388047][    C1]  #6: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nsim_create+0x408/0x890
[  546.397111][    C1] 1 lock held by syz-executor/11522:
[  546.402442][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  546.412050][    C1] 2 locks held by syz.4.1785/11667:
[  546.417317][    C1]  #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0
[  546.426181][    C1]  #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x78b/0x1cd0
[  546.435119][    C1] 1 lock held by syz.4.1785/11668:
[  546.440257][    C1]  #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0
[  546.449035][    C1] 1 lock held by syz.2.1789/11682:
[  546.454216][    C1]  #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180
[  546.463863][    C1] 
[  546.466223][    C1] =============================================
[  546.466223][    C1] 
[  546.898631][T11682] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1789'.
[  547.057779][T11700] sd 0:0:1:0: device reset
[  547.804692][T11484] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  547.827993][T11484] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  547.896273][T11484] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  547.921941][T11484] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  548.347246][T11717] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1806'.
[  548.571589][T11484] 8021q: adding VLAN 0 to HW filter on device bond0
[  548.692404][T11484] 8021q: adding VLAN 0 to HW filter on device team0
[  548.756028][  T927] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.763268][  T927] bridge0: port 1(bridge_slave_0) entered forwarding state
[  548.865187][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.872488][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state
[  548.889971][T11727] loop3: detected capacity change from 0 to 256
[  549.199503][T11522] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  549.244017][T11522] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  549.276458][T11522] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  549.316679][T11522] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  549.350267][T11719] loop4: detected capacity change from 0 to 32768
[  549.420743][T11742] loop3: detected capacity change from 0 to 512
[  549.455641][T11719] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  549.499091][T11742] EXT4-fs (loop3): 1 truncate cleaned up
[  549.518566][T11522] 8021q: adding VLAN 0 to HW filter on device bond0
[  549.540626][T11742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.546894][T11522] 8021q: adding VLAN 0 to HW filter on device team0
[  549.574279][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.581481][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  549.592674][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.599919][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state
[  549.725242][T11719] XFS (loop4): Ending clean mount
[  549.763458][   T29] audit: type=1800 audit(1720491326.948:122): pid=11755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1816" name="bus" dev="loop3" ino=18 res=0 errno=0
[  549.767170][T11484] 8021q: adding VLAN 0 to HW filter on device batadv0
[  549.858844][T11522] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  549.885313][T11522] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  550.011424][ T7077] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  550.072352][T11484] veth0_vlan: entered promiscuous mode
[  550.102576][T11484] veth1_vlan: entered promiscuous mode
[  550.217094][T11484] veth0_macvtap: entered promiscuous mode
[  550.242017][T11484] veth1_macvtap: entered promiscuous mode
[  550.320029][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.340843][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.351096][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.362346][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.372350][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.383497][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.396033][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  550.406574][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.420851][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.430645][T11484] batman_adv: batadv0: Interface activated: batadv_slave_0
[  550.490232][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  550.506449][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.523743][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  550.540746][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.552369][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  550.570896][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.580968][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  550.592419][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  550.606038][T11484] batman_adv: batadv0: Interface activated: batadv_slave_1
[  550.641693][T11522] 8021q: adding VLAN 0 to HW filter on device batadv0
[  550.666996][T11484] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  550.682958][T11484] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  550.699253][T11484] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  550.708701][T11484] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  550.986380][T11768] loop2: detected capacity change from 0 to 256
[  550.991748][T11522] veth0_vlan: entered promiscuous mode
[  551.043679][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  551.051573][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  551.059345][T11522] veth1_vlan: entered promiscuous mode
[  551.247425][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  551.251126][T11522] veth0_macvtap: entered promiscuous mode
[  551.282979][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  551.316070][T11522] veth1_macvtap: entered promiscuous mode
[  551.404435][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.432920][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.457310][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.484039][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.506290][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.529204][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.552961][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.555904][T11763] loop3: detected capacity change from 0 to 40427
[  551.572617][T11763] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  551.580402][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.580431][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  551.590706][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.593073][T11522] batman_adv: batadv0: Interface activated: batadv_slave_0
[  551.622380][T11763] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  551.709905][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.757624][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.762596][T11763] F2FS-fs (loop3): Found nat_bits in checkpoint
[  551.782938][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.823701][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.852565][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.889239][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.933135][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  551.968645][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  551.975188][T11763] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  551.999033][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  552.038663][T11785] loop2: detected capacity change from 0 to 4096
[  552.053024][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  552.087044][T11763] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  552.088075][T11522] batman_adv: batadv0: Interface activated: batadv_slave_1
[  552.103831][T11785] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  552.128736][T11763] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  552.161678][T11785] ntfs3: loop2: Inode r=0 is not in use!
[  552.187479][T11522] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  552.200174][T11785] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  552.215158][T11785] ntfs3: loop2: Failed to load $MFT (-116).
[  552.229939][T11522] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  552.233804][T11763] syz.3.1819: attempt to access beyond end of device
[  552.233804][T11763] loop3: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  552.255388][T11522] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  552.273560][T11522] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  552.299317][T11796] syz.3.1819: attempt to access beyond end of device
[  552.299317][T11796] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  552.383874][T11785] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1825'.
[  552.575010][  T968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  552.601880][  T968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  552.664412][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  552.672302][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  552.947962][T11819] loop0: detected capacity change from 0 to 1024
[  553.004022][T11819] EXT4-fs: Ignoring removed orlov option
[  553.009759][T11819] EXT4-fs: Ignoring removed nomblk_io_submit option
[  553.086096][T11819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  553.277684][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.037055][T11879] loop0: detected capacity change from 0 to 2048
[  555.189931][T11879] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  555.865797][T11839] loop2: detected capacity change from 0 to 40427
[  555.880383][T11839] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  555.914856][T11839] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  555.939354][T11885] loop3: detected capacity change from 0 to 8192
[  555.970924][T11879] loop0: detected capacity change from 0 to 512
[  555.982375][T11839] F2FS-fs (loop2): Found nat_bits in checkpoint
[  555.990592][T11879] EXT4-fs: Mount option(s) incompatible with ext2
[  555.997877][T11885]  loop3: p1 p2[DM] p4
[  556.013115][T11885] loop3: p1 size 196608 extends beyond EOD, truncated
[  556.053155][T11885] loop3: p2 start 4292936063 is beyond EOD, truncated
[  556.070227][T11885] loop3: p4 size 50331648 extends beyond EOD, truncated
[  556.099544][T11879] loop0: detected capacity change from 0 to 2048
[  556.116283][T11839] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  556.163476][T11879] Alternate GPT is invalid, using primary GPT.
[  556.182033][T11879]  loop0: p2 p3 p7
[  556.216874][T11879] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.221036][T11839] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  556.225145][T11879] bridge0: port 1(bridge_slave_0) entered disabled state
[  556.267724][T11839] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  556.385783][T11839] syz.2.1841: attempt to access beyond end of device
[  556.385783][T11839] loop2: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  556.517245][T11839] syz.2.1841: attempt to access beyond end of device
[  556.517245][T11839] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  556.992945][T11926] netlink: 'syz.4.1871': attribute type 2 has an invalid length.
[  557.021983][T11926] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1871'.
[  557.617332][T11923] loop1: detected capacity change from 0 to 32768
[  557.641804][T11923] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 0 transid 8 /dev/loop1 (7:1) scanned by syz.1.1869 (11923)
[  557.655577][T11950] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1870'.
[  557.777470][ T5149] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  557.983038][ T5149] usb 4-1: Using ep0 maxpacket: 16
[  558.011487][ T5149] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  558.022164][ T5149] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  558.036370][T11958] netlink: 'syz.1.1884': attribute type 2 has an invalid length.
[  558.053056][T11958] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1884'.
[  558.061643][ T5149] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[  558.082526][ T5149] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  558.108296][ T5149] usb 4-1: Product: syz
[  558.112549][ T5149] usb 4-1: Manufacturer: syz
[  558.133034][ T5149] usb 4-1: SerialNumber: syz
[  558.159850][ T5149] usb 4-1: config 0 descriptor??
[  558.191836][ T5149] usb 4-1: NFC: intf ffff88806da77000 id ffffffff8ecbc580
[  558.443731][ T5150] usb 4-1: USB disconnect, device number 10
[  558.581124][T11946] loop0: detected capacity change from 0 to 40427
[  558.611837][T11946] F2FS-fs (loop0): invalid crc value
[  558.617202][T11974] loop1: detected capacity change from 0 to 8192
[  558.636903][T11976] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1892'.
