last executing test programs:

42.010234475s ago: executing program 1 (id=2283):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000003080)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)=""/29, 0x1d}], 0x1}, 0x0)

40.651871636s ago: executing program 1 (id=2286):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0)
r2 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000040), 0x12)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000400)='FROZEN\x00', 0x7)
write$cgroup_freezer_state(r1, &(0x7f0000000080)='THAWED\x00', 0x7)

40.292279565s ago: executing program 1 (id=2289):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1400, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

39.034654794s ago: executing program 1 (id=2291):
r0 = gettid()
dup2(0xffffffffffffffff, 0xffffffffffffffff)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)={[{@subsystem='devices'}]})
link(0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000001880)={{}, {0x77359400}}, &(0x7f00000018c0))
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00')
mount$cgroup(0x0, 0x0, 0x0, 0x180a9, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001740)=[{&(0x7f0000000280)}, {0x0}, {&(0x7f0000001540)="cab109fb7f40d64a01", 0x9}, {&(0x7f0000002240)}, {&(0x7f0000001580)="f6adb3c16c686237c5823777eadeabd0337477df748aec87de6aef67eea6fb6d9f8317a5ace5198e761e8d42c932e1f0cd48b1e6eed2d47850265d54340d8c150777c34fd3b7b49299c9744112d3c7236445192368ea1bab8e1b194c2c6fd68ef77b4d12a24a8384dc51b36f2f63dbe05af77b67860c9dbfab2c10a6d2177626946bebab34678268a9f6294d3e25d14b17ba73e66d5ccb8fdc9bddc94cd34834d843c1d9f11b09f8846d10e358cdcc5008a22c8943328c5e33d2ae5efca97de351273816ff01b3b38def268f8f8b", 0xce}, {&(0x7f0000001680)="5c9b1270767ee47cb0ca9d1ee58141be88a8855eaf10e6a6795199ee192aa8068d9dba06da5fc300db6ee82dbc9737312579ce781c0f64c3fd8c058573479545ee87bdbf58877da9747524cca70f532f868cdf7dafd8e023bfe487c64ac15fb97f0b7b28db8184ee8ea5d0b4a706d7a1ce2839e3907a3c46b5ba2adb559b9836dc8edeb044881c4550", 0x89}], 0x6}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

36.672127385s ago: executing program 1 (id=2302):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000002cc0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c757466383d302c6e6f6e756d7461696c3d302c696f636861727365743d69736f383835392d31342c636f6465706167653d3935302c696f636861727365743d6d6163696e7569742c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c005b5a0063b28c44cf0c3d"], 0x4, 0x367, &(0x7f0000000c80)="$eJzs3U9oHFUYAPBvO0k2KdTkIBQFYfQmaOgfPOgppaRQ3IvKUvXkYlOVbCxkcTE9dBsv4lHwqCcv4kEPHnoWQRFvHrxaQariQXsrWH2yu7PZ2ewmpsK2Fn+/w/Lle++b995mkp1Msi8vrcT6+dm4cOPG9Zifr8TMyumVuFmJpchi4EqMm5uQAwDuDTdTit9T3wFLKlOeEgAwZb3X/1eOlDJvfblf/+TVHwDuecXP/wv79Znfq+HiVKYEAEzZ2P3/R0aa50Z/1T9T+qsAAOBe9dwLLz59qhbxbJ7PR2y83a636/HUsP3UhXgtmrEWx2IxbkX0LxS6D5Xe45mztdVjeZ534qelqHcr2vWIjU673r9SOJX16qtxPBZjqagvrjZSStmZz2qrx/OeiLjS6Y0fG5V2fTYOF+N/fzjW4kTkcf9YfcTZ2uqJvDhAfWNQ34nYHt636M5/ORbj25fjYjTj/MK5SGlwWVNbvXw8z0+n2kh9u16N8zvPwp53QAAAAAAAAAAAAAAAAAAAAAAA4F9Zzncs7ex/k4b79ywvT2jv7Y/Try/2B9ru7w+UqilS+u3Nx+vvZDGyP9Du/Xna9Zk4dHeXDgAAAAAAAAAAAAAAAAAAAP8Zra25aDSba5utrUvr5aCz2do6FBHdzOtff/LFQoz3+Ydgphij1JQXqUvrjZQNOqdspE8RZN3BB5mPr+7MuNynurOKidOo7t3UbB55+Mf3h5mHssGR/xr2yWLyArNd0ygHG/f1p3Q7T9Slk0VwYnKfwTKb11JKk4/zZ0pp/MhRiZi5/U/cSJDvzqRu8NX1Vx842Tr6RC/zeep79LHFc9fe+/CX9UazO3Jvyh/NbbZupfVG8fHkk23vICudP5XoB5XymTCzX/n2aKaRfffr8w+++83BRk/lzBsT+mT95Xy62dqqFF8pvaZK/7Tp5nZVLTTPZhG7jjM74eSfQnD0g5XG1cs//HzQqtI3CRt1AAAAAAAAAAAAAAAAAADAHVF6r3iheLPv7H5VTz4z/ZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ0z/P//pWB7LHOQ4I9OjDdV1zZbEXN3e5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzP/R0AAP//pSBp3g==")
open$dir(&(0x7f0000000200)='./file0\x00', 0x103, 0x0)

22.377859144s ago: executing program 0 (id=2344):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00b762db125ccf07756f2e63fad8dd9e30f85132ca13e943ea4a354592e11b24761ca4cb62d56be84c24d762829961ee1206e514b7157b7e9d72f1c22f355497bfeade86697ce75bafd8a0e9b8d1d0d8786433670adee675f9d31586f013397c412624f65ab90c85554812a382bf4bed80997a75b2fac6863112088405458d3c4c6b58"], 0x1, 0x17a, &(0x7f0000000240)="$eJzsmM9KAlEUxr97x5SiJ2jTIiEjGmfGijYthJYtiv7RLslJrFFDZ5Hu2rb1CYLeIGjdC/QCrSoSInDZeuL+UW+SWouC6PwWx+96zz2ee4RvYEAQxL/l6fHtofV8cWUBmEQSCf39i9XL4UZ+udlqVkvrrzfzd5v3a9ex/noMQBR9/fdFgdushVCvo+jj6aT+3Abv6h1wzGm9BwZb6wNw7Grtg2Ff62NDV0S+bR8VA98+rAR5IRwRXBE8ETL9/bXPGfJGf8zYr9UbJ7kg8Ks/KEbNr53lWDX6M/+vzmwcY34uOFytM2DY0noFic5s1EiM+0/FevWtX74/CRIk/pro+VN0yTBr+JP50EiHpdN0rd5YKJZyBb/glz0vs+wsOs6Sl5ZGpOIQ/xuX/jRh1B8bkBtncZzlwrDqqthdeyp+5rhc+h9HakathffHB3aj9pk+x6RKWUPSCYIgCIIgCIIgCIIgCIIgvsE0mHwLOgJvQ2a/BwAA///uyXjV")
socketpair(0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)
timer_gettime(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$ARCH_SHSTK_STATUS(0x1e, 0x0, 0x0, 0x5005)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0xa}, {0x3, 0x3, 0x3, 0xa, 0xa, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}, @printk={@u, {0x3, 0x3, 0x3, 0x4, 0x9}}], {{0x7, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000003c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000500)='./file2\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000001a40)={0x2020}, 0x2020)