[  558.642799][T11946] F2FS-fs (loop0): Found nat_bits in checkpoint
[  558.684231][T11974]  loop1: p1 p2[DM] p4
[  558.691487][T11974] loop1: p1 size 196608 extends beyond EOD, truncated
[  558.708984][T11946] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  558.720865][T11974] loop1: p2 start 4292936063 is beyond EOD, truncated
[  558.738122][T11974] loop1: p4 size 50331648 extends beyond EOD, truncated
[  558.762189][   T29] audit: type=1804 audit(1720491335.948:123): pid=11946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1880" name="/newroot/8/file0/cgroup.controllers" dev="loop0" ino=10 res=1 errno=0
[  558.796894][T11522] syz-executor: attempt to access beyond end of device
[  558.796894][T11522] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  558.815045][T11522] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  559.118562][T11988] netlink: 'syz.1.1898': attribute type 2 has an invalid length.
[  559.145401][T11988] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1898'.
[  559.483338][T12001] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1903'.
[  560.223240][ T5148] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  560.425323][ T5148] usb 2-1: Using ep0 maxpacket: 16
[  560.444984][ T5148] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  560.463097][ T5148] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  560.496473][ T5148] usb 2-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[  560.512909][ T5148] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  560.527105][ T5148] usb 2-1: Product: syz
[  560.541684][ T5148] usb 2-1: Manufacturer: syz
[  560.550107][ T5148] usb 2-1: SerialNumber: syz
[  560.569262][ T5148] usb 2-1: config 0 descriptor??
[  560.592556][ T5148] usb 2-1: NFC: intf ffff88807c731000 id ffffffff8ecbc580
[  560.762785][T12017] loop0: detected capacity change from 0 to 32768
[  560.844406][T12017] XFS (loop0): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  560.846079][T12007] loop4: detected capacity change from 0 to 40427
[  560.920658][ T5150] usb 2-1: USB disconnect, device number 10
[  560.947147][T12007] F2FS-fs (loop4): invalid crc value
[  560.980899][T12007] F2FS-fs (loop4): Found nat_bits in checkpoint
[  560.989106][T12023] loop3: detected capacity change from 0 to 32768
[  561.032536][T12017] XFS (loop0): Ending clean mount
[  561.050950][T12023] jfs_strtoUCS: char2uni returned -22.
[  561.062974][T12023] charset = ascii, char = 0xd5
[  561.101295][T12007] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  561.160070][   T29] audit: type=1804 audit(1720491338.348:124): pid=12007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1905" name="/newroot/318/file0/cgroup.controllers" dev="loop4" ino=10 res=1 errno=0
[  561.201979][ T7077] syz-executor: attempt to access beyond end of device
[  561.201979][ T7077] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  561.253189][ T7077] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  561.264381][T11522] XFS (loop0): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  561.781024][T12042] loop0: detected capacity change from 0 to 512
[  561.789729][T12040] loop3: detected capacity change from 0 to 2048
[  561.804895][T12040] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  561.838134][T12042] EXT4-fs (loop0): 1 truncate cleaned up
[  561.861861][T12042] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  561.997225][T12040] loop3: detected capacity change from 0 to 512
[  562.026882][T12040] EXT4-fs: Mount option(s) incompatible with ext2
[  562.070689][   T29] audit: type=1800 audit(1720491339.258:125): pid=12054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1917" name="bus" dev="loop0" ino=18 res=0 errno=0
[  562.216864][T12040] loop3: detected capacity change from 0 to 2048
[  562.283100][T12040] Alternate GPT is invalid, using primary GPT.
[  562.309206][T12040]  loop3: p2 p3 p7
[  562.445935][T12040] bridge0: port 2(bridge_slave_1) entered disabled state
[  562.453619][T12040] bridge0: port 1(bridge_slave_0) entered disabled state
[  562.739554][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  563.349222][ T1252] ieee802154 phy0 wpan0: encryption failed: -22
[  563.355872][ T1252] ieee802154 phy1 wpan1: encryption failed: -22
[  563.460997][T12072] loop4: detected capacity change from 0 to 32768
[  563.475549][T12072] XFS: ikeep mount option is deprecated.
[  563.495266][T12072] XFS: ikeep mount option is deprecated.
[  563.532193][T12099] loop3: detected capacity change from 0 to 8
[  563.539552][T12072] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  563.549660][T12100] loop1: detected capacity change from 0 to 512
[  563.568615][T12100] EXT4-fs (loop1): 1 truncate cleaned up
[  563.578650][T12100] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  563.704230][T12072] XFS (loop4): Ending clean mount
[  563.736203][   T29] audit: type=1800 audit(1720491340.918:126): pid=12108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1937" name="bus" dev="loop1" ino=18 res=0 errno=0
[  564.117698][ T7077] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  564.321349][T12112] loop3: detected capacity change from 0 to 512
[  564.335660][T12112] EXT4-fs: Ignoring removed orlov option
[  564.376191][T12112] EXT4-fs error (device loop3): dx_probe:822: inode #2: comm syz.3.1940: Attempting to read directory block (0) that is past i_size (256)
[  564.469449][T12112] EXT4-fs (loop3): Remounting filesystem read-only
[  564.498522][T12112] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  564.528021][T12112] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  564.572022][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.689844][T12112] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  564.792205][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.247676][T12129] rdma_op ffff8880513c81f0 conn xmit_rdma 0000000000000000
[  565.402300][T12134] loop1: detected capacity change from 0 to 512
[  565.419787][T12134] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  565.482516][T12134] EXT4-fs (loop1): 1 truncate cleaned up
[  565.490423][T12134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  565.546319][T12134] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2856: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  565.656555][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.075892][T12148] loop3: detected capacity change from 0 to 2048
[  566.109411][T12148] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.143087][T12148] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  566.276820][T12160] rdma_op ffff888064c061f0 conn xmit_rdma 0000000000000000
[  566.296747][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.435331][T12168] loop3: detected capacity change from 0 to 512
[  566.437789][T12166] loop0: detected capacity change from 0 to 512
[  566.453780][T12168] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  566.467794][T12166] EXT4-fs: Ignoring removed orlov option
[  566.480014][T12166] EXT4-fs error (device loop0): dx_probe:822: inode #2: comm syz.0.1962: Attempting to read directory block (0) that is past i_size (256)
[  566.495302][T12166] EXT4-fs (loop0): Remounting filesystem read-only
[  566.496171][T12168] EXT4-fs (loop3): 1 truncate cleaned up
[  566.501887][T12166] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  566.521843][T12166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  566.521852][T12168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.563861][T12171] loop1: detected capacity change from 0 to 1024
[  566.576933][T12171] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  566.589070][T12174] loop4: detected capacity change from 0 to 8
[  566.633128][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.644185][T12171] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  566.660259][T12166] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  566.762422][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.794573][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.833207][T12177] loop3: detected capacity change from 0 to 4096
[  566.948456][T12185] loop1: detected capacity change from 0 to 256
[  567.218092][T12193] rdma_op ffff888021d409f0 conn xmit_rdma 0000000000000000
[  567.388192][T12194] loop3: detected capacity change from 0 to 2048
[  567.477797][T12194] hpfs: filesystem error: invalid number of hotfixes: 266, used: 2; already mounted read-only
[  567.515438][T12194] hpfs: filesystem error: improperly stopped
[  567.521526][T12194] hpfs: filesystem error: sector(s) 'dir_band' badly placed at 7b318cc2
[  567.677999][T12202] loop4: detected capacity change from 0 to 8
[  567.937378][T12208] loop1: detected capacity change from 0 to 1024
[  567.958705][T12208] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  568.002601][T12208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  568.075303][T12215] loop3: detected capacity change from 0 to 128
[  568.216910][T12215] Process accounting resumed
[  568.226639][T12215] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 545)
[  568.239100][T12215] FAT-fs (loop3): Filesystem has been set read-only
[  568.253439][T12215] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  568.441632][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.520008][T12221] rdma_op ffff8880653331f0 conn xmit_rdma 0000000000000000
[  568.795922][T12225] loop1: detected capacity change from 0 to 512
[  569.467520][T12225] EXT4-fs (loop1): 1 truncate cleaned up
[  569.530174][T12225] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  569.782262][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.209665][T12253] loop3: detected capacity change from 0 to 128
[  571.271391][T12253] Process accounting resumed
[  571.278532][T12253] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 545)
[  571.287791][T12253] FAT-fs (loop3): Filesystem has been set read-only
[  571.294858][T12253] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  571.864006][ T5150] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  572.052939][ T5150] usb 5-1: Using ep0 maxpacket: 8
[  572.063830][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  572.078962][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  572.114633][ T5150] usb 5-1: New USB device found, idVendor=05ac, idProduct=9219, bcdDevice=61.da
[  572.134214][ T5150] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  572.157775][ T5150] usb 5-1: Manufacturer: syz
[  572.219820][ T5150] usb 5-1: config 0 descriptor??