21.280980007s ago: executing program 0 (id=2345):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
r2 = dup2(r1, r0)
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f00000018c0)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c646973636172642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303430312c696f636861727365743d63703935302c757466382c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b5786944d6d0d7ff47c1b3d30303030303030303030303030303030303030303030302c646d61736b3d30303030303030303030303030303030303030303030312c757458382c6e61a790a69ebdbbbf279002bbb0837d3fe17076920e4685528ac8e0168c08ed55aad9e85cd4f24374d90543ed0327c6e4a194818cf9cba1d1e7e532c85817d3138c178df9e2e7d3031b26f469adbbb13b729e5c08bb949ef002b1b2efa13373f12277c4c18c4e9e46c695325f31c8a40d6ed83df20400000000000000bbb3b2af"], 0x1, 0x1515, &(0x7f00000002c0)="$eJzs3Au8jdXWMPAx5pwPm6SV5D7HHA8ruUySJJeEXJIkSZLcEpIkSUJyyy0JScg95B6SW0ju9/s9SY4kSUJCkvn9VOd1ztd7vvrec77Pe949/r/fs/cc+1ljrPGssfZez3p+e+9v2g2sVKdy+VrMDP8U/PVTVwBIAYA+AHAdAEQAUCxTsUyX96fT2PWfuxPxr/Xw1KvdgbiaZP6pm8w/dZP5p24y/9RN5p+6yfxTN5l/6ibzFyI12zot+/Wypd7tz1//d//n3XL9/9+QvP7/j/WnvtNk/qmbzD91k/mnbjL/1E3mn7rJ/FM3mX/qJvMXIjW72tef/w22vz5UV7uPP9ii/1Le1X32CSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYRILc6HKwwA/HV9tfsSQgghhBBCCCHEv05Ie7U7EEIIIYQQQgghxP97CGA0GIggDaSFFEgH6eEayADXQka4DhJwPWSCGyAz3AhZICtkg+yQA3JCLrBA4IAhhtyQB5JwE+SFmyEf5IcCUBA8FILCcAsUgVuhKNwGxWD2QoA7oASUhFJQGu6EMnAXlIVyUB7uhgpQESpBZbgHqsC9UBXug2pwP1SHB6AGPAg14SGoBQ9DbXgE6sCjUBceg3pQHxpAQ2j0X8p/CTrBy9AZukBX6Abd4RXoAT2hF/SGPvAq9IXXoB+8Dv1hAAyEN2AQvAmD4S0YAkNhGLwNw2EEjIRRMBrGwFh4B8bBeJgA78JEmASTYQpMhWkwHd6DGTATZsH7MBs+gDkwF+bBfFgAH8JCWASL4SNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2AbbYQfshF2wG/aU2wufwD74FPbDZ3AAPv+/zD8Hf5/fHgEBFSo0aDANpsEUTMH0mB4zYAbMiBkxgQnMhJkwM2bGLJgFs2E2zIE50l1+4hASMjLmxtyYxCTmxbyYD/NhASyAHj0WxsJYBG/FolgUi2ExLI7FsQSWxJJYGktjGSyDZbEslr9jLgBWwEpYCe/Be/BerIpVsRpWw+pYHWtgDayJNbEW1sLaWBvrYB2si3WxHtbDBtgAG2EjbIyNsQk2wWbYDJtjc2yBLbAltsRW2ApbY2tsg22wLbbFdtgO22MH7IAv4Uv4Mr6MXbCC6obdsTv2wB7YC3tjb3wV++Jr+Bq+jv1xAA7EN/ANfBMH41kcgkNxGA7DMmoEjsRRyGoMjsWxOA7H4QScgBNxEk7CKTgVp+F0nI4zcCbOxPdxNn6AH+BcnIvzcQEuwIW4CBfjYlyC53ApLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAtuw224A3fgLtyFe3APfoKf4Kf4KfbHA3gAD+JBPISH8DAexiN4BI/i0W3XAOBxPI4n8ASexFN4Gk/hGTyDZ/EcnsfzeAEv4EV8IcdXtffkX9cf1GVGGZVGpVEpKkWlV+lVBpVBZVQZVUIlVCaVSWVWmVUWlUVlU9lUDpVD5VK5FClSrGKVW+VWSZVUeVVelU/lUwVUAeWVV4VVYVVEFVFFVVFVTN2uiqs7VAlVUjX1pVVpVUY182VVOVVelVcVVEVVSVVWlVUVVUVVVVVVNVVNVVfVVQ31oKqpumEvfFhdnkwdNQDrqoFYT9VXDVRD9SY+rhqrwdhENVXN1JNqKA7BFqqxb6meUa3USGytnlOj8HnVVo3BdupF1V51UB3VS6qTauI7qy5qInZT3dUU7KF6ql6qt5qBFdXliVVSr6v+aoAaqN5Q8/FNNVi9pYaooWqYelsNVyPUSDVKjVZj1Fj1jhqnxqsJ6l01UU1Sk9UUNVVNU9PVe2qGmqlmqffVbPWBmqPmqnlqvlqgPlQL1SK1WH2klqiP1VK1TC1XK9RKtUqtVmvUWrVOrVcb1Ea1SW1WW9RWtU1tVzvUTrVL7VZ71F71idqnPlX71WfqgPpcHVR/UYfUF+qw+lIdUV+po+prdUx9o46rb9UJ1UWdVKfUafW9OqN+UGfVOXVe/aguqJ/URfWzuqSCAo1aaa2NjnQanVan6HQ6vb5GZ9DX6oz6Op3Q1+tM+gadWd+os+isOpvOrnPonDqXtpq006xjnVvn0Ul9k86rb9b5dH5dQBfUXhfShfUtuoi+VRfVt+li+nZdXN+hS+iSupQure/UZfRduqwup8vru3UFXVFX0pX1PbqKvldX1ffpavp+XV0/oGvoB3VN/ZCupR/WtfUjuo5+VNfVj+l6ur5uoBvqRvpx3Vg/oZvoprqZflI310/pFvpp3VI/o1vpZ3Vr/Zxuo5/XbfULup1+UbfXHXRH/bO+pIPurLvorrqb7q5f0T10T91L99Z99Ku6r35N99Ov6/56gB6o39CD9Jt6sH5LD9FD9TD9th6uR+iRepQercfosfodPU6P1xP0u3qinqQn6yl6qp6me/1WadafyB//n+T3++Xet+itepvernfonXqX3q336L16r96n9+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqFP6JP6lP5Rf6/P6B/0WX1On9M/6gv6gr7422MABo0y2hgTmTQmrUkx6Ux6c43JYK41Gc11JmGuN5nMDSazudFkMVlNNpPd5DA5TS5jDRln2MQmt8ljkuYmk9fcbPKZ/KaAKWi8KWQKm1v+6fx/0N+Kyb+evJhGppFpbBqbJqaJaWaameamuWlhWpiWpqVpZVqZ1qa1aWPamLamrWln2pn2pr3paDqaTqaT6Yxgupquprt5xfQwPU0v09v0Ma+avqav6Wf6mf6mvxloBppBZpAZbAabIWaIMQAw3Aw3I81IM9qMNmPNWDPOjDMTzAQz0Uw0k81kM9VMNdPNdDPDzDCzzCwz28w2c8wcM8/MMwvMArPQLDSLzWKzxCwxS80ys8ysMCvMKrPKrDFrzDqzzmwwG8wms8ksNVvNVrPdbDc7zU6z2+w2e81es8/sM/vNfnPAHDAHzUFzyBwyh81hc8QcMUfNUXPMHDPHzXFzwpwwJ81Jc9qcNmfMGXPWnDXnzXlzwVwwF81Fc8lcunzaF6lIRSYyUZooTZQSpUTpo/RRhihDlDHKGCWiRJQpyhRljm6MskRZo2xR9ihHlDPKFdmIIhdxFEe5ozxRMropyhvdHOWL8kcFooKRjwpFhaNboiLRrVHR6LaoWHR7VDy6IyoRlYxKRaWjO6My0V1R2ahcVD66O6oQVYwqRZWje6Iq0b1R1ei+qFp0f1Q9eiCqET0Y1YweimpFD0e1o0eiOtGjUd3osaheVD9qEDWMGv1L64dwNusTvrPtYtNCN9vdvmJ72J62l+1t+9hXbV/7mu1nX7f97QA70L5hB9k37WD7lh1ih9ph9m073I6wI+0oO9qOsWPtO3acHW8n2HftRDvJTrZT7FQ7zU6379kZdqadZd+3s+0Hdo6da+fZ+XaB/dAutIvsYvuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Ta73e6wO+0uu9vusXvtJ3af/dTut5/ZA/Zze9Cm/HZ+/6U9Yr+yR+3X9pj9xh6339oT9jt70p6yp+339oz9wZ615+x5+6O9YH+yF+3P9pINl0/uL7+8kyFDaSgNpVAKpaf0lIEyUEbKSAlKUCbKRJkpM2WhLJSNslEOykG5KBddxsSUm3JTkpKUl/JSPspHBagAefJUmApTESpCRakoFaNiVJyKUwkqQaWoFN1Jd9JddBeVo3J0N91NFakiVabKVIWqUFWqStWoGlWn6lSDalBNqkm1qBbVptpUh+pQXapL9ageNaAG1IgaUWNqTE2oCTWjZtScmlMLakEtqSW1olbUmlpTG2pDbakttaN21J7aU0fqSJ2oE3WmztSVulJ36k49qAf1ol7Uh/pQX+pL/agf9af+NJAG0iAaRINpMA2hoTSM3qbhNIJG0igaTWNoLI2lcTSOJtAEmkgTaTJNpqk0labTdJpBM2gWzaLZNJvm0ByaR/NoAS2ghbSQFtNiWkJLaCktpeW0nFbSSlpNq2ktraX1tJ420kbaTJtpK22l7bSddtJO2k27aS/tpX20j/bTfjpAB+ggHaRDdIgO02E6QkfoKB2lY3SMjtNxOkEn6CSdpNN0ms7QGTpLZ+k8nacL9BNdpJ/pEgVKcelceneNy+CudRndde5/j7O57C6Hy+lyOeuyuKx/F5NzLp/L7wq4gs67Qq6wu+V3cQlX0pVypd2droy7y5V1JVzda359vv4aV1m789dfRHf3u8ruHlfF3euquvtcNXe/q+4ecDXco66me8zVcvVdbdfQ1XGPurruMVfP1XcNXEPX3D3lWrinXUv3jGvlnv1dvNAtcmvdOrfebXD73KfuvPvRHXPfuAvuJ9fZdXF93Kuur3vN9XOvu/5uwO/iYe5tN9yNcCPdKDfajfldPNlNcVPdNDfdvedmuJm/ixe4D91st9jNcXPdPDf/l/hyT4vdR26J+9gtdcvccrfCrXSr3Gq35j96XeE2uc1ui9vrPnHb3Q630+1yu92eX+LLx7HffeYOuM/dUfe1O+S+cIfdcXfEffVLfPn4jrtv3Qn3nTvpTrnT7nt3xv3gzrpzvxz/5WP/3v3sLrnggJEVazYccRpOyymcjtPzNZyBr+WMfB0n+HrOxDdwZr6Rs3BWzsbZOQfn5Fxsmdgxc8y5OQ8n+SbOyzdzPs7PBbggey7EhfkWLsK3clG+jYvx7Vyc7+ASXJJLcWm+k8vwXVyWy3F5vpsrcEWuxJX5Hq7C93JVvo+r8f1cnR/gGvwg1+SHuBY/zLX5Ea7Dj3JdfozrcX1uwA25ET/OjfkJbsJNuRk/yc35KW7BT3NLfoZb8bPcmp/jNvw8t+UXuB2/yO25A3fkl7gTv8yduQt35W7cnV/hHtyTe3Fv7sOvcl9+jfvx69yfB/BAfoMH8Zs8mN/iITyUh/HbPJxH8EgexaN5DI/ld3gcj+cJ/C5P5Ek8mafwVJ7G0/k9nsEzeRa/z7P5A57Dc3kez+cF/CEv5EW8mD/iJfwxL+VlvJxX8Epexat5Da/ldbyeN/BG3sSbeQtv5W28nXcw8i7ezXt4L3/C+/hT3s+f8QH+nA/yX/gQf8GH+Us+wl/xUf6aj/E3fJy/5RP8HZ/kU3yav+cz/AOf5XN8nn/kC/wTX+Sf+RIHhhhjFevYxFGcJk4bp8Tp4vTxNXGG+No4Y3xdnIivjzPFN8SZ4xvjLHHWOFucPc4R54xzxTam2MUcx3HuOE+cjG+K88Y3x/ni/HGBuGDs40Jx4fiWuEh8a1w0vi0uFt8eF4/viEvEJeNH7y8d3xmXie+Ky8bl4vLx3XGFuGJcKa4c3xNXie+Nq8b3xdXi++Oi8QNxjfjBuGb8UFwrfjiuHT8S14kfjevGj8X14vpxg7hh3Ch+PG4cPxE3iZvGzeIn4+bxU3GL+Om4ZfxM3Cp+9g/3d427xd3jV+JX4hDu0/OS85MLkh8mFyYXJRcnP0ouSX6cXJpcllyeXJFcmVyVXJ1ck1ybXJdcn9yQ3JjclNyc3JIMoXJa8OiV1974yKfxaX2KT+fT+2t8Bn+tz+iv8wl/vc/kb/CZ/Y0+i8/qs/nsPofP6XN568k7zz72uX0en/Q3+bz+Zp/P5/cFfEHvfSFf2Df0jXwj39g/4Zv4pr6Zf9I/6Z/yT/mn/dP+Gd/KP+tb++d8G/+8b+tf8C/4F31738F39C/5Tv5l39l38V19V9/dd/c9fA/fy/fyfXwf39f39f18P9/f9/cD/UA/yA/yg/1gP8QP8cP8MD/cD/cj/Ug/2o/2Y/1YP86P8xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD8732w/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv9dr/T7/S7/W6/1+/1+/w+v9/v9wf8AX/QHzwf/CF/2H/pj/iv/FH/tT/mv/HH/bf+hP/On/Sn/Gn/vT/jf/Bn/Tl/3v/oL/if/EX/s7/kgx+beCcxLjE+MSHxbmJiYlJicmJKYmpiWmJ64r3EjMTMxKzE+4nZiQ8ScxJzE/MS8xMLEh8mFiYWJRYnPkosSXycWJpYllieWJFYmViVCCHn9jjkDnlCMtwU8oabQ76QPxQIBYMPhULhcEsoEm4NRcNtoVi4PRQPd4QSoWQoFR4L9UL90CA0DI3C46FxeCI0CU1Ds/BkaB6eCi3C06FleCa0Cs+G1uG50CY8H9qGF0K78GJoHzqEjuGl0Cm8HDoHHbqGbqF7eCX0CD1Dr9A79Amvhr7htdAvvB76hwFhYHgjDApvhsHhrTAkDA3DwttheBgRRoZRYXQYE8aGd8K4MD5MCO+GiWFSmBymhKlhWpge3gszwswwK7wfZocPwpwwN8wL88OC8GFYGBaFxeGjsCR8HJaGZWF5WBEgZVVYHdaEtWFdWB82hI1hU9gctoStYVvYHnaEnWFX2B32hL3hk7AvfBr2h8/CgfB5OBj+Eg6FL8Lh8GU4Er4KR8PX4Vj4JhwP34YT4btwMpwKp8P34Uz4IZwN58L58GO4EH4KF8PP4ZL8zZoQQgghxJ8y/g/2d/u7SP3HR/XbV7oDwLU7sh/521tpANiY5dd1T5WjeQIAnunS7uG/bhUqdO3a9bfbLtUQ5ZkLAIkr+WngSrwMmsFT0BKaQpH/tL+eqsMF/oP6ydsB0v9NTgpcia/Uv/Uf1B8x+w/rzwXIl+dKTjq4El+pX/R3taNf6mdt/Af1030xFqDJ3+RlgCvxlfqF4Ql4Flr+3S2FEEIIIYQQQohf9VSl2vzR+9vL789zmL9mlIC0cCX+o/fnQgghhBBCCCGEuPqe79Dx6cdbtmza5h8syv3jXbJILYs0/z3a+LdfAPy3aOPPLa72TyYhhBBCCCHEv9qVk/6r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF6/f/4d2JX+xiFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+1/BQAA//9fYjFa")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000380), 0xfefc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r3, 0x0)
readv(r2, &(0x7f0000001400)=[{0x0}], 0x1)

20.707944124s ago: executing program 0 (id=2347):
io_uring_setup(0x2a0c, &(0x7f00000002c0))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
r4 = socket(0x1e, 0x1, 0x0)
connect$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(0x0, 0x0)
clock_nanosleep(0x0, 0x0, 0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0)

18.832123636s ago: executing program 0 (id=2351):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0xffffffffffffff3a}, './file0\x00'})

18.609318021s ago: executing program 0 (id=2353):
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x2, &(0x7f0000000100)=ANY=[], 0x51, 0x2b7, &(0x7f0000000140)="$eJzs3T1v00Acx/HfOWkbaFVcWoTEWKgEC4KyIJYglBfBhIAmSBVREVDEw1QQE0Kws/MWeBEsIN4ATEy8gDIZ3fkhcezYadTEpP1+pEaOfef7X/xw97dUWQCOrVutn5+v/bZ/RqqpJr27IXmSGlJd0hmdbTzb2d3e7XbaRTuquRr2zyisaTJltnY6eVVtPVcj4ttvdS31r8NkBEFw81fVQaBy7urP4UkL0dXptjemHlmx12PW2zvkOGaN2de+Xmi56jgAANWKxn8vGueX3Cojz5M2omH/vxz/x7VfdQATFxRu7Rv/XZYVGHt8T7lNvXzPpXB2uxdniaO0PDfwfV7hmZWaYJqyrNLF4p14sN3tXN561G17eqNmpK/Ymvtsh6durCTa9ZzctMAIfTf5M8pF14c524fNMP7nklLxr47Z4tjMV/Pd3DG+PqmdzP/qgbGHyR0pf+BIhfFfGb5H10vfllKU9jebTS9VZMU1ci5qIVLSy0Z+RqL4jFpR+gGBXxanq3V6oFbYu6sltVZza23G34bUWkvVsr1Jzubh7U2a+WBum3X90Re1+ub/no1vQ4VXZu+qMRvhUOB+8bA/8/nN1d0+/czIkb1ckl9xYVjof4vvaTiA97qv61p++vLVw1q323liF+7lLDxeStbMvZVyy1S8oL3emgUFTqZwPChNM7BLh7pDe/8oLWyvspxNtudVH6YjtND6Nt0TqYqFam9PmI70LQLHkJ13mTD/6+Ur9XCyZz/83Hn6iA8Coj0Gdo6dZHC9ukE4I5d08kAZ3OLwDC6bc2VyRpdznb8oXRi9RT+K84gwLf3QXZ7/AwAAAAAAAAAAAAAAAAAAzJpp/DtB1X0EAAAAAAAAAAAAAAAAAAAAAGDWJe//Vfz+X432/t/BV7Ec5vt/P+6I9/8Ck/cvAAD//zfYewA=")
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

18.380643627s ago: executing program 0 (id=2355):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000004c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0)