[  572.219942][T12285] loop0: detected capacity change from 0 to 128
[  572.230801][ T5150] appledisplay 5-1:0.0: Submitting URB failed
[  572.245521][ T5150] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -5
[  572.389455][T12285] Process accounting resumed
[  572.400300][T12285] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 545)
[  572.411612][T12285] FAT-fs (loop0): Filesystem has been set read-only
[  572.428364][T12285] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  572.486495][ T5149] usb 5-1: USB disconnect, device number 17
[  573.180597][ T5102] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  573.198386][ T5102] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  573.216939][ T5102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  573.229841][ T5102] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  573.238161][ T5102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  573.245717][ T5102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  573.874083][T12311] loop0: detected capacity change from 0 to 2048
[  573.952288][T12311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  574.087765][   T29] audit: type=1804 audit(1720491351.278:127): pid=12311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2019" name="/newroot/29/file1/file1" dev="loop0" ino=15 res=1 errno=0
[  574.115072][T12311] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  574.203996][T12311] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  574.276554][T12311] EXT4-fs (loop0): This should not happen!! Data will be lost
[  574.276554][T12311] 
[  574.339252][T12311] EXT4-fs (loop0): Total free blocks count 0
[  574.391880][T12311] EXT4-fs (loop0): Free/Dirty block details
[  574.398289][T12311] EXT4-fs (loop0): free_blocks=2415919104
[  574.413496][T12311] EXT4-fs (loop0): dirty_blocks=32
[  574.437762][T12295] chnl_net:caif_netlink_parms(): no params data found
[  574.451539][T12311] EXT4-fs (loop0): Block reservation details
[  575.948234][T12331] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  576.385289][ T5114] Bluetooth: hci3: command tx timeout
[  576.402996][T12311] EXT4-fs (loop0): i_reserved_data_blocks=2
[  576.545833][T12333] loop4: detected capacity change from 0 to 256
[  576.918970][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  577.252990][    T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  577.597009][T12295] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.711937][    T9] usb 4-1: Using ep0 maxpacket: 16
[  578.079356][    T9] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  578.420473][T12295] bridge0: port 1(bridge_slave_0) entered disabled state
[  578.450314][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.459224][T12295] bridge_slave_0: entered allmulticast mode
[  578.473165][ T5102] Bluetooth: hci3: command tx timeout
[  578.500697][T12295] bridge_slave_0: entered promiscuous mode
[  578.508528][    T9] usb 4-1: Product: syz
[  578.516434][    T9] usb 4-1: Manufacturer: syz
[  578.555914][    T9] usb 4-1: SerialNumber: syz
[  578.576434][T12295] bridge0: port 2(bridge_slave_1) entered blocking state
[  578.587549][T12360] tmpfs: Bad value for 'mpol'
[  578.602174][    T9] usb 4-1: config 0 descriptor??
[  578.607355][T12295] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.607628][T12295] bridge_slave_1: entered allmulticast mode
[  578.641052][T12295] bridge_slave_1: entered promiscuous mode
[  578.864709][T12295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  578.926614][T12295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  579.112279][T12295] team0: Port device team_slave_0 added
[  579.113029][ T5148] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  579.140241][T12295] team0: Port device team_slave_1 added
[  579.274754][T12295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  579.292058][T12295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  579.307579][   T47] usb 4-1: USB disconnect, device number 11
[  579.346061][T12295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  579.366143][ T5148] usb 5-1: Using ep0 maxpacket: 32
[  579.392233][ T5148] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  579.393598][T12295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  579.429779][T12295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  579.437824][ T5148] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  579.491291][T12295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  579.530553][ T5148] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  579.541095][ T5148] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  579.554743][ T5148] usb 5-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15
[  579.564019][ T5148] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.631728][ T5148] usb 5-1: config 0 descriptor??
[  579.745473][T12295] hsr_slave_0: entered promiscuous mode
[  579.796482][T12295] hsr_slave_1: entered promiscuous mode
[  579.836458][T12295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  579.862941][T12295] Cannot create hsr debugfs directory
[  580.100978][ T5148] hid-generic 0003:1B96:9F0A.0008: hidraw0: USB HID v0.00 Device [HID 1b96:9f0a] on usb-dummy_hcd.4-1/input0
[  580.553495][ T5102] Bluetooth: hci3: command tx timeout
[  580.711427][T12376] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  581.254537][    T9] usb 5-1: USB disconnect, device number 18
[  581.694237][T12295] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  581.944164][T12387] loop0: detected capacity change from 0 to 2048
[  582.003512][T12387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  582.033135][T12387] ext4 filesystem being mounted at /36/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  582.127618][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.139619][T12295] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.292792][T12295] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.475838][T12295] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.603574][ T5190] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  582.623123][ T5102] Bluetooth: hci3: command tx timeout
[  582.645357][T12409] loop0: detected capacity change from 0 to 8
[  582.708149][T12409] SQUASHFS error: Unable to read inode 0x9
[  582.762211][T12295] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  582.770366][T12409] loop0: detected capacity change from 0 to 128
[  582.797700][T12295] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  582.825350][ T5190] usb 2-1: Using ep0 maxpacket: 16
[  582.825484][T12409] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  582.833669][T12295] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  582.866002][T12409] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  582.879944][T12385] loop3: detected capacity change from 0 to 40427
[  582.894125][ T5190] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  582.895041][T12295] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  582.910724][ T5190] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.929380][ T5190] usb 2-1: Product: syz
[  582.932939][T12385] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  582.936350][ T5190] usb 2-1: Manufacturer: syz
[  582.941261][T12385] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  582.957336][ T5190] usb 2-1: SerialNumber: syz
[  582.971263][ T5190] usb 2-1: config 0 descriptor??
[  583.004000][T12385] F2FS-fs (loop3): invalid crc value
[  583.032233][T12385] F2FS-fs (loop3): Found nat_bits in checkpoint
[  583.079203][T11522] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  584.023445][T12385] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  584.030739][T12385] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  584.121878][T12295] 8021q: adding VLAN 0 to HW filter on device bond0
[  584.164575][T12385] syz.3.2040: attempt to access beyond end of device
[  584.164575][T12385] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  584.186727][ T5148] usb 2-1: USB disconnect, device number 11
[  584.200114][T12295] 8021q: adding VLAN 0 to HW filter on device team0
[  584.261624][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state
[  584.268912][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  584.312155][ T5190] bridge0: port 2(bridge_slave_1) entered blocking state
[  584.319419][ T5190] bridge0: port 2(bridge_slave_1) entered forwarding state
[  584.328205][T10613] syz-executor: attempt to access beyond end of device
[  584.328205][T10613] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  584.389044][T10613] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  584.479896][T12295] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  584.882786][T12295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  585.046603][T12295] veth0_vlan: entered promiscuous mode
[  585.089008][T12295] veth1_vlan: entered promiscuous mode
[  585.094906][ T5150] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  585.214974][T12295] veth0_macvtap: entered promiscuous mode
[  585.227785][T12425] loop4: detected capacity change from 0 to 32768
[  585.244582][T12295] veth1_macvtap: entered promiscuous mode
[  585.275639][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.287455][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.298147][ T5150] usb 1-1: Using ep0 maxpacket: 32
[  585.303901][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.318712][T12425] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  585.328256][ T5150] usb 1-1: config 1 has an invalid interface number: 66 but max is 2
[  585.337563][ T5150] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  585.348714][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.363080][ T5150] usb 1-1: config 1 has 4 interfaces, different from the descriptor's value: 3
[  585.372969][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.384284][ T5150] usb 1-1: config 1 has no interface number 3
[  585.390567][ T5150] usb 1-1: too many endpoints for config 1 interface 1 altsetting 4: 123, using maximum allowed: 30
[  585.401544][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.419881][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.432056][ T5150] usb 1-1: config 1 interface 1 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 123
[  585.445471][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.455430][ T5150] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  585.468838][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.480113][ T5150] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  585.482377][T12425] XFS (loop4): Ending clean mount
[  585.489937][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.489963][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.489985][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.492414][T12295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  585.535640][ T5150] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  585.545542][ T5150] usb 1-1: config 1 interface 1 has no altsetting 2
[  585.552197][ T5150] usb 1-1: config 1 interface 2 has no altsetting 0
[  585.560944][T12425] XFS (loop4): Quotacheck needed: Please wait.
[  585.561888][ T5150] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  585.595311][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.606772][ T5150] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.618436][ T5150] usb 1-1: Product: syz
[  585.622712][ T5150] usb 1-1: Manufacturer: syz
[  585.627457][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.637928][ T5150] usb 1-1: SerialNumber: syz
[  585.644983][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.657005][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.680827][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.699083][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.716077][T12425] XFS (loop4): Quotacheck: Done.
[  585.732952][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.763509][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.782950][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.812930][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.859154][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.884554][ T5150] usb 1-1: selecting invalid altsetting 0
[  585.924498][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.940711][T12295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  585.979611][ T5150] usb 1-1: USB disconnect, device number 16
[  586.189442][T12295] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  586.391557][T12295] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  586.552352][T12295] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  586.709260][T12295] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  586.854773][ T7077] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  586.868205][T12468] loop1: detected capacity change from 0 to 128
[  587.091007][  T968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.104218][  T968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.192129][  T968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.235907][  T968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.502225][T12486] netlink: 'syz.2.2009': attribute type 1 has an invalid length.