15.169335364s ago: executing program 4 (id=2358):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {@nostrict}, {@uid_forget}, {@utf8}, {@gid}, {@longad}, {@undelete}, {@rootdir={'rootdir', 0x3d, 0xfffffffffffffffc}}, {@unhide}]}, 0x1, 0xc43, &(0x7f0000001d00)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
syz_usb_connect(0x0, 0x151, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002a797a08950b2a175e210000000109023f0101000000000904"], 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r4, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1)
getsockopt$inet_opts(r4, 0x0, 0x9, &(0x7f0000000680)=""/23, &(0x7f00000000c0)=0x17)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x6, 0x0, 0x0)
pwritev2(r1, 0x0, 0x0, 0x7a00, 0x0, 0x3)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x764, &(0x7f0000000f80)="$eJzs3c1rHGUYAPBnNknTptVEEbSeAoIGSjemxlbBQ8WDCBYKerZdNttQs8mW7KY0IVCLCF4EFQ+CXnr2o968+nHV/8KDtFRNixUPEpnNbLptdtNNm2TF/f1g2uedj7zz7My877s7w24APWs0/ScXcTAiPkwihrP5SUQM1KP+iONr691aWS6mUxKrq2/8ntTXubmyXIymbVL7s8ITEfHDexGHchvrrS4uzRTK5dJ8Vh6vzZ4bry4uHT47W5guTZfmjk5MTh459vyxo9uX6J8/Lx249tGrz3x9/O93H7/ywY9JHI8D2eLmPLbLaIxmr8lA+hLe4ZXtrqzLkm7vAPclvTT71q7yOBjD0VePAID/s4sRsQoA9JhE/w8APabxOcDNleViY+ruJxK76/rLEbF3Lf/G/c21Jf3ZPbu99fugQzeTO+6MJBExsg31j0bE59++9WU6xQ7dhwRo5Z1LEXF6ZHRj+59seGZhq57tYJ3Ru8raP9g936Xjnxdajf9y6+OfaDH+GWxx7d6Pe1//uavbUE1b6fjvpaZn22415Z8Z6ctKD9XHfAPJmbPlUtq2PRwRYzEwmJYnNqlj7MY/N9otax7//fHx21+k9af/314jd7V/8M5tpgq1woPk3Oz6pYgn+1vln6wf/6TN+Pdkh3W89uL7n2Xho3cvS/NP821MG/PfWauXI55uefxvP9GWbPp84nj9dBhvnBQtfPPLp0Pt6m8+/umU1t94L7Ab0uM/tHn+I0nz85rVrdfx0+Xh79stu3f+rc//Pcmb9XhPNu9CoVabn4jYk7y+cf6RerivqbwvsvXT/Meean39b3b+p+8JT3eYf/+13766//x3Vpr/1JaO/9aDK7dm+trV39nxn6xHY9mcTtq/TnfwQV47AAAAAAAAAAAAAAAAAAAAAAAAAOhULiIORJLLr8e5XD6/9hvej8VQrlyp1g6dqSzMTUX9t7JHYiDX+KrL4abvQ53Ivg+/UT5yV/m5iHgkIj4Z3Fcv54uV8lS3kwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzP42v/+f+nWw23sHAOyYvd3eAQBg1+n/AaD36P8BoPfo/wGg9+j/AaD36P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYYSdPnEin1b9Wlotpeer84sJM5fzhqVJ1Jj+7UMwXK/Pn8tOVynS5lC9WZm9vOdDy75UrlXOTMbdwYbxWqtbGq4tLp2YrC3O1U2dnC9OlU6XWWwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd1UXl2YK5XJpXiAQCNaDtHW42O3mCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA/798AAAD//+TuKn8=")
r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r7 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
write$binfmt_script(r7, &(0x7f0000000240)={'#! ', './bus'}, 0x9)
ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000001c0)={0x0, 0x0, 0x6})
r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
r9 = syz_socket_connect_nvme_tcp()
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000340)='longad', 0x0, r1)
recvfrom$inet_nvme(r9, &(0x7f00000003c0)=""/185, 0xb9, 0x40, &(0x7f0000000480)=@l2={0x1f, 0x1000, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7e09, 0x1}, 0x80)
getdents(0xffffffffffffffff, &(0x7f0000000040)=""/104, 0x4d)

13.049987287s ago: executing program 2 (id=2361):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0xffffffffffffff3a}, './file0\x00'})

12.776542779s ago: executing program 2 (id=2363):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r4, 0x0, 0x0)
wait4(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0)

11.571826757s ago: executing program 2 (id=2364):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r0 = syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRESDEC], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x5c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000039c0)=ANY=[@ANYBLOB="e01400000d0a010e0000000000000000010000000900010073797a30000000000900020073797a3200000000b4140380b00100804a000640c88f4c510a82528b929de19d65c82fd42ce9330ecd82199c061ba0f72a79157331d53b780fb223b35a2d17967e8ec3d8aa5c03c978f4211010d9baddb8d4ebfe5d6b09e490e200000c0004400000000000000002c20006406c05abdd8419c51367e06af178e84b79a1bc720ea82947e81e9820931aea6b2d2613dc9c8d16df283519c78ecae374a786938dbe71f6d334d9fa03450fb5812e516b072a73df64ac554194165369d15e8418b7ddcbfb071087070a1a4e408d60e34021d9789d21ce9cb2f01ead0451d47dbe1b10b2f2a401e63634fb2a7d3dd86121022e777ed01e35a21d5fe52626414ca6d37cda050c49be1b96443545dd846eb74b273284b870604abefcf7597ece2abed0230070b7b0f98bef731c06000090000b802c0001800c0001007061796c6f6164001c000280080005400000003d080007400000ffff08000340000000092800018008000100647570001c00028008000240000000170800024000000000080002400000000f2800018008000100647570001c000280080002400000000208000240000000090800024000000000100001800a0001006c696d6974000000001300800800034000000000ec010a80480002800900020073797a300000000008000180fffffffc0900020073797a310000000008000180ffffffff080003400000000508000340000000010900020073797a3100000000240002800900020073797a320000000008000180fffffffc0900020073797a3200000000200002800900020073797a320000000008000180fffffffe08000180ffffffff4800028008000340000007180900020073797a310000000008000340000000090900020073797a3200000000080001800000000608000340000000270900020073797a3100000000100002800900020073797a3100000000120001004051030a80cecc2a06fc745acf6e0000b3000100b51218367567f045a422154a91ef150e4e2463e55f8a8218bae278ede88f3f63df33d3ed114bde82bf800705b9423d14555bc89534ac4d45c5f867813b8ac1d0ee267f4af45e72578d850e8fb35daf44cb38c49b576202b2716492ea2160858a2015bb7e1145140d2e5df34e3f3845f53b6727f8fe4ee799e2fff8c273d562b28ed71d7f5e09bb9b3b849eaf2ed5fb15eb9e513c83b1786abd12cc3dbbfd76316bd1544255a8ad129c4b84c067eaf8002400028008000180fffffffd08000180fffffffe080001800000000308000180fffffffe17000100e974c2be55b319e2653ef93c884b18324b7338000811018004000280041001009b841135d4c97b540c588d449c533f8a89d6d49aead4f12cfe70e692a4518a294aeb8046dd9bafdc419e83caf6e114a2b2fc07c5840b35a37e5d762dede9b2a9dee8854db8701748681ca2d45891a016ce508deb84e73d042b6b4113d3806d11301035c53de8c372717a2ac8e90e7876f114a7f1739f2c7c85151df093fcf0b504173a0597a2f8b25131f54908a9f46a76c1f923495efca20c8993d6d5a9aa8e3fbff1e2d2134e58bcbcc55c2adac63b4ce89f4c2fbeee23428011fd970eeb063260ca9e02041c653fb48daa145604c53fc58ba63fd97166545db4b31642366bc083cea0e48137e786d8d545564a54739fc31e7ba21accd4392981b611acbb29de25b59191d8851e00f962fb4d1123e7f4b089119834e0896286ecbe16265db79dc09db687a76f760fe69089a5df3ad98db9f2c9c41ee1ff6b1108e1d9363217ad33cad4ef8b08a9fd4dcb129fc7fcc55994fb9e842dd7088d0c3eb81eea81b6241c74f0d0e472bf1ce64eb900bc0fad75104309b24f34a2f431fa32cea251b68a476f7087a74c7ac24a0e8571cf86b186f33eba508b006b0adeb703d9bc07a4ae42f9bdbea1c1fe557ded25c0f60a301960d4ad60e3586265ea19b8aa69120c30884fc7452e0dd6bd257f0abf0be34eb8c137e81e600ed8017b382b5a422b00db2a64dde2c38aead1127081f1d13fac9d2c5422e23a2ae4f923245a05be354d8814c32b351e98fbf1c52138fd8162f7c8a1cb97298fd8e08b38b744250094c19f2f8ae5adb22a1097ff227e2524f8e9360798355cf2d6310c725a609c4f32316f0751efb23bc70a2459812a1f3375b35c5d779c898fc75f30e03562ed8a85974a6bc9d0680082e4601b50db0b5e740a8cf9b75ec5c11071300378f30b8ae65a99f55620a4612b764078fbf113e34503b2920cf47cbd4acad73878fc6e2479659a0b40f72b68d36887adb3109579d2d5f43c2d7ea5fca5ec6a9690c1a62e083b404e2512952456cadd8fb202c723e00420d87ac26672aa92ebdb151307afc1e866f3c7ce8a16135f0af6c441d54eaca2c1d44dad3cde66967364e8452a9b607f6b8f0e27353192e6a0bf7f4e34cbf982352760f3ea2342da7b02c2b946e88895589340ce9b46f4189518e2cc9a2ac5d3862bd5cabe1f197e6d4cb338c15b90b86c04a87db793da5d09e2b8b0aaf1c3d1f48d83f40a7f0f0133a60f93d7db5d54d912ee09750faec75993dc827310727a48d37c62044889e46a4cd96701691511ca2ab03e0634382057c08c1dd2466473138bbf1b3e86619787495ad42846faf2367d66fb8084664718a24b18c36ae9d2f995aac52503706175c665d2fb162ff7f1682dfe6217bcc2d2b850907eb5db7e4b8457d861cac64bfbd7c181a518da6a4c9048026ab2ec6dddfa6087e38d6147dba4ae175a8b811e3ec1fa9dfedcf35be4bb920c4efdddbb13618aa93b34cc79df403c6e0b8e94f7d0ba772ab847d72a0a85efa522f8fafffffb0c81c529374156907b5e2faa1ef693cd443c0ec62ba0feea09b78e490aea90ddcea40a01082de5c1278ab8e278d3812e3cbe6edf3e4be6b8b9b812a27a00c655de0c1539d326f6a5a917984def39ff11d8018307d112a9d2b92a142e5821e48dcbff8bfa534c1963600c30dd654593b120296d0577d37b657b7256069086f108747a089ef9574fae19f08b47e497284d0538a24802343dc36512c5a7e7d17cc6a271306f20bcf0a9c7f2c07389ecc54aab5c1b640f7473a1a5fc3a8d4007c4f6c8d564ea1c8dfc5884c5bfb57cc3a556f6cfab5cf3fb531c9bd9802ef409cbf1d28f17d0b2e797123a3808f4ea4852a42230d7446f0dc80552d2936259718783bd3f4e984bf80285485517cd8ae6db140f133186129d351d5f0574420928ec570f1a8bba69ed754c984596f4e07d4f7822f8406a8174bcf3e95dbc4ac81892007d708a6861747346aca4dc547cf503880f25f59dce2bb93673455e8d658451e2dd732c48db583d7e9d784a2dadc66d97c68c5b1bb2c050c2e118a00b3b6f274b62cb1a30d76c61fe5a85f16507c32c009c4b5565f2d26a3eb78eff390f3d2b04d0784815c24b07ba256a5b4f8b521e562ea4da4681ebe7a1e7cd26f894e1ad52687ea27fd723ff33bce4829c25c7501ecbf11b5fdc530a6354054926fc9566f06eba3a952eed91fde1c0dcf1906ad031c3cda647c7a350c5109c50c4b6bd00a235a0e6b2c2bb9120ddb39c59ad544849046258280398884b87b208033a68e03c9bf2a192ceed42e335b991f66147eae7f50df77e164da90859e74373b0f4ded9225e2d0ce461b4f962f4eb504299d30a2b35b861926cf962ebce9dd6547bf00f09d44f2dde25bb3594a2ef7c83f852961eeb3a58e9d94346352cc254173da33c3cd08e64499882774d99fa18dfbc9e6409d1ab597cbd241bb66d286b66ce190b0db185288be977135650dcef720f4e030653801a276b1dc1e43998b47070e0e956ba9e2e929b4f48ad18aa8c3e2793ce7bd5841a5253897ba613ea132216cfc598d48f15b72c012353e04d2ebd25e26b2911023dc96cb1f610a768c4c30c3072a2f43dc703b84c18b8d110d9b17c07acff5005f627365c361c1841dc61714b111e684c74b500f00d10476784c6e0bed70c474f958e210adebcb5e785002d39bc760cdda966ae60e34162db2dbb0298010af9a39d19ac6606cbf55644c1ca1c904a79cd045a95f241b8029b28bc2f90ff233a5b61cb13421a3a09e5f9a4705061b0aaa6a3455f26db8ccb21a2d267b6c6347c3b0fd8058b6bd509e4c33171bc1bd493390dcdf003d1bf93c1a56069562831024e5454451feb59b4dd4273c4f12b76339c5c7264eabb392e67457ade08a676b1d551eee25d31604e23e5fc6572f59a96055b86b351e3019779f2d74f176b11ee3982e7216bb8b252195c6be829b3e47126c588d126d7616bf6f316e1635f167d3abfb2eb5934e6decaa4ba5ece702ba2d0dd1a266a191b9fb467a3b290170239c829c8bf6345125a6d641a2dd02d9147dc7d831f1feb9f99a778efd05efd8a1c53a54db7737180912792eabca5cda2f1ac6558abcc44ba684f04990a1321f2a2a2d09ce2e07af4c005d6909c6c2bf2c4cd294f0df678d4cc0046418e57456fa728bcf1ef677fc3cf3fd196b141d82462891f708cfeed60c05a275d047ce8508df5cc7ac753efa05d691621517960fc802f2d790f7ab38d4930613bc65a1016b08b8636b6ab1fe7fb837f831d1a447704161fe9715aaaca5b6602a19aca7cc646ef8119aace08512902dfc0f05b241d9616c56b5f35c1088f428c6cbaec2f07648b4d31a6920b11f91f6764f6cbba19b5accd5a0233074c906b08cb4d2d4a45afbc2330a3a2102c05b2d77d737728eb924e7f56c9e3b62560892a89fd98f93e9484a6ea34162f93075d6a85204301f1c8e3575d9acf2b42906ad80ef269a41ea7e7d39cb5e1e95dfc45b076e41c318a3f1758d08df0f1c15c45ccb64e747873415a5b4a59ecb32dbc5100737a4bce524d508f6a51d2a9e19ffdfbd32eb24cd2c800a2ccd792cae3b6051bf17994c7621e914f616d080bf13b852546b1509d9a57e2fa40bc2ab5bd7242d4d18b270ababc53d1e55c9238eb099e55e639e34fc1b214ee2474dc2fb4af1f97745eb59f0f0053bd721c7c8e9b12cf634917198c266beb6a0a8a4b8e76e6d1b5515de56262a4c0feb21b62cc3a783f9a456c9c426cef069ab0b83394556f76676e3e43c7e04b0a42d68287a3a7a5f88a2694df8816241436a0c18196093fbdf413b3b07c6b655a0d77100b779b89fb734be87f5a7e2c879642b7ceb50a0c342537dd629446ee8401fa06cefd891163e86206fc1f6b5269df1833d2024c2ec05ffa877b05bf50bfdd7b6a458c4cd53440d0d278d5eba6f29e46dec3523a0831e8b778fb543d7f2d594d991c4d3232ba9f26059b876a04ef2d3242e7fdccf71215c2b2dd4361688131083734fe81bdb9846328d197b2e37945c04ddb55072ada3406271208b24ad2847a23623cf00ed77c9cf147062c05ccce84c50c1cec0529f0b4c377150d5698657a843ed8d7a6470d7cab6dfc13ee2af6b45e3a4ac8bdf7c2b760b01447820eef0c0a62fef0bb72180238ba0a0dd0cd23eca58ad8ccaa85b97a81b9fc1f2dea7f96d5828a254bcc29aeffe2b8e1f6b38bb40a1b1c71bbf05f6917a2980f2af9e19976be1a46761500726427a8430211b5a59d16fb033be8e05cd92fe7b1bad1bfa9fbeaf863d5594a5c9280ba9a44f6a911919ad894a93fb96113d3699dcefd5038160a05e3a5e140da201c19fb2553c90e2f82794977e23084433625c7815cbfbb2233a85911c4c864362b5084bcc3cc8af5eb62bad2be2dfeaef724e40372e39693f6bdf40525ad63b873e5d0b2ed9e5c0dee46f3f62ac8f630b8a924bd552e3b8dd0fd57712a6fa10560126def51d921a43afb4b1a7b1899a4b627b867bf1053469626536613ddfc9bb072c65b703364e83a17ad0f53e677b7d7ca0a618d3f40683426eb9b0dcfd1930ee0680a98f409e164f970f7011d869462455da2f565a716d75694b05536cb06590e8715c5a999cc0b138abdde843eb52b08f34e44e8372c40bea0fbc60f753c61450cc5f172802a92f43820ca6cfd0d0fec1ff4516eba1d0935618f1d8aa1e06e51962465400806cb151217ca181d3db5630880274ed0dd2c0c8aac6045378062a278306175f38e2580d71971be4fdf3ceba143993f36d0813737ee138eff7684e2cad6a1b9c25ae630c626eddd265f0db165fe0b3b38785a2178ae9550cd91b822ad13eb8770228a9df56a86ed227f48c27aef205a1155a3bbb9049edf416a3b690b31ac805e2f9b9e502d9b19050fa462bc99e0ea56c7252b25848befd7bebd03cfd72f12044c85212b148cc29248a91b36006f127948ba3c9fb8047dc9f49076338799a9c4e260a0138c730d977c1ba0909605d1b4fccbfbcffcd6e0bcf8bf39d8c071318ec2040d6826b540902e398173f645874803b5b73f0549796cdfc6f1e3d2800679d6397af152ef87a244797d7c9006ffb7c621128b28173c7c45e6f8661935ccebe7d82f47738dbd1e6667145c4af00a70de8788553064cd51d09ad62f97ecabd0d0a816e176a774a2d2e022b1c727dacfcc60c9d6a766c8fe437909d6b8c81a6bbbf1a3995bdf199304b780a40ad3a6aaa4cbe3aeba32"], 0x14e0}}, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3d0, 0x0, 0x0, 0x1d8, 0x2e8, 0x2e8, 0x2e8, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="eaa334dd81ea"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bond0\x00', 'bridge0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'batadv0\x00', 'veth0_vlan\x00'}, 0xc0, 0xf0, 0x0, {0x0, 0x1e03}}, @unspec=@CONNMARK={0x30}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000440)={0x0, 0x0, 0x7fffffff, 0x8002})
set_mempolicy(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0)
r6 = getpid()
process_vm_writev(r6, &(0x7f00000013c0)=[{&(0x7f0000000040)=""/263, 0x107}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mremap(&(0x7f000090e000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000139000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000002, 0x10, r0, 0x0)