[  587.685225][T12495] loop2: detected capacity change from 0 to 1024
[  587.727340][T12495] hfsplus: failed to load root directory
[  587.942596][T12501] loop1: detected capacity change from 0 to 512
[  588.155777][T12501] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  588.264263][T12501] UDF-fs: Scanning with blocksize 512 failed
[  588.429116][T12501] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  588.554319][T12501] UDF-fs: Scanning with blocksize 1024 failed
[  588.604556][T12501] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  588.644959][T12501] UDF-fs: Scanning with blocksize 2048 failed
[  588.680444][T12501] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  588.724969][T12501] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  589.891484][T12532] loop2: detected capacity change from 0 to 1024
[  589.902921][  T927] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  589.965706][T12532] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  590.066768][T12535] loop1: detected capacity change from 0 to 512
[  590.127281][T12535] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  590.178050][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.201456][T12535] ext4 filesystem being mounted at /65/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  590.315451][  T927] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  590.335469][T12549] xt_socket: unknown flags 0x50
[  590.466318][T12535] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2088: corrupted inode contents
[  590.487363][  T927] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  590.666428][T12535] EXT4-fs error (device loop1): ext4_dirty_inode:6009: inode #2: comm syz.1.2088: mark_inode_dirty error
[  590.740012][  T927] usb 4-1: New USB device found, idVendor=1799, idProduct=011b, bcdDevice=ba.b6
[  590.840031][  T927] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.849619][T12535] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2088: corrupted inode contents
[  590.902869][  T927] usb 4-1: Product: syz
[  590.916330][T12535] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.2088: mark_inode_dirty error
[  590.932543][  T927] usb 4-1: Manufacturer: syz
[  590.954012][  T927] usb 4-1: SerialNumber: syz
[  590.994467][T12554] netlink: 'syz.2.2094': attribute type 1 has an invalid length.
[  591.062000][  T927] usb 4-1: config 0 descriptor??
[  591.073885][T12535] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  591.098327][  T927] usb 4-1: bad CDC descriptors
[  591.226467][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  591.339242][  T927] usb 4-1: USB disconnect, device number 12
[  591.366121][ T5148] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  591.573076][ T5148] usb 1-1: Using ep0 maxpacket: 32
[  591.582997][ T5148] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 59, changing to 9
[  591.617592][ T5148] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17172, setting to 1024
[  591.681181][ T5148] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  591.742589][ T5148] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.020028][ T5148] hub 1-1:4.0: USB hub found
[  592.205752][ T5148] hub 1-1:4.0: 2 ports detected
[  592.397508][ T5148] hub 1-1:4.0: hub_hub_status failed (err = -71)
[  592.429384][ T5148] hub 1-1:4.0: config failed, can't get hub status (err -71)
[  592.526356][ T5148] usb 1-1: USB disconnect, device number 17
[  593.416030][T12583] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  593.801665][T12588] loop3: detected capacity change from 0 to 512
[  593.991873][T12588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  594.079510][T12602] xt_socket: unknown flags 0x50
[  594.133260][T12588] ext4 filesystem being mounted at /148/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  594.718608][T12588] EXT4-fs error (device loop3): ext4_do_update_inode:5149: inode #2: comm syz.3.2107: corrupted inode contents
[  594.783270][T12588] EXT4-fs error (device loop3): ext4_dirty_inode:6009: inode #2: comm syz.3.2107: mark_inode_dirty error
[  594.847348][T12588] EXT4-fs error (device loop3): ext4_do_update_inode:5149: inode #2: comm syz.3.2107: corrupted inode contents
[  594.897344][T12607] netlink: 'syz.1.2112': attribute type 10 has an invalid length.
[  594.912881][T12588] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.2107: mark_inode_dirty error
[  594.951081][T12607] team0: Port device netdevsim0 added
[  594.973079][ T5150] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  594.991207][T12610] netlink: 'syz.1.2112': attribute type 10 has an invalid length.
[  595.037969][T12588] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  595.183096][ T5150] usb 5-1: Using ep0 maxpacket: 32
[  595.215448][ T5150] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  595.253136][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  595.313194][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  595.367499][ T5150] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  595.407928][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.427228][ T5150] usb 5-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15
[  595.454337][ T5150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.577425][ T5150] usb 5-1: config 0 descriptor??
[  596.675742][ T5150] hid-generic 0003:1B96:9F0A.0009: hidraw0: USB HID v0.00 Device [HID 1b96:9f0a] on usb-dummy_hcd.4-1/input0
[  597.224031][T12647] vxcan1: tx drop: invalid sa for name 0x0000000000000003
[  597.476960][ T5150] usb 5-1: USB disconnect, device number 19
[  597.839784][T12673] loop2: detected capacity change from 0 to 2048
[  597.872599][T12673] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  598.630411][T12688] xt_socket: unknown flags 0x50
[  600.128189][T12675] loop0: detected capacity change from 0 to 32768
[  600.541392][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2154'.
[  600.800294][T12716] netlink: 'syz.1.2154': attribute type 15 has an invalid length.
[  600.877965][T12716] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 65023 - 0
[  600.888515][T12716] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 65023 - 0
[  600.898192][T12716] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 65023 - 0
[  600.907614][T12716] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 65023 - 0
[  600.924410][T12675] JFS: charset not found
[  601.085531][T12716] vxlan0: entered promiscuous mode
[  601.309544][T12732] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2163'.
[  601.768536][   T25] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  602.168675][T12741] loop3: detected capacity change from 0 to 512
[  602.207292][T12741] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  602.257917][   T25] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  602.301338][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.582728][   T25] usb 1-1: config 0 descriptor??
[  602.592768][   T25] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  603.754039][   T25] gp8psk: usb in 128 operation failed.
[  603.774134][   T25] gp8psk: usb in 137 operation failed.
[  603.783942][   T25] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[  603.797209][   T25] dvb_usb_gp8psk 1-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  603.818743][   T25] usb 1-1: USB disconnect, device number 18
[  604.023690][T12767] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2176'.
[  604.095297][T12769] vxcan1: tx drop: invalid sa for name 0x0000000000000003
[  604.933061][ T5150] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  605.358187][T12805] loop0: detected capacity change from 0 to 128
[  605.836387][T12809] loop4: detected capacity change from 0 to 512
[  605.863918][T12809] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  605.886800][ T5150] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  605.912906][ T5150] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[  605.922737][ T5150] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  605.976656][ T5150] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  605.991423][ T5150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.020016][ T5150] usb 2-1: config 0 descriptor??
[  606.339666][T12819] loop3: detected capacity change from 0 to 4096
[  606.350848][T12819] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  606.409171][T12819] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[  606.463946][ T5150] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  606.483931][ T5150] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  606.506213][ T5534] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  606.507885][ T5150] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  606.711028][ T5534] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  606.740980][ T5534] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.770885][ T5534] usb 1-1: config 0 descriptor??
[  606.791105][ T5534] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  607.756618][ T5534] gp8psk: usb in 128 operation failed.
[  607.914448][ T5534] gp8psk: usb in 137 operation failed.