11.216516038s ago: executing program 4 (id=2365):
r0 = socket$inet6(0xa, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
bpf$MAP_DELETE_ELEM(0x4, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r2 = socket(0x2, 0x3, 0x100)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0xfffffdef, 0x0, 0x0, 0x0, 0x0, 0x10}, 0xfffffdef}], 0x4000095, 0xff00)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1300000065ffff010100dc060039503230303061c9b08f3b5a5a498e06111f016ad6d1da7664075ca688817fb6a1e66c97821edc52d19aafbcf9b8fa20584637e577b8aac9b985738061d02167b894ac39a21589eaea37fb41638b31ec4cdc144abe2e82e0cf47d920c050ba6a5a7d5087e0b4e4b1d1d3bfbd3cd5fd23e2fb8dc81f95f5b2146c8a4a688e10320127826fe3"], 0x13)
syz_usb_control_io$hid(r3, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000000b574e69620bf85edacab3"], 0x0}, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000c00)={0x84, &(0x7f0000005d00)=ANY=[@ANYBLOB="000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
readv(r4, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x2)
ioctl$HIDIOCSFLAG(r4, 0x5421, &(0x7f0000000000)=0x3)
ioctl$HIDIOCGUSAGE(r4, 0xc018480b, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

10.679886973s ago: executing program 3 (id=2367):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@init_itable}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x18)

3.790887151s ago: executing program 4 (id=2369):
r0 = memfd_create(&(0x7f0000000080)='\b\x9dF\xd8\b\xb3~u\xa5\x81\xb1\x8aSpA\xd4\x98\x85D\x89>N\x8ar\x17\x00\x00\x00\x00\xe2{mn\xcc\xbf2\xc0\x90kn\xe8\xfe/\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97\xe7\xe6\x97\xf9\xb3\xf6\xb9\v\xb5$\xee\x84\x1cn,Bd8\x13<\xf0E\x86\xc0v\xd5?\xe5E:+Pm\x1d\xb4\xb8k\x11\x00', 0x0)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
splice(r1, 0x0, r0, &(0x7f0000000140), 0x4, 0x0)
write$FUSE_NOTIFY_POLL(r2, &(0x7f0000000200)={0x18}, 0x18)

3.745482292s ago: executing program 3 (id=2370):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x5e, &(0x7f00000000c0), 0x1, 0x45d, &(0x7f0000000580)="$eJzs3M9vFFUcAPDv7LYgILYY/MEPpYpGorGlBZWDBzCaeNDERA94rG0hyEINrYkQItUYPBoSE70Zjyb+BZ70YtSTiVe9GxJiuICexszuDN1ud7dsu2UL+/kkk76386bvfTvzuu/N29kA+tZIRHwWEfdHxJ8RMRQRSWOBkdqPm9cvTv17/eJUEmn69j9JtdyN6xeniqLFcduKzEItv6dJvXPnL5yerFRmzuX5sfkzH4zNnb/w/KkzkydnTs6cnThy5PCh8ZdenHihK3Fmbbqx++PZvbtef/fKm1PHr7z36/dJHl40xNElI+12Pt3lynpte106GehhQ+hIOSKy0zVY7f9DUY7FkzcUr33a08YB6ypN03Rz690LKXAPS6LXLQB6o3ijz+a/xXaHhh4bwrVjtQlQFvfNfKvtGYhSXmawYX7bTdls6/jCf99kW6zPfQgAgCV+PFb7uXz8V4qH68odzdeGhiNiR93ixs6IeCiiWvaRiHi0w/obF0mWj39KVzv8lR3Jxn8v52tbS8d/xegvhst5bns1/sHkxKnKzMGIeCAiDsTg5iw/3qaOn17944tW+0bqxn/ZltVfjAXzdlwdaLhBNz05P7mWmOtd+yRi90Cz+JNbKwFJROyKiN376g7cdPt1nHr2u72t9q0cfxtdWGdKv414pnb+F6Ih/kLSfn1y7L6ozBwcK66K5X77/fJbrervNP4dXy/O2bohO/9bm17/t+IfTst167Vznddx+a/PW85pVnv9b0reqaaLy/Cjyfn5c+MRm5I38tePLr4+sXhskS/KZ/Ef2N+8/z8Yi3+JPRGRXcSPRcTjEbEvb/sTEfFkROxvE/8vrzz1/urjX19Z/NMrnP+kfr1+FYny6Z9/WFLpcCfxZ+f/cDV1IH+l+v/vq/Zx3W4D1/4XBAAAgI2vVP3sf1IavZUulUZHa5+X3xlbS5XZufnnTsx+eHa69ozAcAyWijtdQ3X3Q8fzaX2Rn2jIH8rvG39Z3lLNj07NVqZ7HTz0uW0t+n/m73KvWwesO89rQf/S/6F/6f/Qv/R/6FvNnv/fslKZ1M1BuCc0e/+/1IN2AHee8T/0r077f21y0OZrw4C7hvd/6F/6P/SltTzXv8ZE8fWDTcsU6w+9aNiKiTRdqcxAu8MvNQ/5LktEaUM0Q2KdEr39vwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAt/wcAAP//spXqBA==")
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180)=@tcp6}, 0x20)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
fcntl$lock(r3, 0x24, &(0x7f0000000740))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = socket$caif_stream(0x25, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000001700)='team_slave_1\x00', 0x10)
connect$caif(r4, &(0x7f0000000080)=@rfm={0x25, 0x10001, "423e650059ef6c664b6dff801d261cd8"}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000000)={'wg2\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x1ff}})
r6 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000200)={{{@in=@empty, @in=@dev}}, {{@in=@empty}, 0x0, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e7}}, 0xe8)

3.605416789s ago: executing program 4 (id=2371):
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x28, 0x0, 0x0, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r4}, @val={0xc}}}}, 0x28}}, 0x0)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="2c000000410000000700034000000000d96e6c8d6c8508"], 0x2c}], 0x1}, 0x0)

2.253560183s ago: executing program 3 (id=2372):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}, 0x4e}], [], 0x9})

2.176769379s ago: executing program 4 (id=2373):
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x2, &(0x7f0000000100)=ANY=[], 0x51, 0x2b7, &(0x7f0000000140)="$eJzs3T1v00Acx/HfOWkbaFVcWoTEWKgEC4KyIJYglBfBhIAmSBVREVDEw1QQE0Kws/MWeBEsIN4ATEy8gDIZ3fkhcezYadTEpP1+pEaOfef7X/xw97dUWQCOrVutn5+v/bZ/RqqpJr27IXmSGlJd0hmdbTzb2d3e7XbaRTuquRr2zyisaTJltnY6eVVtPVcj4ttvdS31r8NkBEFw81fVQaBy7urP4UkL0dXptjemHlmx12PW2zvkOGaN2de+Xmi56jgAANWKxn8vGueX3Cojz5M2omH/vxz/x7VfdQATFxRu7Rv/XZYVGHt8T7lNvXzPpXB2uxdniaO0PDfwfV7hmZWaYJqyrNLF4p14sN3tXN561G17eqNmpK/Ymvtsh6durCTa9ZzctMAIfTf5M8pF14c524fNMP7nklLxr47Z4tjMV/Pd3DG+PqmdzP/qgbGHyR0pf+BIhfFfGb5H10vfllKU9jebTS9VZMU1ci5qIVLSy0Z+RqL4jFpR+gGBXxanq3V6oFbYu6sltVZza23G34bUWkvVsr1Jzubh7U2a+WBum3X90Re1+ub/no1vQ4VXZu+qMRvhUOB+8bA/8/nN1d0+/czIkb1ckl9xYVjof4vvaTiA97qv61p++vLVw1q323liF+7lLDxeStbMvZVyy1S8oL3emgUFTqZwPChNM7BLh7pDe/8oLWyvspxNtudVH6YjtND6Nt0TqYqFam9PmI70LQLHkJ13mTD/6+Ur9XCyZz/83Hn6iA8Coj0Gdo6dZHC9ukE4I5d08kAZ3OLwDC6bc2VyRpdznb8oXRi9RT+K84gwLf3QXZ7/AwAAAAAAAAAAAAAAAAAAzJpp/DtB1X0EAAAAAAAAAAAAAAAAAAAAAGDWJe//Vfz+X432/t/BV7Ec5vt/P+6I9/8Ck/cvAAD//zfYewA=")
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

2.003728095s ago: executing program 3 (id=2374):
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0af90910"], 0xd)

1.928898564s ago: executing program 3 (id=2375):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x2000006, &(0x7f0000000340)={[{@utf8}, {@utf8no}, {@shortname_lower}, {@uni_xlate}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@fat=@nocase}, {@fat=@fmask={'fmask', 0x3d, 0x10}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@shortname_mixed}]}, 0x25, 0x363, &(0x7f0000000440)="$eJzs3T9oXHUcAPDv9SW5NFgvg1B0Ot0EKU3EQaeEUqGYQSuH/xYPm/gndxZyeJAOuWRRipPiIujkVkFx6iwO4urgagWpiovdCg0+eXfv/l9sAl60+PkMx5fv7/d9v+97edy9G/K7V1uxeWk2Nm7duhnz84WYWTm3ErcLsRgn0sjttl8LMeL9udEMAHBPuJ2m8UfacffZHy50I5/9AHDvan/+v36qnygeofjqfdNoCQCYssnf/8e+3T87sfjyVFsDAKZk7PP/kaHhkQeBmUiOszkAYCqef+nlZ1bXIi6Wy/MR9fealWYlnuqPr27Em1GL9TgbpdiP6DwodJ4WstenL6ydP1vO/LIYlayiWYmot5qVzpPCatKuL8ZSlGIxr0979UlWv9SuL0fEbqu9ftQLzcpsLOTr/7gQ67EcpXhgrD7iwtr55XJ+gEq9W9+K2Iv57klk/Z+JUnz/WlyOWlyKrLbf/85SuXwuXRuqb14rtucBAAAAAAAAAAAAAAAAAAAAAMA0nCn3LPb2v0nrrea7F9vjn3d+/C+Gxtv7+3Tyqxtp9xcDSrGfFru781xNRvcHGt6fp1mZiRP/0jkDAAAAAAAAAAAAAAAAAADAf01jey6qtdr6VmP7yuZg0BrIvP3dF9+cjO7QTF76VtKvijw5dJzuxO0rC5EfOYneEmmvPE2yOZsjbSQR3cm71WvXex0Pzin2zmKsPAuKY0OFvKdqrXbq4Z8/mVT1ZxbstjNJjF2W4aCQrz8wVL8/S8xHxP5BVQcHy3eZcyNN04PKdz4er4pCxEwcuY1DBN/efOPBxxunn2hnvs43fXj0sdILNz767LfNai32OlemVpvbauynhzhy1uv4UBL9e6OQX+fChDthcrDXz+xtNbaryQ+/v/jQB1EYnpxMvn/Swcw7B6/15WhmrhMUIha7F+HvWp2dcPNPDl6507t7j/6HO/3pSvX6zk+/HrZq4E3iRMRX//g7DwAAAAAAAAAAAAAAAAAAMGrgf8WP4MnnptcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy//u//DwR7Y5nDBHdaMT5UXN9qHLj4yWM9VQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/sf+CgAA//9aS3J1")
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
creat(&(0x7f0000000440)='./file0\x00', 0x0)