[  607.920258][ T5534] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[  607.953308][ T5534] dvb_usb_gp8psk 1-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  607.969808][ T5534] usb 1-1: USB disconnect, device number 19
[  608.125023][T12847] loop2: detected capacity change from 0 to 512
[  608.269491][T12853] loop2: detected capacity change from 0 to 164
[  608.653101][T12860] loop1: detected capacity change from 0 to 64
[  608.768608][  T927] usb 2-1: USB disconnect, device number 12
[  608.979603][T12868] loop2: detected capacity change from 0 to 512
[  609.095646][T12868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  609.156628][T12868] ext4 filesystem being mounted at /35/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  609.260213][T12868] EXT4-fs error (device loop2): ext4_do_update_inode:5149: inode #2: comm syz.2.2214: corrupted inode contents
[  609.283694][T12868] EXT4-fs error (device loop2): ext4_dirty_inode:6009: inode #2: comm syz.2.2214: mark_inode_dirty error
[  609.297145][T12868] EXT4-fs error (device loop2): ext4_do_update_inode:5149: inode #2: comm syz.2.2214: corrupted inode contents
[  609.312040][T12868] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.2214: mark_inode_dirty error
[  609.394973][T12868] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  609.591048][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  609.664127][T12891] loop0: detected capacity change from 0 to 512
[  609.756090][T12898] loop0: detected capacity change from 0 to 164
[  609.957304][T12888] loop1: detected capacity change from 0 to 4096
[  610.007017][T12908] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  610.079697][T12910] loop2: detected capacity change from 0 to 1024
[  610.112431][T12910] hfsplus: failed to load root directory
[  610.525471][T12921] loop2: detected capacity change from 0 to 64
[  610.564510][T12921] hfs: bad catalog namelength
[  610.573804][T12921] hfs: get root inode failed
[  610.716107][T12928] loop1: detected capacity change from 0 to 512
[  610.759043][T12928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.778976][T12928] ext4 filesystem being mounted at /100/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  610.800998][T12931] loop4: detected capacity change from 0 to 1024
[  610.886478][T12931] syz.4.2233: attempt to access beyond end of device
[  610.886478][T12931] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  610.903294][T12931] Buffer I/O error on dev loop4, logical block 100663296, async page read
[  610.913998][T12931] syz.4.2233: attempt to access beyond end of device
[  610.913998][T12931] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  610.929299][T12931] Buffer I/O error on dev loop4, logical block 100663296, async page read
[  610.958091][T12928] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2232: corrupted inode contents
[  611.003404][T12928] EXT4-fs error (device loop1): ext4_dirty_inode:6009: inode #2: comm syz.1.2232: mark_inode_dirty error
[  611.051750][T12928] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2232: corrupted inode contents
[  611.079293][T12928] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.2232: mark_inode_dirty error
[  611.181685][T12928] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  611.202377][T12940] loop0: detected capacity change from 0 to 512
[  611.338273][T12950] loop0: detected capacity change from 0 to 164
[  611.505275][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.544559][  T930] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  612.763191][  T930] usb 2-1: Using ep0 maxpacket: 32
[  612.770851][  T930] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 59, changing to 9
[  612.800233][  T930] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17172, setting to 1024
[  612.825054][  T930] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  612.843973][  T930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.860949][  T930] hub 2-1:4.0: USB hub found
[  612.941837][T12984] netlink: 'syz.4.2254': attribute type 1 has an invalid length.
[  612.995487][T12984] 8021q: adding VLAN 0 to HW filter on device bond1
[  613.006537][T12984] bond0: (slave bond1): Enslaving as an active interface with an up link
[  613.024374][T12984] bond1: entered promiscuous mode
[  613.029769][T12984] bond1: entered allmulticast mode
[  613.073543][  T930] hub 2-1:4.0: 2 ports detected
[  613.204968][T12995] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  613.257408][T12994] loop4: detected capacity change from 0 to 2048
[  613.268154][T12994] udf: Unknown parameter '�00000000000000000000000uid'
[  613.277850][  T930] hub 2-1:4.0: hub_hub_status failed (err = -71)
[  613.303220][  T930] hub 2-1:4.0: config failed, can't get hub status (err -71)
[  613.352490][  T930] usb 2-1: USB disconnect, device number 13
[  614.757949][T13016] netlink: 'syz.1.2267': attribute type 1 has an invalid length.
[  614.966567][T13016] 8021q: adding VLAN 0 to HW filter on device bond1
[  615.006804][T13016] bond0: (slave bond1): Enslaving as an active interface with an up link
[  615.092225][T13016] bond1: entered promiscuous mode
[  615.108368][T13016] bond1: entered allmulticast mode
[  615.199476][T13008] loop4: detected capacity change from 0 to 32768
[  615.247621][T13022] loop2: detected capacity change from 0 to 4096
[  615.335917][T13008] JFS: charset not found
[  615.350827][T13025] loop1: detected capacity change from 0 to 2048
[  615.368254][T13022] ntfs3: loop2: try to read out of volume at offset 0x3fffffc7000
[  615.377697][T13025] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  615.379161][T13022] ntfs3: loop2: ino=21, The size of extended attributes must not exceed 64KiB
[  615.416302][T13025] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  616.697158][T13031] loop0: detected capacity change from 0 to 2048
[  616.728309][T13031] udf: Unknown parameter '�00000000000000000000000uid'
[  616.801974][ T1087] kworker/u8:6: attempt to access beyond end of device
[  616.801974][ T1087] loop1: rw=1, sector=2355, nr_sectors = 216 limit=2048
[  618.259042][T13057] loop1: detected capacity change from 0 to 4096
[  618.406152][T13057] ntfs3: loop1: try to read out of volume at offset 0x3fffffc7000
[  618.422220][T13057] ntfs3: loop1: ino=21, The size of extended attributes must not exceed 64KiB
[  619.063427][T13080] loop1: detected capacity change from 0 to 128
[  619.457492][T13090] netlink: 'syz.4.2296': attribute type 1 has an invalid length.
[  619.625719][T13090] 8021q: adding VLAN 0 to HW filter on device bond2
[  619.687744][T13090] bond0: (slave bond2): Enslaving as an active interface with an up link
[  619.749226][T13101] bond2: entered promiscuous mode
[  619.764819][ T5114] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  619.786240][ T5114] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  619.800081][ T5114] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  619.816418][ T5114] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  619.824349][ T5114] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  619.833749][ T5114] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  619.861587][T13101] bond2: entered allmulticast mode
[  619.920276][T13106] loop0: detected capacity change from 0 to 2048
[  620.123061][T13106]  loop0: p3 < > p4 < >
[  620.127368][T13106] loop0: partition table partially beyond EOD, truncated
[  620.143742][T13106] loop0: p3 start 4284289 is beyond EOD, truncated
[  620.329395][T13110] loop1: detected capacity change from 0 to 2048
[  620.521715][T13110] NILFS (loop1): corrupt root inode
[  620.809167][T13103] chnl_net:caif_netlink_parms(): no params data found
[  620.969181][T13108] loop1: detected capacity change from 0 to 512
[  621.007660][T13108] EXT4-fs (loop1): Number of reserved GDT blocks insanely large: 40960
[  621.131221][T13103] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.143179][T13103] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.163209][T13103] bridge_slave_0: entered allmulticast mode
[  621.181642][T13103] bridge_slave_0: entered promiscuous mode
[  621.243392][T13103] bridge0: port 2(bridge_slave_1) entered blocking state
[  621.261295][T13103] bridge0: port 2(bridge_slave_1) entered disabled state
[  621.272746][T13103] bridge_slave_1: entered allmulticast mode
[  621.286829][T13103] bridge_slave_1: entered promiscuous mode
[  621.356019][T13103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  621.388898][T13103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  621.907490][ T5102] Bluetooth: hci7: command tx timeout
[  622.107849][T13103] team0: Port device team_slave_0 added
[  622.131476][T13103] team0: Port device team_slave_1 added
[  622.283231][T13103] batman_adv: batadv0: Adding interface: batadv_slave_0
[  622.301006][T13103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  622.327002][    C1] vkms_vblank_simulate: vblank timer overrun
[  622.389654][T13103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  622.428271][T13103] batman_adv: batadv0: Adding interface: batadv_slave_1
[  622.451654][T13145] loop0: detected capacity change from 0 to 512
[  622.467415][T13103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  622.493368][    C1] vkms_vblank_simulate: vblank timer overrun
[  622.515124][T13103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  622.532654][T13145] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  622.563230][T13148] netlink: 'syz.1.2314': attribute type 1 has an invalid length.
[  622.577259][T13145] EXT4-fs (loop0): 1 truncate cleaned up
[  622.586243][T13145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  622.674546][T13158] bond2: entered promiscuous mode
[  622.679649][T13158] bond2: entered allmulticast mode
[  622.716205][T13151] 8021q: adding VLAN 0 to HW filter on device bond2
[  622.744503][T13151] bond0: (slave bond2): Enslaving as an active interface with an up link
[  623.014166][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.017613][T13103] hsr_slave_0: entered promiscuous mode
[  623.035954][T13103] hsr_slave_1: entered promiscuous mode
[  623.084473][T13103] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  623.127776][T13103] Cannot create hsr debugfs directory
[  623.827771][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  624.004501][ T5102] Bluetooth: hci7: command tx timeout
[  624.211432][T13103] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.236651][T13183] loop4: detected capacity change from 0 to 256
[  624.317436][T13182] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2324'.
[  624.342756][T13183] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  624.374142][   T29] audit: type=1326 audit(1720491401.568:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13181 comm="syz.0.2324" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0
[  624.790994][ T1252] ieee802154 phy0 wpan0: encryption failed: -22
[  624.798959][ T1252] ieee802154 phy1 wpan1: encryption failed: -22
[  625.535650][T13103] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.841633][T13103] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.007809][T13103] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.063725][ T5102] Bluetooth: hci7: command tx timeout
[  626.149183][T13217] ieee802154 phy0 wpan0: encryption failed: -22
[  626.168269][T13217] loop2: detected capacity change from 0 to 512
[  626.192487][T13217] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.2335: corrupted in-inode xattr: invalid ea_ino
[  626.225614][T13217] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.2335: couldn't read orphan inode 15 (err -117)
[  626.256949][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  626.281995][T13217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  626.289361][T13103] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  626.316167][T13103] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  626.327546][T13103] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  626.349266][T13103] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  626.358516][T13217] EXT4-fs error (device loop2): ext4_lookup:1814: inode #2: comm syz.2.2335: deleted inode referenced: 15
[  626.418969][T13217] EXT4-fs error (device loop2): ext4_lookup:1814: inode #2: comm syz.2.2335: deleted inode referenced: 15
[  626.454366][T13217] EXT4-fs error (device loop2): ext4_lookup:1814: inode #2: comm syz.2.2335: deleted inode referenced: 15
[  626.530616][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  626.556737][T13225] loop1: detected capacity change from 0 to 256
[  626.602623][T13225] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  626.606906][T13103] 8021q: adding VLAN 0 to HW filter on device bond0
[  626.675948][T13225] netlink: 'syz.1.2339': attribute type 8 has an invalid length.