1.837809284s ago: executing program 2 (id=2376):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0)

1.764758424s ago: executing program 4 (id=2377):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000004c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0)

1.220345246s ago: executing program 2 (id=2378):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
preadv(0xffffffffffffffff, &(0x7f00000031c0)=[{&(0x7f0000005e40)=""/4102, 0x1006}], 0x1, 0x0, 0x0)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
r3 = syz_io_uring_setup(0x28f, &(0x7f0000000080)={0x0, 0xb96, 0x13f81, 0x0, 0x40}, &(0x7f0000000100), &(0x7f0000000280))
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(r3, 0x54, 0x0, 0x1, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpu.stat\x00', 0x275a, 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="b7abfbc20f64cf5f927c11153ae231feb42be94f14762c32ca0a4b4680f0777698cf2d5ff7c1ebbdc4b8e050d4a0881da4691293fcc14e959da7c0273188e51ecc8abadf21e2c79386177ad4"])
chdir(&(0x7f00000000c0)='./file0\x00')
write$UHID_INPUT(r4, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000001, 0x1010, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000300)='./file0\x00', 0x0, 0x2675a4efe3e0a723)

1.159972692s ago: executing program 3 (id=2379):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080))
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f0000000180)=0x4)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040))

180.052754ms ago: executing program 2 (id=2380):
syz_emit_vhci(0x0, 0x22)
openat$uinput(0xffffff9c, &(0x7f0000000300), 0x2, 0x0)
r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000a00))
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f630664"], 0xd)
syz_emit_vhci(&(0x7f0000000280)=ANY=[], 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000b80)=""/102386, 0x18ff2}], 0x1, 0x400000, 0x81)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="2d9d7ab861bd4d304d57ab9f4ed1108b1c6e2a9dc73e476201885496d59d8d3692555eb1d760a2048d6477942bf58cc712"], 0xe3)
socket$inet6(0xa, 0x6, 0x0)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES8=r0, @ANYRESDEC, @ANYRESOCT=r0], 0x1a)
ioctl$TUNGETVNETBE(0xffffffffffffffff, 0x800454df, &(0x7f00000000c0)=0x1)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0x10}}}}, 0x11)
ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, &(0x7f00000001c0)=""/2)
connect$inet(0xffffffffffffffff, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000007, 0x10, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x19)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r3, &(0x7f0000000780)=[{&(0x7f00000004c0)='4', 0x1}], 0x1)
r4 = socket(0x1, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x33}})

0s ago: executing program 1 (id=2304):
r0 = socket$alg(0x26, 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$vim2m(&(0x7f0000000300), 0xfffffffffffffffc, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r6 = creat(0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
execveat(r6, 0x0, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0xfffffffe}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000480)='ext4_es_remove_extent\x00', r7}, 0x10)
r8 = accept4(r0, 0x0, 0x0, 0x80800)
r9 = accept4(r8, 0x0, 0x0, 0x80800)
sendmmsg$inet6(r9, &(0x7f0000003b80)=[{{0x0, 0xd, &(0x7f00000003c0)=[{&(0x7f00000000c0)="e6", 0x1}], 0x1, 0x0, 0x0, 0x7000000}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)='&', 0x23fff}], 0x1}, 0xff03}], 0x4000070, 0x8000)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r10, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, 0x0, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

ave_0: entered promiscuous mode
[  679.925830][T13239] hsr_slave_1: entered promiscuous mode
[  679.957107][T13362] F2FS-fs (loop2): Try to recover all the superblocks, ret: 0
[  679.960049][T13239] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  679.973681][T13239] Cannot create hsr debugfs directory
[  680.141203][ T5245] Bluetooth: hci6: command tx timeout
[  680.178999][ T6676] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.333662][T13264] bridge0: port 1(bridge_slave_0) entered blocking state
[  680.340893][T13264] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.365411][T13264] bridge_slave_0: entered allmulticast mode
[  680.385168][T13264] bridge_slave_0: entered promiscuous mode
[  680.406783][ T5287] plantronics 0003:047F:FFFF.000D: unknown main item tag 0xd
[  680.426539][ T5287] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  680.454532][ T6676] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.475892][ T5287] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  680.574083][T13264] bridge0: port 2(bridge_slave_1) entered blocking state
[  680.592101][T13264] bridge0: port 2(bridge_slave_1) entered disabled state
[  680.613307][T13264] bridge_slave_1: entered allmulticast mode
[  680.630978][T13264] bridge_slave_1: entered promiscuous mode
[  680.724617][T13379] loop0: detected capacity change from 0 to 32768
[  680.725438][T13379] XFS: noikeep mount option is deprecated.
[  680.728542][ T6676] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.753259][T13264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  680.800880][ T5339] usb 4-1: USB disconnect, device number 30
[  680.818108][T13379] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  680.865269][ T6676] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.894828][T13264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  680.951699][T13379] XFS (loop0): Ending clean mount
[  680.971808][T13379] XFS (loop0): Quotacheck needed: Please wait.
[  681.064326][T13379] XFS (loop0): Quotacheck: Done.
[  681.085142][T13391] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2063'.
[  681.134731][T13264] team0: Port device team_slave_0 added
[  681.171125][T13264] team0: Port device team_slave_1 added
[  681.229983][T12039] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  681.507915][T13395] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2066'.
[  681.613368][T13264] batman_adv: batadv0: Adding interface: batadv_slave_0
[  681.630526][T13264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  681.694478][T13264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  681.764650][ T6676] bridge_slave_1: left allmulticast mode
[  681.780355][ T6676] bridge_slave_1: left promiscuous mode
[  681.791588][ T6676] bridge0: port 2(bridge_slave_1) entered disabled state
[  681.814036][ T6676] bridge_slave_0: left allmulticast mode
[  681.826157][ T6676] bridge_slave_0: left promiscuous mode
[  681.844772][ T6676] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.001647][T13401] loop0: detected capacity change from 0 to 2048
[  683.423680][ T6676] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.436152][ T6676] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  683.447942][ T6676] bond0 (unregistering): Released all slaves
[  683.480463][T13264] batman_adv: batadv0: Adding interface: batadv_slave_1
[  683.488152][T13264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  683.514267][    C0] vkms_vblank_simulate: vblank timer overrun
[  683.521871][T13264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  683.991666][T13264] hsr_slave_0: entered promiscuous mode
[  684.045537][T13264] hsr_slave_1: entered promiscuous mode
[  684.062632][T13264] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  684.083753][T13264] Cannot create hsr debugfs directory
[  684.332526][T13424] loop0: detected capacity change from 0 to 4096
[  684.845769][T13427] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  684.959597][   T29] kauditd_printk_skb: 63 callbacks suppressed
[  684.959617][   T29] audit: type=1800 audit(1721918551.139:435): pid=13424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2074" name="bus" dev="loop0" ino=18 res=0 errno=0
[  684.986166][    C0] vkms_vblank_simulate: vblank timer overrun
[  685.202844][   T29] audit: type=1800 audit(1721918551.379:436): pid=13424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2074" name="bus" dev="loop0" ino=18 res=0 errno=0
[  685.291733][ T6676] hsr_slave_0: left promiscuous mode
[  685.447575][ T6676] hsr_slave_1: left promiscuous mode
[  685.553237][T13432] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  685.559806][T13432] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  685.584853][ T6676] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  685.591122][T13432] vhci_hcd vhci_hcd.0: Device attached
[  685.656963][T13436] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2076'.
[  685.668155][ T6676] batman_adv: batadv0: Removing interface: batadv_slave_0
[  685.681732][   T29] audit: type=1800 audit(1721918551.857:437): pid=13432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2074" name="bus" dev="loop0" ino=18 res=0 errno=0
[  685.709777][ T6676] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  685.717240][T13433] vhci_hcd: connection closed
[  685.718369][ T6676] batman_adv: batadv0: Removing interface: batadv_slave_1
[  685.718864][ T6683] vhci_hcd: stop threads
[  685.747583][ T6683] vhci_hcd: release socket
[  685.766064][ T6683] vhci_hcd: disconnect device
[  685.785015][ T6676] veth1_macvtap: left promiscuous mode
[  685.798427][ T6676] veth0_macvtap: left promiscuous mode
[  685.804435][ T6676] veth1_vlan: left promiscuous mode
[  685.809848][ T6676] veth0_vlan: left promiscuous mode
[  685.818849][ T5280] vhci_hcd: vhci_device speed not set
[  686.483556][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  686.500043][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  687.795511][ T6676] team0 (unregistering): Port device team_slave_1 removed
[  687.906087][ T6676] team0 (unregistering): Port device team_slave_0 removed
[  688.291585][T13453] loop0: detected capacity change from 0 to 4096
[  688.310835][T13453] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  688.433749][T13453] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  688.458341][T13453] ntfs3: loop0: mft corrupted
[  688.463161][T13453] ntfs3: loop0: Failed to load $Extend (-22).
[  688.487561][T13453] ntfs3: loop0: Failed to initialize $Extend.
[  689.544634][T13239] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  689.563822][T13465] loop3: detected capacity change from 0 to 4096
[  689.595848][T13239] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  689.661031][T13239] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  689.671451][T13466] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  689.764717][   T29] audit: type=1800 audit(1721918555.928:438): pid=13465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2086" name="bus" dev="loop3" ino=18 res=0 errno=0
[  689.823061][   T29] audit: type=1800 audit(1721918555.978:439): pid=13465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2086" name="bus" dev="loop3" ino=18 res=0 errno=0
[  689.850368][T13239] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  689.916745][T13467] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  689.923306][T13467] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  689.961103][T13458] loop0: detected capacity change from 0 to 32768
[  689.970216][T13467] vhci_hcd vhci_hcd.0: Device attached
[  689.977286][T13458] XFS: noikeep mount option is deprecated.
[  690.066019][T13458] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  690.146857][   T29] audit: type=1800 audit(1721918556.307:440): pid=13470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2086" name="bus" dev="loop3" ino=18 res=0 errno=0
[  690.188605][    T8] vhci_hcd: vhci_device speed not set
[  690.197469][T13458] XFS (loop0): Ending clean mount
[  690.206416][T13458] XFS (loop0): Quotacheck needed: Please wait.
[  690.213202][T13468] vhci_hcd: connection closed
[  690.213654][ T6683] vhci_hcd: stop threads
[  690.223542][ T6683] vhci_hcd: release socket
[  690.228106][ T6683] vhci_hcd: disconnect device
[  690.260381][    T8] usb 15-1: new full-speed USB device number 3 using vhci_hcd
[  690.267944][    T8] usb 15-1: enqueue for inactive port 0
[  690.330739][T13458] XFS (loop0): Quotacheck: Done.
[  690.388346][T13239] 8021q: adding VLAN 0 to HW filter on device bond0
[  690.396453][    T8] vhci_hcd: vhci_device speed not set
[  690.428083][T13460] loop2: detected capacity change from 0 to 32768
[  690.464499][T13239] 8021q: adding VLAN 0 to HW filter on device team0
[  690.489191][T12039] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  690.526649][T13460] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  690.539130][ T5284] bridge0: port 1(bridge_slave_0) entered blocking state
[  690.546308][ T5284] bridge0: port 1(bridge_slave_0) entered forwarding state
[  690.556134][ T5284] bridge0: port 2(bridge_slave_1) entered blocking state
[  690.563256][ T5284] bridge0: port 2(bridge_slave_1) entered forwarding state
[  690.642307][T13460] XFS (loop2): Ending clean mount
[  690.778324][T13264] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  690.824741][T13264] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  690.857687][T13264] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  690.935635][T13264] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  690.996068][T12101] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  692.049331][   T11] bridge_slave_1: left allmulticast mode
[  692.075682][   T11] bridge_slave_1: left promiscuous mode
[  692.122510][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  692.190300][   T11] bridge_slave_0: left allmulticast mode
[  692.251188][   T11] bridge_slave_0: left promiscuous mode
[  692.293823][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  692.564663][T13509] tmpfs: Bad value for 'nr_inodes'
[  692.670717][T13515] loop2: detected capacity change from 0 to 512
[  692.686516][T13515] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent
[  695.239083][T13523] loop3: detected capacity change from 0 to 40427
[  695.328682][T13523] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  695.336511][T13523] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  695.360424][T13523] F2FS-fs (loop3): invalid crc value
[  696.163681][T13523] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-4)
[  697.055593][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  697.135096][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  697.191897][   T11] bond0 (unregistering): Released all slaves
[  697.321833][T13507] pimreg: entered allmulticast mode
[  698.564329][T13239] 8021q: adding VLAN 0 to HW filter on device batadv0
[  698.738201][T13264] 8021q: adding VLAN 0 to HW filter on device bond0
[  698.835982][T13528] loop0: detected capacity change from 0 to 32768
[  698.922572][T13264] 8021q: adding VLAN 0 to HW filter on device team0
[  698.968832][T13528] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  699.020756][T13549] loop2: detected capacity change from 0 to 2048
[  699.076076][T13528] XFS (loop0): Ending clean mount
[  699.084354][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  699.091542][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  699.129487][T13553] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  699.222915][   T11] hsr_slave_0: left promiscuous mode
[  699.253818][   T11] hsr_slave_1: left promiscuous mode
[  699.262222][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  699.282227][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  699.303798][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  699.322072][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  699.398985][   T11] veth1_macvtap: left promiscuous mode
[  699.410536][   T11] veth0_macvtap: left promiscuous mode
[  699.425354][T12039] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  699.432594][   T11] veth1_vlan: left promiscuous mode
[  699.439291][   T11] veth0_vlan: left promiscuous mode
[  699.749063][T13542] loop3: detected capacity change from 0 to 40427
[  699.777490][T13542] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288)
[  699.806003][T13542] F2FS-fs (loop3): heap/no_heap options were deprecated
[  699.828823][T13542] F2FS-fs (loop3): invalid crc value
[  699.836414][T13542] F2FS-fs (loop3): Found nat_bits in checkpoint
[  699.918164][T13542] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  699.963073][T13542] F2FS-fs (loop3): Try to recover all the superblocks, ret: 0
[  701.007009][   T11] team0 (unregistering): Port device team_slave_1 removed
[  701.186753][   T11] team0 (unregistering): Port device team_slave_0 removed
[  702.271966][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  702.279126][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  702.295008][T13568] netlink: 'syz.3.2108': attribute type 2 has an invalid length.
[  702.302761][T13568] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2108'.
[  702.347613][T13239] veth0_vlan: entered promiscuous mode
[  702.371826][T13239] veth1_vlan: entered promiscuous mode
[  702.577523][T13573] loop2: detected capacity change from 0 to 512
[  702.616744][T13573] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent
[  702.744414][T13264] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  702.755263][T13264] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  703.231196][T13239] veth0_macvtap: entered promiscuous mode
[  703.451978][T13239] veth1_macvtap: entered promiscuous mode
[  703.613061][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.648828][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.676208][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.716182][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.725437][T13585] loop2: detected capacity change from 0 to 512
[  703.736210][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.766220][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.801939][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.835163][T13585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  703.850068][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.886766][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.919272][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.932215][T13585] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  703.966370][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  704.008070][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.058415][T13239] batman_adv: batadv0: Interface activated: batadv_slave_0
[  704.122860][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.148519][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.189389][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.204549][T13576] loop0: detected capacity change from 0 to 40427
[  704.220586][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.244590][T13576] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  704.266615][T13576] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  704.283841][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.301539][T13585] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.2112: Directory hole found for htree leaf block 0
[  704.314619][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.314647][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.338818][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.352776][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.365186][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.382572][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.387920][T13576] F2FS-fs (loop0): Found nat_bits in checkpoint
[  704.393942][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.453313][T13239] batman_adv: batadv0: Interface activated: batadv_slave_1
[  704.481768][T13239] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  704.496488][T13239] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  704.512484][T13239] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  704.556955][T13239] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  704.600389][T12101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  704.622377][T13576] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  704.638523][T13576] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  704.684744][T13264] 8021q: adding VLAN 0 to HW filter on device batadv0
[  705.164756][T13583] loop3: detected capacity change from 0 to 32768
[  705.208787][T13583] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2113 (13583)
[  705.248526][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  705.309179][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  705.419969][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  705.450416][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  705.519522][T13583] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  705.689844][T13583] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  705.706250][T13583] BTRFS info (device loop3): using free-space-tree
[  706.696878][T13583] BTRFS info (device loop3): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  706.840015][T13264] veth0_vlan: entered promiscuous mode
[  706.861812][T13264] veth1_vlan: entered promiscuous mode
[  706.884801][T13630] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  706.917255][ T9137] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  706.947070][T13264] veth0_macvtap: entered promiscuous mode
[  706.974406][T13264] veth1_macvtap: entered promiscuous mode
[  707.081621][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  707.118968][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.498163][T13633] loop0: detected capacity change from 0 to 65536
[  707.575396][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  707.611309][T13633] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  707.642320][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.663579][T13633] XFS (loop0): Ending clean mount
[  707.673124][T13633] XFS (loop0): Quotacheck needed: Please wait.
[  707.698302][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  707.743320][T13634] loop2: detected capacity change from 0 to 1024
[  707.766293][T13633] XFS (loop0): Quotacheck: Done.
[  707.767661][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.839316][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  707.880863][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.919353][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  707.941569][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.133821][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  708.762299][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.789736][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  708.800452][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.828989][T13264] batman_adv: batadv0: Interface activated: batadv_slave_0