[  626.698377][T13103] 8021q: adding VLAN 0 to HW filter on device team0
[  626.755368][ T5534] bridge0: port 1(bridge_slave_0) entered blocking state
[  626.762651][ T5534] bridge0: port 1(bridge_slave_0) entered forwarding state
[  626.791624][ T5534] bridge0: port 2(bridge_slave_1) entered blocking state
[  626.798866][ T5534] bridge0: port 2(bridge_slave_1) entered forwarding state
[  626.952128][T13231] loop4: detected capacity change from 0 to 512
[  627.011067][T13231] EXT4-fs: Ignoring removed i_version option
[  627.063830][T13231] EXT4-fs: Ignoring removed mblk_io_submit option
[  627.108460][T13231] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  627.285091][T13231] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b056e118, mo2=0002]
[  627.571316][T13231] System zones: 1-12
[  627.873424][T13231] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.2342: corrupted in-inode xattr: e_value size too large
[  627.991580][T13231] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.2342: couldn't read orphan inode 15 (err -117)
[  628.109950][T13231] EXT4-fs (loop4): mounted filesystem 00000000-00c8-1300-0000-000000000000 r/w without journal. Quota mode: writeback.
[  628.111647][T13252] loop0: detected capacity change from 0 to 2048
[  628.144239][ T5102] Bluetooth: hci7: command tx timeout
[  628.153447][T13252] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  628.164542][T13252] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  628.178271][T13252] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  628.240289][T13103] 8021q: adding VLAN 0 to HW filter on device batadv0
[  628.339419][T13103] veth0_vlan: entered promiscuous mode
[  628.365841][T13103] veth1_vlan: entered promiscuous mode
[  628.374441][T13260] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2350'.
[  628.396950][T13260] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.404714][T13260] bridge0: port 1(bridge_slave_0) entered disabled state
[  628.417817][T13260] bridge0: entered promiscuous mode
[  628.547786][T13103] veth0_macvtap: entered promiscuous mode
[  628.570566][T13103] veth1_macvtap: entered promiscuous mode
[  628.601151][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.612173][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.613279][   T25] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  628.635499][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.646499][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.658049][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.675121][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.689139][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.700428][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.712172][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.733336][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.752604][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.764154][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.768813][T13269] loop0: detected capacity change from 0 to 7
[  628.774540][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.791484][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.796558][T13269] Dev loop0: unable to read RDB block 7
[  628.804660][T13103] batman_adv: batadv0: Interface activated: batadv_slave_0
[  628.807533][T13269]  loop0: AHDI p1
[  628.820604][T13269] loop0: partition table partially beyond EOD, truncated
[  628.836922][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.848931][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.861156][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.865349][   T25] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 149, changing to 11
[  628.885261][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.895561][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.906486][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.927762][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.934130][   T25] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  628.940278][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.960918][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.976835][   T25] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  628.986587][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.992334][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.015692][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.032370][T13231] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  629.053277][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.063692][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.074658][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.093860][T13103] batman_adv: batadv0: Interface activated: batadv_slave_1
[  629.137202][T13103] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  629.154951][T13103] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  629.164143][T13103] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  629.173469][T13103] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  629.195150][T13276] loop1: detected capacity change from 0 to 64
[  629.464019][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  629.471908][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  629.597811][T13286] loop1: detected capacity change from 0 to 1024
[  629.619440][ T6139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  629.638520][ T6139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  629.640163][   T25] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[  629.678221][   T25] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input25
[  629.694264][T13286] hfsplus: failed to load root directory
[  629.738068][T13288] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2362'.
[  629.738365][   T25] usb 5-1: USB disconnect, device number 20
[  629.748064][    C1] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  629.961392][T13296] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2364'.
[  629.995837][   T29] audit: type=1326 audit(1720491407.188:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13294 comm="syz.0.2364" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0
[  630.167070][T13298] loop1: detected capacity change from 0 to 64
[  630.198500][T13298] hfs: bad catalog namelength
[  630.207973][T13298] hfs: get root inode failed
[  630.334495][ T7077] EXT4-fs (loop4): unmounting filesystem 00000000-00c8-1300-0000-000000000000.
[  630.546211][T13313] loop4: detected capacity change from 0 to 256
[  630.556770][T13313] FAT-fs (loop4): bogus number of directory entries (4)
[  630.563842][T13313] FAT-fs (loop4): Can't find a valid FAT filesystem
[  630.732712][T13322] loop2: detected capacity change from 0 to 512
[  630.824318][T13322] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.840694][T13322] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  631.137134][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.238550][T13344] loop4: detected capacity change from 0 to 256
[  631.278142][T13345] loop0: detected capacity change from 0 to 512
[  631.314924][T13344] FAT-fs (loop4): bogus number of directory entries (4)
[  631.322255][T13344] FAT-fs (loop4): Can't find a valid FAT filesystem
[  631.330956][T13345] EXT4-fs: Ignoring removed mblk_io_submit option
[  631.342398][T13345] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  631.449053][T13345] EXT4-fs (loop0): 1 truncate cleaned up
[  631.457831][T13345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  633.404539][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.056717][T13376] loop3: detected capacity change from 0 to 512
[  634.153022][T13376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  634.209826][T13376] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  634.396393][T13389] loop1: detected capacity change from 0 to 256
[  634.423385][T13391] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2399'.
[  634.445692][T13391] bridge0: entered promiscuous mode
[  634.487232][T13103] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.544834][T13394] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2398'.
[  634.979126][T13405] loop0: detected capacity change from 0 to 512
[  635.011623][T13405] EXT4-fs: Ignoring removed mblk_io_submit option
[  635.029895][T13405] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  635.141830][T13405] EXT4-fs (loop0): 1 truncate cleaned up
[  635.150433][T13405] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  635.869362][T13427] loop2: detected capacity change from 0 to 512
[  635.879720][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.937871][T13427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  635.983128][T13427] ext4 filesystem being mounted at /90/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  636.016131][T13435] loop1: detected capacity change from 0 to 128
[  636.369793][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.435238][T13400] loop3: detected capacity change from 0 to 32768
[  637.334030][T13400] JFS: charset not found
[  637.362085][   T29] audit: type=1326 audit(1720491414.538:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000
[  637.489574][   T29] audit: type=1326 audit(1720491414.538:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000
[  638.772917][   T29] audit: type=1326 audit(1720491414.538:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000
[  638.828101][T13468] loop4: detected capacity change from 0 to 128
[  638.878619][T13469] loop1: detected capacity change from 0 to 1024
[  638.892866][   T29] audit: type=1326 audit(1720491414.538:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000
[  638.984518][   T29] audit: type=1326 audit(1720491414.538:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000
[  639.038014][T13471] loop0: detected capacity change from 0 to 64
[  639.090058][   T29] audit: type=1326 audit(1720491414.678:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000
[  639.112097][T13475] loop4: detected capacity change from 0 to 256
[  639.161602][   T29] audit: type=1326 audit(1720491414.678:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000
[  639.162691][T13471] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop0
[  639.238834][T13475] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000e8a4, chksum : 0xe00de75b, utbl_chksum : 0xe619d30d)
[  639.409423][T13484] loop3: detected capacity change from 0 to 512
[  639.425001][T13483] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8
[  639.440732][T13484] EXT4-fs: Ignoring removed mblk_io_submit option
[  639.469156][T13484] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  639.524771][T13484] EXT4-fs (loop3): 1 truncate cleaned up
[  639.538373][T13484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  639.866953][T13495] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2436'.
[  639.891532][T13499] binder: 13488:13499 ioctl c0046209 0 returned -22
[  640.573652][T13502] loop2: detected capacity change from 0 to 128
[  640.581788][T13503] netem: change failed
[  641.003173][  T927] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  641.213418][  T927] usb 1-1: Using ep0 maxpacket: 16
[  641.234553][  T927] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  641.247301][  T927] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  641.258065][  T927] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  641.268215][  T927] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.302453][  T927] usb 1-1: config 0 descriptor??