[  708.858242][T12039] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  708.977924][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  709.000128][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.010187][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  709.021553][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.038084][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  709.050287][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.062211][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  709.074636][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.095121][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  709.106523][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.116486][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  709.139909][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.149748][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  709.162927][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.188802][T13251] hfsplus: b-tree write err: -5, ino 4
[  709.197706][T13264] batman_adv: batadv0: Interface activated: batadv_slave_1
[  709.233016][T13264] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  709.252610][T13264] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  709.273392][T13264] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  709.297477][T13264] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  709.437431][T13648] loop3: detected capacity change from 0 to 32768
[  709.445439][T13648] XFS: attr2 mount option is deprecated.
[  709.451555][T13648] XFS (loop3): stripe width (220) must be a multiple of the stripe unit (155)
[  709.889520][T13666] loop2: detected capacity change from 0 to 2048
[  709.908329][T13666] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  709.921024][T13666] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  709.969912][T13666] Process accounting resumed
[  710.722269][T13665] loop3: detected capacity change from 0 to 40427
[  710.730221][T13665] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  710.740821][T13665] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  710.772408][T13665] F2FS-fs (loop3): Found nat_bits in checkpoint
[  710.866318][T13665] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  710.879139][T13665] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  712.179875][T13679] loop0: detected capacity change from 0 to 32768
[  712.228021][T13679] JFS: metapage_get_blocks failed
[  712.246187][T13679] ERROR: (device loop0): release_metapage: metapage_write_one() failed
[  712.246187][T13679] 
[  712.252815][T13685] ax25_connect(): syz.3.2128 uses autobind, please contact jreuter@yaina.de
[  712.257327][T13679] ERROR: (device loop0): remounting filesystem as read-only
[  712.342110][  T112] blkno = 5002c, nblocks = 1
[  712.346778][  T112] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map
[  712.346778][  T112] 
[  713.098484][T13687] loop3: detected capacity change from 0 to 65536
[  713.219311][T13687] XFS (loop3): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  713.272254][T13687] XFS (loop3): Ending clean mount
[  713.280509][T13687] XFS (loop3): Quotacheck needed: Please wait.
[  713.417125][T13687] XFS (loop3): Quotacheck: Done.
[  714.198658][ T5245] Bluetooth: hci5: command 0x0406 tx timeout
[  714.447489][ T9137] XFS (loop3): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  715.552960][    C0] DEBUG: waiting rtnl_mutex for 519 jiffies.
[  715.559081][    C0] task:syz.2.2126      state:D stack:27392 pid:13670 tgid:13667 ppid:12101  flags:0x00004006
[  715.569315][    C0] Call Trace:
[  715.572601][    C0]  <TASK>
[  715.575554][    C0]  __schedule+0x1800/0x4a60
[  715.580083][    C0]  ? __pfx___schedule+0x10/0x10
[  715.584960][    C0]  ? __pfx_lock_release+0x10/0x10
[  715.589993][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  715.595494][    C0]  ? schedule+0x90/0x320
[  715.599755][    C0]  schedule+0x14b/0x320
[  715.603930][    C0]  schedule_preempt_disabled+0x13/0x30
[  715.609409][    C0]  __mutex_lock+0x6a4/0xd70
[  715.613949][    C0]  ? __mutex_lock+0x527/0xd70
[  715.618652][    C0]  ? do_ip_setsockopt+0x127d/0x3cd0
[  715.623893][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  715.628959][    C0]  ? get_rtnl_holder+0x144/0x190
[  715.633948][    C0]  do_ip_setsockopt+0x127d/0x3cd0
[  715.639023][    C0]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  715.644430][    C0]  ? aa_sk_perm+0x96d/0xab0
[  715.648971][    C0]  ? __pfx_aa_sk_perm+0x10/0x10
[  715.653852][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  715.658880][    C0]  ? aa_sock_opt_perm+0x79/0x120
[  715.663850][    C0]  ip_setsockopt+0x63/0x100
[  715.668364][    C0]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  715.674364][    C0]  do_sock_setsockopt+0x3af/0x720
[  715.679394][    C0]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  715.684957][    C0]  ? __fget_files+0x29/0x470
[  715.689551][    C0]  ? __fget_files+0x3f6/0x470
[  715.694251][    C0]  __sys_setsockopt+0x1ae/0x250
[  715.699121][    C0]  __x64_sys_setsockopt+0xb5/0xd0
[  715.704196][    C0]  do_syscall_64+0xf3/0x230
[  715.708755][    C0]  ? clear_bhb_loop+0x35/0x90
[  715.713478][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.719399][    C0] RIP: 0033:0x7fd3bf975f19
[  715.723827][    C0] RSP: 002b:00007fd3bf3ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  715.732254][    C0] RAX: ffffffffffffffda RBX: 00007fd3bfb06110 RCX: 00007fd3bf975f19
[  715.740244][    C0] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000003
[  715.748232][    C0] RBP: 00007fd3bf9e4e68 R08: 0000000000000088 R09: 0000000000000000
[  715.756231][    C0] R10: 0000000020001180 R11: 0000000000000246 R12: 0000000000000000
[  715.764215][    C0] R13: 000000000000006e R14: 00007fd3bfb06110 R15: 00007ffef6347b68
[  715.772228][    C0]  </TASK>
[  715.775272][    C0] DEBUG: waiting rtnl_mutex for 536 jiffies.
[  715.781249][    C0] task:syz.2.2126      state:D stack:27392 pid:13671 tgid:13667 ppid:12101  flags:0x00000004
[  715.791431][    C0] Call Trace:
[  715.794724][    C0]  <TASK>
[  715.797662][    C0]  __schedule+0x1800/0x4a60
[  715.802192][    C0]  ? __pfx___schedule+0x10/0x10
[  715.807082][    C0]  ? __pfx_lock_release+0x10/0x10
[  715.812150][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  715.817661][    C0]  ? schedule+0x90/0x320
[  715.821921][    C0]  schedule+0x14b/0x320
[  715.826105][    C0]  schedule_preempt_disabled+0x13/0x30
[  715.831582][    C0]  __mutex_lock+0x6a4/0xd70
[  715.836117][    C0]  ? __mutex_lock+0x527/0xd70
[  715.840811][    C0]  ? do_ip_getsockopt+0x10f5/0x2940
[  715.846043][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  715.851080][    C0]  ? get_rtnl_holder+0x144/0x190
[  715.856043][    C0]  do_ip_getsockopt+0x10f5/0x2940
[  715.861160][    C0]  ? __lock_acquire+0x1384/0x2050
[  715.866203][    C0]  ? cgroup_rstat_updated+0x13b/0xc60
[  715.871581][    C0]  ? __pfx_do_ip_getsockopt+0x10/0x10
[  715.876990][    C0]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  715.882380][    C0]  ? count_memcg_event_mm+0x94/0x420
[  715.887697][    C0]  ? __pfx___might_resched+0x10/0x10
[  715.893122][    C0]  ? __lock_acquire+0x1384/0x2050
[  715.898178][    C0]  ? aa_sk_perm+0x96d/0xab0
[  715.902689][    C0]  ip_getsockopt+0xed/0x2e0
[  715.907223][    C0]  ? __pfx_ip_getsockopt+0x10/0x10
[  715.912354][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  715.917413][    C0]  ? aa_sock_opt_perm+0x79/0x120
[  715.922373][    C0]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  715.928304][    C0]  do_sock_getsockopt+0x373/0x850
[  715.933357][    C0]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  715.938925][    C0]  ? __fget_files+0x3f6/0x470
[  715.943643][    C0]  __sys_getsockopt+0x271/0x330
[  715.948506][    C0]  ? __pfx___sys_getsockopt+0x10/0x10
[  715.953935][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  715.960305][    C0]  ? exc_page_fault+0x590/0x8c0
[  715.965226][    C0]  __x64_sys_getsockopt+0xb5/0xd0
[  715.970296][    C0]  do_syscall_64+0xf3/0x230
[  715.974828][    C0]  ? clear_bhb_loop+0x35/0x90
[  715.979511][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.985445][    C0] RIP: 0033:0x7fd3bf975f19
[  715.989871][    C0] RSP: 002b:00007fd3bf3de048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  715.998311][    C0] RAX: ffffffffffffffda RBX: 00007fd3bfb061e8 RCX: 00007fd3bf975f19
[  716.006314][    C0] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000003
[  716.014302][    C0] RBP: 00007fd3bf9e4e68 R08: 0000000020001000 R09: 0000000000000000
[  716.022278][    C0] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[  716.030291][    C0] R13: 000000000000006e R14: 00007fd3bfb061e8 R15: 00007ffef6347b68
[  716.038323][    C0]  </TASK>
[  716.041351][    C0] DEBUG: waiting rtnl_mutex for 651 jiffies.
[  716.047350][    C0] task:syz-executor    state:D stack:20080 pid:13264 tgid:13264 ppid:13238  flags:0x00004000
[  716.057541][    C0] Call Trace:
[  716.060839][    C0]  <TASK>
[  716.063823][    C0]  __schedule+0x1800/0x4a60
[  716.068381][    C0]  ? __pfx___schedule+0x10/0x10
[  716.073276][    C0]  ? __pfx_lock_release+0x10/0x10
[  716.078345][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  716.083851][    C0]  ? schedule+0x90/0x320
[  716.088121][    C0]  schedule+0x14b/0x320
[  716.092285][    C0]  schedule_preempt_disabled+0x13/0x30
[  716.097795][    C0]  __mutex_lock+0x6a4/0xd70
[  716.102315][    C0]  ? __mutex_lock+0x527/0xd70
[  716.107025][    C0]  ? ieee80211_register_hw+0x2c4e/0x3e10
[  716.112669][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  716.117748][    C0]  ? get_rtnl_holder+0x144/0x190
[  716.122728][    C0]  ieee80211_register_hw+0x2c4e/0x3e10
[  716.128222][    C0]  ? ieee80211_register_hw+0x1581/0x3e10
[  716.133880][    C0]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  716.139697][    C0]  ? __asan_memset+0x23/0x50
[  716.144313][    C0]  ? __hrtimer_init+0x170/0x250
[  716.149177][    C0]  mac80211_hwsim_new_radio+0x2a9f/0x4a90
[  716.154955][    C0]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  716.161037][    C0]  hwsim_new_radio_nl+0xece/0x2290
[  716.166189][    C0]  ? __pfx___nla_validate_parse+0x10/0x10
[  716.171929][    C0]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  716.177544][    C0]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  716.183938][    C0]  genl_rcv_msg+0xb14/0xec0
[  716.188472][    C0]  ? mark_lock+0x9a/0x360
[  716.192816][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  716.197880][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  716.202918][    C0]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  716.208514][    C0]  ? __pfx___might_resched+0x10/0x10
[  716.213828][    C0]  netlink_rcv_skb+0x1e3/0x430
[  716.218688][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  716.223736][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  716.229033][    C0]  ? __netlink_deliver_tap+0x77e/0x7c0
[  716.234522][    C0]  genl_rcv+0x28/0x40
[  716.238514][    C0]  netlink_unicast+0x7f6/0x990
[  716.243326][    C0]  ? __pfx_netlink_unicast+0x10/0x10
[  716.248619][    C0]  ? __virt_addr_valid+0x183/0x530
[  716.253750][    C0]  ? __check_object_size+0x49c/0x900
[  716.259032][    C0]  ? bpf_lsm_netlink_send+0x9/0x10
[  716.264235][    C0]  netlink_sendmsg+0x8e4/0xcb0
[  716.269061][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  716.274388][    C0]  ? aa_sock_msg_perm+0x91/0x160
[  716.279336][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  716.284661][    C0]  ? security_socket_sendmsg+0x87/0xb0
[  716.290137][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  716.295452][    C0]  __sock_sendmsg+0x221/0x270
[  716.300137][    C0]  __sys_sendto+0x3a4/0x4f0
[  716.304664][    C0]  ? __pfx___sys_sendto+0x10/0x10
[  716.309703][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  716.315737][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  716.322070][    C0]  __x64_sys_sendto+0xde/0x100
[  716.326855][    C0]  do_syscall_64+0xf3/0x230
[  716.331380][    C0]  ? clear_bhb_loop+0x35/0x90
[  716.336084][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.341972][    C0] RIP: 0033:0x7f6bfc577cac
[  716.346403][    C0] RSP: 002b:00007ffff8c4c1d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  716.354854][    C0] RAX: ffffffffffffffda RBX: 00007f6bfd234620 RCX: 00007f6bfc577cac
[  716.362851][    C0] RDX: 0000000000000024 RSI: 00007f6bfd234670 RDI: 0000000000000003
[  716.370838][    C0] RBP: 0000000000000000 R08: 00007ffff8c4c224 R09: 000000000000000c
[  716.378834][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  716.386818][    C0] R13: 0000000000000000 R14: 00007f6bfd234670 R15: 0000000000000000
[  716.394831][    C0]  </TASK>
[  716.397853][    C0] DEBUG: waiting rtnl_mutex for 685 jiffies.
[  716.403864][    C0] task:kworker/u8:19   state:D stack:20464 pid:6697  tgid:6697  ppid:2      flags:0x00004000
[  716.414074][    C0] Workqueue: ipv6_addrconf addrconf_dad_work
[  716.420074][    C0] Call Trace:
[  716.423383][    C0]  <TASK>
[  716.426358][    C0]  __schedule+0x1800/0x4a60
[  716.430913][    C0]  ? __pfx___schedule+0x10/0x10
[  716.435806][    C0]  ? __pfx_lock_release+0x10/0x10
[  716.440843][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  716.446320][    C0]  ? kthread_data+0x52/0xd0
[  716.450826][    C0]  ? schedule+0x90/0x320
[  716.455083][    C0]  ? wq_worker_sleeping+0x66/0x240
[  716.460197][    C0]  ? schedule+0x90/0x320
[  716.464482][    C0]  schedule+0x14b/0x320
[  716.468647][    C0]  schedule_preempt_disabled+0x13/0x30
[  716.474123][    C0]  __mutex_lock+0x6a4/0xd70
[  716.478639][    C0]  ? __mutex_lock+0x527/0xd70
[  716.483356][    C0]  ? addrconf_dad_work+0xd0/0x16f0
[  716.488488][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  716.493535][    C0]  ? get_rtnl_holder+0x144/0x190
[  716.498497][    C0]  addrconf_dad_work+0xd0/0x16f0
[  716.503482][    C0]  ? __pfx_addrconf_dad_work+0x10/0x10
[  716.508997][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  716.515387][    C0]  ? process_scheduled_works+0x945/0x1830
[  716.521150][    C0]  process_scheduled_works+0xa2c/0x1830
[  716.526757][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  716.532762][    C0]  ? assign_work+0x364/0x3d0
[  716.537398][    C0]  worker_thread+0x86d/0xd40
[  716.542011][    C0]  ? __kthread_parkme+0x169/0x1d0
[  716.547067][    C0]  ? __pfx_worker_thread+0x10/0x10
[  716.552190][    C0]  kthread+0x2f0/0x390
[  716.556280][    C0]  ? __pfx_worker_thread+0x10/0x10
[  716.561481][    C0]  ? __pfx_kthread+0x10/0x10
[  716.566089][    C0]  ret_from_fork+0x4b/0x80
[  716.570593][    C0]  ? __pfx_kthread+0x10/0x10
[  716.575200][    C0]  ret_from_fork_asm+0x1a/0x30
[  716.579986][    C0]  </TASK>
[  716.583004][    C0] DEBUG: holding rtnl_mutex for 697 jiffies.
[  716.589041][    C0] task:syz.1.2122      state:D stack:24672 pid:13654 tgid:13654 ppid:13239  flags:0x00004006
[  716.599258][    C0] Call Trace:
[  716.602535][    C0]  <TASK>
[  716.605501][    C0]  __schedule+0x1800/0x4a60
[  716.610034][    C0]  ? __pfx___schedule+0x10/0x10
[  716.614917][    C0]  ? __pfx_lock_release+0x10/0x10
[  716.619948][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  716.625877][    C0]  ? schedule+0x90/0x320
[  716.630145][    C0]  schedule+0x14b/0x320
[  716.634364][    C0]  synchronize_rcu_expedited+0x684/0x830
[  716.640009][    C0]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  716.646199][    C0]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  716.651501][    C0]  ? __pfx___might_resched+0x10/0x10
[  716.656812][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  716.662803][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[  716.668921][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  716.675305][    C0]  synchronize_rcu+0x11b/0x360
[  716.680085][    C0]  ? __pfx_synchronize_rcu+0x10/0x10
[  716.685416][    C0]  lockdep_unregister_key+0x4b7/0x540
[  716.690805][    C0]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  716.696725][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  716.701935][    C0]  ? __qdisc_destroy+0x150/0x410
[  716.706955][    C0]  ? kfree+0x149/0x360
[  716.711027][    C0]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[  716.716603][    C0]  __qdisc_destroy+0x165/0x410
[  716.721382][    C0]  dev_shutdown+0x9b/0x450
[  716.725817][    C0]  unregister_netdevice_many_notify+0x97b/0x1c40
[  716.732164][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  716.738972][    C0]  ? __asan_memset+0x23/0x50
[  716.743599][    C0]  ? skb_queue_purge_reason+0x2de/0x500
[  716.749191][    C0]  ? __asan_memset+0x23/0x50
[  716.753829][    C0]  ? skb_queue_purge_reason+0x2de/0x500
[  716.759418][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  716.764657][    C0]  unregister_netdevice_queue+0x303/0x370
[  716.770395][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  716.776675][    C0]  __tun_detach+0x6b9/0x1600
[  716.781290][    C0]  tun_chr_close+0x108/0x1b0
[  716.785900][    C0]  ? __pfx_tun_chr_close+0x10/0x10
[  716.791027][    C0]  __fput+0x24a/0x8a0
[  716.795058][    C0]  task_work_run+0x24f/0x310
[  716.799665][    C0]  ? __pfx_task_work_run+0x10/0x10
[  716.804837][    C0]  ? syscall_exit_to_user_mode+0xa3/0x370
[  716.810587][    C0]  syscall_exit_to_user_mode+0x168/0x370
[  716.816267][    C0]  do_syscall_64+0x100/0x230
[  716.820878][    C0]  ? clear_bhb_loop+0x35/0x90
[  716.825602][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.831500][    C0] RIP: 0033:0x7fc45df75f19
[  716.835948][    C0] RSP: 002b:00007ffcfc8b6ba8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  716.844433][    C0] RAX: 0000000000000000 RBX: 00007fc45e107a60 RCX: 00007fc45df75f19
[  716.852444][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  716.860619][    C0] RBP: 00007fc45e107a60 R08: 00007fc45e0f2000 R09: 00000008fc8b6ecf
[  716.868657][    C0] R10: 00000000003ffd54 R11: 0000000000000246 R12: 00000000000ad2d3
[  716.876669][    C0] R13: 0000000000000032 R14: 00007fc45e107a60 R15: 00007fc45e1061e8
[  716.884675][    C0]  </TASK>
[  716.887696][    C0] DEBUG: waiting rtnl_mutex for 695 jiffies.
[  716.893703][    C0] task:kworker/0:1     state:D stack:20216 pid:9     tgid:9     ppid:2      flags:0x00004000
[  716.903887][    C0] Workqueue: events linkwatch_event
[  716.909089][    C0] Call Trace:
[  716.912363][    C0]  <TASK>
[  716.915310][    C0]  __schedule+0x1800/0x4a60
[  716.919844][    C0]  ? __pfx___schedule+0x10/0x10
[  716.924969][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  716.930993][    C0]  ? __pfx_lock_release+0x10/0x10
[  716.936047][    C0]  ? kick_pool+0x1bd/0x620
[  716.940480][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  716.945706][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  716.950913][    C0]  ? schedule+0x90/0x320
[  716.955212][    C0]  schedule+0x14b/0x320
[  716.959409][    C0]  schedule_preempt_disabled+0x13/0x30
[  716.964907][    C0]  __mutex_lock+0x6a4/0xd70
[  716.969427][    C0]  ? __mutex_lock+0x527/0xd70
[  716.974147][    C0]  ? linkwatch_event+0xe/0x60
[  716.978863][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  716.983924][    C0]  ? get_rtnl_holder+0x144/0x190
[  716.988878][    C0]  ? process_scheduled_works+0x945/0x1830
[  716.994642][    C0]  linkwatch_event+0xe/0x60
[  716.999153][    C0]  process_scheduled_works+0xa2c/0x1830
[  717.004778][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  717.010790][    C0]  ? assign_work+0x364/0x3d0
[  717.015436][    C0]  worker_thread+0x86d/0xd40
[  717.020066][    C0]  ? __kthread_parkme+0x169/0x1d0