[  641.502135][T13514] loop2: detected capacity change from 0 to 64
[  641.537683][T13503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  641.563856][T13514] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop2
[  641.572081][T13103] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  641.572552][T13503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  641.610580][T13516] loop4: detected capacity change from 0 to 256
[  641.633254][  T930] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  641.654452][T13516] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000e8a4, chksum : 0xe00de75b, utbl_chksum : 0xe619d30d)
[  641.836012][  T930] usb 2-1: config 1 has an invalid descriptor of length 208, skipping remainder of the config
[  641.854003][T13503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  641.862644][  T930] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  641.863056][T13503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  641.896828][  T930] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  641.914261][  T930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  641.932316][  T930] usb 2-1: SerialNumber: syz
[  641.968628][  T927] hid (null): bogus close delimiter
[  641.972274][T13523] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8
[  641.997336][  T927] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  642.038191][  T927] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  642.058554][  T927] hid-generic 0003:0158:0100.000B: bogus close delimiter
[  642.089412][  T927] hid-generic 0003:0158:0100.000B: item 0 0 2 10 parsing failed
[  642.123868][  T927] hid-generic 0003:0158:0100.000B: probe with driver hid-generic failed with error -22
[  642.191915][  T927] usb 1-1: USB disconnect, device number 20
[  642.214585][  T930] usb 2-1: invalid UAC_HEADER (v1)
[  642.248406][T13527] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2451'.
[  642.288469][T13529] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2452'.
[  642.323415][  T930] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  642.392249][  T930] usb 2-1: USB disconnect, device number 14
[  642.455260][   T29] audit: type=1326 audit(1720491419.648:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.4.2454" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0499775bd9 code=0x0
[  642.514699][T13533] loop2: detected capacity change from 0 to 128
[  642.578978][ T5114] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  642.595988][ T5114] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  642.605889][ T5114] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  642.625086][ T5114] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  642.633615][ T5114] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  642.647196][ T5114] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  642.855138][ T6139] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.035654][   T29] audit: type=1326 audit(1720491420.228:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.2456" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0
[  643.065243][ T6139] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.090287][T13545] netlink: 'syz.1.2458': attribute type 1 has an invalid length.
[  643.100241][T13545] netlink: 9388 bytes leftover after parsing attributes in process `syz.1.2458'.
[  643.207163][ T6139] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.389543][ T6139] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.553728][T13559] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2463'.
[  643.614591][T13562] loop2: detected capacity change from 0 to 128
[  643.840690][T13534] chnl_net:caif_netlink_parms(): no params data found
[  643.841969][T13571] loop2: detected capacity change from 0 to 512
[  643.896194][T13571] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent
[  643.904471][T13569] loop4: detected capacity change from 0 to 1024
[  643.932210][ T6139] bridge_slave_1: left allmulticast mode
[  643.944325][ T6139] bridge_slave_1: left promiscuous mode
[  643.957501][ T6139] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.994898][ T6139] bridge_slave_0: left allmulticast mode
[  644.006366][ T6139] bridge_slave_0: left promiscuous mode
[  644.156244][ T6139] bridge0: port 1(bridge_slave_0) entered disabled state
[  644.284835][   T29] audit: type=1326 audit(1720491421.478:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13579 comm="syz.0.2471" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0
[  644.853055][ T5102] Bluetooth: hci7: command tx timeout
[  645.225689][T13589] loop0: detected capacity change from 0 to 2048
[  645.290929][T13589] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  645.318622][T13589] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  645.537363][   T29] audit: type=1326 audit(1720491422.688:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13593 comm="syz.4.2476" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0499775bd9 code=0x0
[  646.863136][ T5104] Bluetooth: hci7: command tx timeout
[  646.876955][T13610] loop2: detected capacity change from 0 to 512
[  646.905402][T13610] EXT4-fs: Invalid want_extra_isize 16855
[  646.923325][T13610] Bluetooth: MGMT ver 1.23
[  647.101557][   T11] kworker/u8:0: attempt to access beyond end of device
[  647.101557][   T11] loop0: rw=1, sector=2347, nr_sectors = 728 limit=2048
[  647.343810][ T5097] Bluetooth: hci2: command 0x0406 tx timeout
[  647.350222][ T5104] Bluetooth: hci1: command 0x0406 tx timeout
[  647.630972][   T29] audit: type=1326 audit(1720491424.818:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13617 comm="syz.1.2484" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e72375bd9 code=0x0
[  648.032213][ T6139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  648.077440][ T6139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  648.102354][T13624] loop2: detected capacity change from 0 to 512
[  648.120735][T13624] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent
[  648.297138][ T6139] bond0 (unregistering): Released all slaves
[  649.100315][ T5114] Bluetooth: hci7: command tx timeout
[  649.216693][T13631] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  649.239461][T13632] netlink: 'syz.1.2487': attribute type 1 has an invalid length.
[  649.286856][T13632] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2487'.
[  649.390708][T13636] loop2: detected capacity change from 0 to 1024
[  649.494985][T13643] loop1: detected capacity change from 0 to 512
[  649.502234][T13643] EXT4-fs: Invalid want_extra_isize 16855
[  649.536090][   T11] ==================================================================
[  649.544310][   T11] BUG: KASAN: slab-use-after-free in l2tp_session_delete+0x28/0x9e0
[  649.552380][   T11] Write of size 8 at addr ffff888029361008 by task kworker/u8:0/11
[  649.560307][   T11] 
[  649.562657][   T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  649.572833][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  649.582922][   T11] Workqueue: l2tp l2tp_tunnel_del_work
[  649.588394][   T11] Call Trace:
[  649.591677][   T11]  <TASK>
[  649.594612][   T11]  dump_stack_lvl+0x241/0x360
[  649.599313][   T11]  ? __pfx_dump_stack_lvl+0x10/0x10
[  649.604552][   T11]  ? __pfx__printk+0x10/0x10
[  649.609157][   T11]  ? _printk+0xd5/0x120
[  649.613339][   T11]  ? __virt_addr_valid+0x183/0x530
[  649.618560][   T11]  ? __virt_addr_valid+0x183/0x530
[  649.623699][   T11]  print_report+0x169/0x550
[  649.628212][   T11]  ? __virt_addr_valid+0x183/0x530
[  649.633352][   T11]  ? __virt_addr_valid+0x183/0x530
[  649.638475][   T11]  ? __virt_addr_valid+0x45f/0x530
[  649.643604][   T11]  ? __phys_addr+0xba/0x170
[  649.648124][   T11]  ? l2tp_session_delete+0x28/0x9e0
[  649.653331][   T11]  kasan_report+0x143/0x180
[  649.657866][   T11]  ? l2tp_session_delete+0x28/0x9e0
[  649.663076][   T11]  kasan_check_range+0x282/0x290
[  649.668025][   T11]  l2tp_session_delete+0x28/0x9e0
[  649.673056][   T11]  ? l2tp_tunnel_del_work+0x1d3/0x330
[  649.678432][   T11]  l2tp_tunnel_del_work+0x1cb/0x330
[  649.683638][   T11]  ? process_scheduled_works+0x945/0x1830
[  649.689365][   T11]  process_scheduled_works+0xa2c/0x1830
[  649.694933][   T11]  ? __pfx_process_scheduled_works+0x10/0x10
[  649.700925][   T11]  ? assign_work+0x364/0x3d0
[  649.705525][   T11]  worker_thread+0x86d/0xd40
[  649.710134][   T11]  ? __kthread_parkme+0x169/0x1d0
[  649.715169][   T11]  ? __pfx_worker_thread+0x10/0x10
[  649.720288][   T11]  kthread+0x2f0/0x390
[  649.724383][   T11]  ? __pfx_worker_thread+0x10/0x10
[  649.729509][   T11]  ? __pfx_kthread+0x10/0x10
[  649.734110][   T11]  ret_from_fork+0x4b/0x80
[  649.738541][   T11]  ? __pfx_kthread+0x10/0x10
[  649.743153][   T11]  ret_from_fork_asm+0x1a/0x30
[  649.747952][   T11]  </TASK>
[  649.750985][   T11] 
[  649.753306][   T11] Allocated by task 13644:
[  649.757804][   T11]  kasan_save_track+0x3f/0x80
[  649.762485][   T11]  __kasan_kmalloc+0x98/0xb0
[  649.767086][   T11]  __kmalloc_noprof+0x1fc/0x400
[  649.771956][   T11]  l2tp_session_create+0x3b/0xc20
[  649.776983][   T11]  pppol2tp_connect+0xca3/0x17a0
[  649.781922][   T11]  __sys_connect+0x2df/0x310
[  649.786517][   T11]  __x64_sys_connect+0x7a/0x90
[  649.791282][   T11]  do_syscall_64+0xf3/0x230
[  649.795956][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  649.801876][   T11] 
[  649.804203][   T11] Freed by task 11:
[  649.808005][   T11]  kasan_save_track+0x3f/0x80
[  649.812684][   T11]  kasan_save_free_info+0x40/0x50
[  649.817736][   T11]  poison_slab_object+0xe0/0x150
[  649.822681][   T11]  __kasan_slab_free+0x37/0x60
[  649.827451][   T11]  kfree+0x149/0x360
[  649.831364][   T11]  __sk_destruct+0x58/0x5f0
[  649.835882][   T11]  rcu_core+0xaaa/0x17a0
[  649.840134][   T11]  handle_softirqs+0x2c4/0x970
[  649.844907][   T11]  do_softirq+0x11b/0x1e0
[  649.849244][   T11]  __local_bh_enable_ip+0x1bb/0x200
[  649.854476][   T11]  l2tp_tunnel_del_work+0x1c3/0x330
[  649.859764][   T11]  process_scheduled_works+0xa2c/0x1830
[  649.865318][   T11]  worker_thread+0x86d/0xd40
[  649.869916][   T11]  kthread+0x2f0/0x390
[  649.873992][   T11]  ret_from_fork+0x4b/0x80
[  649.878429][   T11]  ret_from_fork_asm+0x1a/0x30
[  649.883205][   T11] 
[  649.885531][   T11] Last potentially related work creation:
[  649.891238][   T11]  kasan_save_stack+0x3f/0x60
[  649.895919][   T11]  __kasan_record_aux_stack+0xac/0xc0
[  649.901302][   T11]  call_rcu+0x167/0xa70
[  649.905467][   T11]  pppol2tp_release+0x24b/0x350
[  649.910318][   T11]  sock_close+0xbc/0x240
[  649.914567][   T11]  __fput+0x24a/0x8a0
[  649.918571][   T11]  task_work_run+0x24f/0x310
[  649.923183][   T11]  syscall_exit_to_user_mode+0x168/0x370
[  649.929030][   T11]  do_syscall_64+0x100/0x230
[  649.933635][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  649.939546][   T11] 
[  649.941886][   T11] The buggy address belongs to the object at ffff888029361000
[  649.941886][   T11]  which belongs to the cache kmalloc-1k of size 1024
[  649.956051][   T11] The buggy address is located 8 bytes inside of
[  649.956051][   T11]  freed 1024-byte region [ffff888029361000, ffff888029361400)
[  649.969771][   T11] 
[  649.972096][   T11] The buggy address belongs to the physical page:
[  649.978513][   T11] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29360
[  649.987309][   T11] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  649.995824][   T11] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  650.003811][   T11] page_type: 0xfdffffff(slab)
[  650.008496][   T11] raw: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001
[  650.017081][   T11] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[  650.025937][   T11] head: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001
[  650.034615][   T11] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[  650.043290][   T11] head: 00fff00000000003 ffffea0000a4d801 ffffffffffffffff 0000000000000000
[  650.051965][   T11] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  650.060696][   T11] page dumped because: kasan: bad access detected
[  650.067128][   T11] page_owner tracks the page as allocated
[  650.072841][   T11] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5105, tgid 5105 (syz-executor), ts 81499728484, free_ts 81485091403
[  650.092142][   T11]  post_alloc_hook+0x1f3/0x230
[  650.096930][   T11]  get_page_from_freelist+0x2ccb/0x2d80
[  650.102491][   T11]  __alloc_pages_noprof+0x256/0x6c0
[  650.107704][   T11]  alloc_slab_page+0x5f/0x120
[  650.112388][   T11]  allocate_slab+0x5a/0x2f0
[  650.116912][   T11]  ___slab_alloc+0xcd1/0x14b0
[  650.121620][   T11]  __slab_alloc+0x58/0xa0
[  650.125969][   T11]  __kmalloc_cache_noprof+0x1d5/0x2c0
[  650.131362][   T11]  batadv_hard_if_event+0xe71/0x1620
[  650.136658][   T11]  notifier_call_chain+0x19f/0x3e0
[  650.141782][   T11]  register_netdevice+0x167f/0x1b00
[  650.147017][   T11]  macvlan_common_newlink+0x1189/0x1930
[  650.152614][   T11]  rtnl_newlink+0x14fe/0x2070
[  650.157306][   T11]  rtnetlink_rcv_msg+0x8a0/0x1180
[  650.162344][   T11]  netlink_rcv_skb+0x1e3/0x430
[  650.167126][   T11]  netlink_unicast+0x7f0/0x990
[  650.171898][   T11] page last free pid 5099 tgid 5099 stack trace:
[  650.178223][   T11]  free_unref_page+0xd22/0xea0
[  650.182998][   T11]  __put_partials+0xeb/0x130
[  650.187591][   T11]  put_cpu_partial+0x17c/0x250
[  650.192364][   T11]  __slab_free+0x2ea/0x3d0
[  650.196783][   T11]  qlist_free_all+0x9e/0x140
[  650.201466][   T11]  kasan_quarantine_reduce+0x14f/0x170
[  650.206944][   T11]  __kasan_slab_alloc+0x23/0x80
[  650.211823][   T11]  __kmalloc_cache_noprof+0x132/0x2c0
[  650.217223][   T11]  ref_tracker_alloc+0x14b/0x490
[  650.222172][   T11]  netdev_queue_update_kobjects+0x186/0x5f0
[  650.228083][   T11]  netdev_register_kobject+0x265/0x320
[  650.233562][   T11]  register_netdevice+0x12c5/0x1b00
[  650.238776][   T11]  macvlan_common_newlink+0x1189/0x1930
[  650.244349][   T11]  rtnl_newlink+0x14fe/0x2070
[  650.249036][   T11]  rtnetlink_rcv_msg+0x8a0/0x1180
[  650.254075][   T11]  netlink_rcv_skb+0x1e3/0x430
[  650.258851][   T11] 
[  650.261171][   T11] Memory state around the buggy address:
[  650.266803][   T11]  ffff888029360f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  650.274872][   T11]  ffff888029360f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  650.282940][   T11] >ffff888029361000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  650.291022][   T11]                       ^
[  650.295362][   T11]  ffff888029361080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  650.303530][   T11]  ffff888029361100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  650.311591][   T11] ==================================================================
[  650.319756][    C0] vkms_vblank_simulate: vblank timer overrun
[  650.372946][   T11] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  650.380207][   T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  650.390658][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  650.400753][   T11] Workqueue: l2tp l2tp_tunnel_del_work
[  650.406275][   T11] Call Trace:
[  650.409599][   T11]  <TASK>
[  650.412558][   T11]  dump_stack_lvl+0x241/0x360
[  650.417386][   T11]  ? __pfx_dump_stack_lvl+0x10/0x10
[  650.422720][   T11]  ? __pfx__printk+0x10/0x10
[  650.427353][   T11]  ? preempt_schedule+0xe1/0xf0
[  650.432418][   T11]  ? vscnprintf+0x5d/0x90
[  650.436798][   T11]  panic+0x349/0x870
[  650.440745][   T11]  ? check_panic_on_warn+0x21/0xb0
[  650.445900][   T11]  ? __pfx_panic+0x10/0x10
[  650.450340][   T11]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  650.456333][   T11]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  650.462679][   T11]  ? print_report+0x502/0x550
[  650.467381][   T11]  check_panic_on_warn+0x86/0xb0
[  650.472337][   T11]  ? l2tp_session_delete+0x28/0x9e0
[  650.477541][   T11]  end_report+0x77/0x160
[  650.481799][   T11]  kasan_report+0x154/0x180
[  650.486317][   T11]  ? l2tp_session_delete+0x28/0x9e0
[  650.491528][   T11]  kasan_check_range+0x282/0x290
[  650.496492][   T11]  l2tp_session_delete+0x28/0x9e0
[  650.501525][   T11]  ? l2tp_tunnel_del_work+0x1d3/0x330
[  650.506907][   T11]  l2tp_tunnel_del_work+0x1cb/0x330
[  650.512115][   T11]  ? process_scheduled_works+0x945/0x1830
[  650.517842][   T11]  process_scheduled_works+0xa2c/0x1830
[  650.523417][   T11]  ? __pfx_process_scheduled_works+0x10/0x10
[  650.529411][   T11]  ? assign_work+0x364/0x3d0
[  650.534020][   T11]  worker_thread+0x86d/0xd40
[  650.538716][   T11]  ? __kthread_parkme+0x169/0x1d0
[  650.543759][   T11]  ? __pfx_worker_thread+0x10/0x10
[  650.548891][   T11]  kthread+0x2f0/0x390
[  650.552978][   T11]  ? __pfx_worker_thread+0x10/0x10
[  650.558096][   T11]  ? __pfx_kthread+0x10/0x10
[  650.562698][   T11]  ret_from_fork+0x4b/0x80
[  650.567129][   T11]  ? __pfx_kthread+0x10/0x10
[  650.571732][   T11]  ret_from_fork_asm+0x1a/0x30
[  650.576516][   T11]  </TASK>
[  650.579771][   T11] Kernel Offset: disabled
[  650.584128][   T11] Rebooting in 86400 seconds..