[  717.025169][    C0]  ? __pfx_worker_thread+0x10/0x10
[  717.030314][    C0]  kthread+0x2f0/0x390
[  717.034426][    C0]  ? __pfx_worker_thread+0x10/0x10
[  717.039572][    C0]  ? __pfx_kthread+0x10/0x10
[  717.044216][    C0]  ret_from_fork+0x4b/0x80
[  717.048670][    C0]  ? __pfx_kthread+0x10/0x10
[  717.053262][    C0]  ret_from_fork_asm+0x1a/0x30
[  717.058069][    C0]  </TASK>
[  717.061088][    C0] DEBUG: waiting rtnl_mutex for 681 jiffies.
[  717.067086][    C0] task:syz.2.2126      state:D stack:26816 pid:13668 tgid:13667 ppid:12101  flags:0x00000004
[  717.077278][    C0] Call Trace:
[  717.080561][    C0]  <TASK>
[  717.083539][    C0]  __schedule+0x1800/0x4a60
[  717.088085][    C0]  ? __pfx___schedule+0x10/0x10
[  717.092948][    C0]  ? __pfx_lock_release+0x10/0x10
[  717.098006][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  717.103517][    C0]  ? schedule+0x90/0x320
[  717.107789][    C0]  schedule+0x14b/0x320
[  717.111958][    C0]  schedule_preempt_disabled+0x13/0x30
[  717.117445][    C0]  __mutex_lock+0x6a4/0xd70
[  717.121961][    C0]  ? __mutex_lock+0x527/0xd70
[  717.126670][    C0]  ? do_ip_setsockopt+0x127d/0x3cd0
[  717.131879][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  717.136942][    C0]  ? get_rtnl_holder+0x144/0x190
[  717.141903][    C0]  do_ip_setsockopt+0x127d/0x3cd0
[  717.146992][    C0]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  717.152380][    C0]  ? aa_sk_perm+0x96d/0xab0
[  717.156924][    C0]  ? __pfx_aa_sk_perm+0x10/0x10
[  717.161813][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  717.166899][    C0]  ? aa_sock_opt_perm+0x79/0x120
[  717.171879][    C0]  ip_setsockopt+0x63/0x100
[  717.176408][    C0]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  717.182307][    C0]  do_sock_setsockopt+0x3af/0x720
[  717.187368][    C0]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  717.192913][    C0]  ? __fget_files+0x29/0x470
[  717.197527][    C0]  ? __fget_files+0x3f6/0x470
[  717.202215][    C0]  __sys_setsockopt+0x1ae/0x250
[  717.207088][    C0]  __x64_sys_setsockopt+0xb5/0xd0
[  717.212122][    C0]  do_syscall_64+0xf3/0x230
[  717.216650][    C0]  ? clear_bhb_loop+0x35/0x90
[  717.221334][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.227264][    C0] RIP: 0033:0x7fd3bf975f19
[  717.231684][    C0] RSP: 002b:00007fd3c0682048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  717.240114][    C0] RAX: ffffffffffffffda RBX: 00007fd3bfb05f60 RCX: 00007fd3bf975f19
[  717.248144][    C0] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000003
[  717.256154][    C0] RBP: 00007fd3bf9e4e68 R08: 0000000000000088 R09: 0000000000000000
[  717.264149][    C0] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[  717.272134][    C0] R13: 000000000000000b R14: 00007fd3bfb05f60 R15: 00007ffef6347b68
[  717.280139][    C0]  </TASK>
[  717.283156][    C0] DEBUG: waiting rtnl_mutex for 697 jiffies.
[  717.289155][    C0] task:syz.2.2126      state:D stack:27392 pid:13669 tgid:13667 ppid:12101  flags:0x00000004
[  717.299344][    C0] Call Trace:
[  717.302628][    C0]  <TASK>
[  717.305591][    C0]  __schedule+0x1800/0x4a60
[  717.310150][    C0]  ? __pfx___schedule+0x10/0x10
[  717.315067][    C0]  ? __pfx_lock_release+0x10/0x10
[  717.320101][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  717.325589][    C0]  ? schedule+0x90/0x320
[  717.329830][    C0]  schedule+0x14b/0x320
[  717.334003][    C0]  schedule_preempt_disabled+0x13/0x30
[  717.339456][    C0]  __mutex_lock+0x6a4/0xd70
[  717.344094][    C0]  ? __mutex_lock+0x527/0xd70
[  717.348803][    C0]  ? do_ip_setsockopt+0x127d/0x3cd0
[  717.354055][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  717.359095][    C0]  ? get_rtnl_holder+0x144/0x190
[  717.364097][    C0]  do_ip_setsockopt+0x127d/0x3cd0
[  717.369135][    C0]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  717.374526][    C0]  ? aa_sk_perm+0x96d/0xab0
[  717.379033][    C0]  ? __pfx_aa_sk_perm+0x10/0x10
[  717.383926][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  717.388983][    C0]  ? aa_sock_opt_perm+0x79/0x120
[  717.393961][    C0]  ip_setsockopt+0x63/0x100
[  717.398576][    C0]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  717.404494][    C0]  do_sock_setsockopt+0x3af/0x720
[  717.409524][    C0]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  717.415087][    C0]  ? __fget_files+0x29/0x470
[  717.419673][    C0]  ? __fget_files+0x3f6/0x470
[  717.424376][    C0]  __sys_setsockopt+0x1ae/0x250
[  717.429249][    C0]  __x64_sys_setsockopt+0xb5/0xd0
[  717.434296][    C0]  do_syscall_64+0xf3/0x230
[  717.438808][    C0]  ? clear_bhb_loop+0x35/0x90
[  717.443497][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.449421][    C0] RIP: 0033:0x7fd3bf975f19
[  717.453876][    C0] RSP: 002b:00007fd3c0661048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  717.462290][    C0] RAX: ffffffffffffffda RBX: 00007fd3bfb06038 RCX: 00007fd3bf975f19
[  717.470286][    C0] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000003
[  717.478268][    C0] RBP: 00007fd3bf9e4e68 R08: 0000000000000088 R09: 0000000000000000
[  717.486248][    C0] R10: 0000000020001040 R11: 0000000000000246 R12: 0000000000000000
[  717.494248][    C0] R13: 000000000000006e R14: 00007fd3bfb06038 R15: 00007ffef6347b68
[  717.502251][    C0]  </TASK>
[  717.505323][    C0] 
[  717.505323][    C0] Showing all locks held in the system:
[  717.513047][    C0] 3 locks held by kworker/0:1/9:
[  717.518001][    C0]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  717.529033][    C0]  #1: ffffc900000e7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  717.540037][    C0]  #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  717.549048][    C0] 2 locks held by getty/4979:
[  717.553751][    C0]  #0: ffff88802f6310a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  717.563713][    C0]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  717.573861][    C0] 3 locks held by kworker/u8:19/6697:
[  717.579240][    C0]  #0: ffff88802a990148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  717.590835][    C0]  #1: ffffc90003bdfd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  717.603687][    C0]  #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  717.613167][    C0] 3 locks held by syz-executor/13264:
[  717.618560][    C0]  #0: ffffffff8fce80d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  717.626764][    C0]  #1: ffffffff8fce7f88 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[  717.635763][    C0]  #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_register_hw+0x2c4e/0x3e10
[  717.645723][    C0] 2 locks held by syz.1.2122/13654:
[  717.650914][    C0]  #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  717.659914][    C0]  #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  717.670857][    C0] 1 lock held by syz.2.2126/13668:
[  717.675972][    C0]  #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0
[  717.685486][    C0] 1 lock held by syz.2.2126/13669:
[  717.690589][    C0]  #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0
[  717.700117][    C0] 1 lock held by syz.2.2126/13670:
[  717.705246][    C0]  #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0
[  717.714772][    C0] 1 lock held by syz.2.2126/13671:
[  717.719908][    C0]  #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_getsockopt+0x10f5/0x2940
[  717.729433][    C0] 2 locks held by syz.0.2131/13703:
[  717.734633][    C0]  #0: ffffffff8fc75b10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[  717.744080][    C0]  #1: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  717.754112][    C0] 1 lock held by syz.3.2132/13707:
[  717.759235][    C0]  #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  717.768712][    C0] 1 lock held by syz.3.2132/13708:
[  717.773894][    C0]  #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  717.783309][    C0] 
[  717.785643][    C0] =============================================
[  717.785643][    C0] 
[  718.399529][ T6697] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  718.453183][ T6697] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  718.464033][T13713] loop3: detected capacity change from 0 to 128
[  718.502305][ T6688] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  718.518399][ T6688] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  718.573334][ T9137] sysv_free_block: flc_count > flc_size
[  718.603111][ T9137] sysv_free_block: flc_count > flc_size
[  718.624822][ T9137] sysv_free_block: flc_count > flc_size
[  718.630410][ T9137] sysv_free_block: flc_count > flc_size
[  718.653172][ T9137] sysv_free_block: flc_count > flc_size
[  718.685081][ T9137] sysv_free_block: flc_count > flc_size
[  718.690660][ T9137] sysv_free_block: flc_count > flc_size
[  718.722130][ T9137] sysv_free_block: flc_count > flc_size
[  718.739789][ T9137] sysv_free_block: flc_count > flc_size
[  718.751117][T13721] netlink: 'syz.4.2023': attribute type 2 has an invalid length.
[  718.758542][ T9137] sysv_free_block: flc_count > flc_size
[  718.758876][T13721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2023'.
[  718.770690][T13718] loop1: detected capacity change from 0 to 1024
[  718.780605][T13722] loop0: detected capacity change from 0 to 512
[  718.789120][T13724] netlink: 'syz.2.2139': attribute type 1 has an invalid length.
[  718.798261][T13718] EXT4-fs: Ignoring removed mblk_io_submit option
[  718.798855][ T9137] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  718.803303][T13722] ext4: Unknown parameter 'noacl'
[  718.805404][T13724] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2139'.
[  718.927980][T13718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  718.935153][T13729] loop3: detected capacity change from 0 to 128
[  719.049167][T13239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.058245][T13729] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  719.058558][T13729] ext4 filesystem being mounted at /320/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  719.260314][ T9137] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  719.611508][T13758] netlink: 'syz.0.2150': attribute type 1 has an invalid length.
[  719.612343][T13759] loop3: detected capacity change from 0 to 2048
[  719.650965][T13758] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2150'.
[  719.660625][T13761] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  719.934052][ T5229] Bluetooth: hci4: unexpected event for opcode 0x0c6d
[  719.952926][T13766] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  719.970830][T13767] loop0: detected capacity change from 0 to 512
[  720.066776][T13768] loop2: detected capacity change from 0 to 4096
[  720.075367][T13767] EXT4-fs (loop0): orphan cleanup on readonly fs
[  720.081822][T13767] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  720.084997][T13768] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  720.094065][T13767] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  720.116987][T13767] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  720.127690][T13767] EXT4-fs (loop0): 1 truncate cleaned up
[  720.134598][T13767] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  720.143201][T13774] bridge0: entered promiscuous mode
[  720.245996][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.382194][T13770] block device autoloading is deprecated and will be removed.
[  720.460624][T13769] bridge0: left promiscuous mode
[  720.508855][T13768] ntfs3: loop2: ino=1d, "file0" attr_set_size
[  720.609855][T13791] tmpfs: Bad value for 'mpol'
[  720.631013][T13789] loop1: detected capacity change from 0 to 2048
[  720.658407][T13791] vlan2: entered promiscuous mode
[  720.678488][T13791] bond0: entered promiscuous mode
[  720.693449][T13791] bond_slave_0: entered promiscuous mode
[  720.714358][T13791] bond_slave_1: entered promiscuous mode
[  720.725133][T13797] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  720.746638][T13791] bond0: left promiscuous mode
[  720.754909][T13791] bond_slave_0: left promiscuous mode
[  720.760665][T13791] bond_slave_1: left promiscuous mode
[  721.132842][T13811] loop3: detected capacity change from 0 to 512
[  721.164292][T13811] EXT4-fs (loop3): orphan cleanup on readonly fs
[  721.181174][T13811] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0
[  721.241688][T13811] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  721.292588][T13811] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  721.310685][T13811] EXT4-fs (loop3): 1 truncate cleaned up
[  721.320886][T13811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  721.392631][ T9137] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.428502][   T52] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  721.479202][T13824] netlink: 'syz.2.2174': attribute type 7 has an invalid length.
[  721.555973][T13824] Êü: entered promiscuous mode
[  721.655050][ T5280] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  721.735222][   T52] usb 1-1: Using ep0 maxpacket: 8
[  721.783046][   T52] usb 1-1: config 0 has no interfaces?
[  721.879594][   T52] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  721.935168][ T5280] usb 5-1: Using ep0 maxpacket: 32
[  721.991751][ T5280] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  722.010728][   T52] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  722.229578][   T52] usb 1-1: Product: syz
[  722.233799][   T52] usb 1-1: Manufacturer: syz
[  722.239078][   T52] usb 1-1: SerialNumber: syz
[  722.247756][ T5280] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  722.266467][ T5229] Bluetooth: hci4: command 0x0406 tx timeout
[  722.281091][   T52] usb 1-1: config 0 descriptor??
[  722.287078][ T5280] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  722.305278][ T5280] usb 5-1: Product: syz
[  722.311998][ T5280] usb 5-1: Manufacturer: syz
[  722.316844][ T5280] usb 5-1: SerialNumber: syz
[  722.324299][ T5280] usb 5-1: config 0 descriptor??
[  722.331738][T13820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  722.359149][ T5280] hub 5-1:0.0: bad descriptor, ignoring hub
[  722.370401][ T5280] hub 5-1:0.0: probe with driver hub failed with error -5
[  722.385391][ T5280] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input25
[  722.711828][ T5280] usb 5-1: USB disconnect, device number 19
[  722.717753][    C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  722.935023][ T9255] usb 1-1: USB disconnect, device number 24
[  722.959131][T13844] loop1: detected capacity change from 0 to 256
[  723.038438][T13842] loop2: detected capacity change from 0 to 8192
[  723.069298][T13842] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  723.314635][T13854] loop1: detected capacity change from 0 to 256
[  723.338649][T13854] FAT-fs (loop1): bogus sectors per cluster 223
[  723.345894][T13850] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  723.379731][T13854] FAT-fs (loop1): Can't find a valid FAT filesystem
[  723.424700][T13854] loop1: detected capacity change from 0 to 8
[  723.776698][T13870] loop0: detected capacity change from 0 to 1024
[  723.795721][ T5287] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  724.004174][ T5229] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  724.014754][ T5229] Bluetooth: hci4: Injecting HCI hardware error event
[  724.026075][ T5229] Bluetooth: hci4: hardware error 0x00
[  724.153742][ T5287] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  725.944924][ T5246] Bluetooth: hci2: command 0x0406 tx timeout
[  725.972551][ T5287] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  726.021212][ T5287] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  726.039793][ T5287] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  726.049097][ T5287] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  726.059424][ T5287] usb 2-1: Product: syz
[  726.063625][ T5287] usb 2-1: Manufacturer: syz
[  726.070298][ T5287] usb 2-1: SerialNumber: syz
[  726.127100][ T5287] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[  726.136458][ T5287] cdc_ncm 2-1:1.0: bind() failure
[  726.388190][ T5287] usb 2-1: USB disconnect, device number 32
[  727.321407][T13886] loop2: detected capacity change from 0 to 2048
[  727.374710][T13894] loop0: detected capacity change from 0 to 2048
[  727.411452][T13886] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  727.461702][T13886] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  727.490955][T13897] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  727.511918][T13891] loop1: detected capacity change from 0 to 8192
[  727.547425][T13891] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  727.625391][T13886] Process accounting resumed
[  728.026714][ T5229] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  728.071907][T13913] loop0: detected capacity change from 0 to 256
[  728.097509][T13913] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a37, chksum : 0xd675b107, utbl_chksum : 0xe619d30d)
[  728.620414][T13921] loop1: detected capacity change from 0 to 32768
[  728.635469][T13927] netlink: 'syz.2.2208': attribute type 7 has an invalid length.
[  728.644894][T13927] openvswitch: Êü: Dropping previously announced user features
[  728.774507][T13921] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  728.893530][ T9255] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  728.915982][T13921] XFS (loop1): Ending clean mount
[  728.930601][T13921] XFS (loop1): Quotacheck needed: Please wait.
[  729.066360][T13940] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  729.110248][T13921] XFS (loop1): Quotacheck: Done.
[  729.188666][ T9255] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  729.360045][ T9255] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.432650][ T9255] usb 4-1: config 0 descriptor??
[  729.510511][ T9255] cp210x 4-1:0.0: cp210x converter detected
[  729.600531][T13944] loop2: detected capacity change from 0 to 128
[  729.903545][T13239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  729.974811][T13952] syz.4.2213[13952] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  729.974983][T13952] syz.4.2213[13952] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  730.181580][T13944] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  730.812024][ T9255] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  730.847418][T13944] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  731.054858][ T9255] usb 4-1: cp210x converter now attached to ttyUSB0
[  731.191502][T12101] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  731.212805][T13961] loop0: detected capacity change from 0 to 512
[  731.220181][T13961] EXT4-fs: Ignoring removed nomblk_io_submit option
[  731.239580][T13961] EXT4-fs: old and new quota format mixing
[  731.292938][    T9] usb 4-1: USB disconnect, device number 31
[  731.324305][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  731.383037][    T9] cp210x 4-1:0.0: device disconnected
[  731.445164][T13961] loop0: detected capacity change from 0 to 4096
[  731.517941][T13969] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  731.545997][   T29] audit: type=1800 audit(1721918597.679:441): pid=13961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2218" name="file1" dev="loop0" ino=15 res=0 errno=0
[  731.800780][T13982] loop1: detected capacity change from 0 to 256
[  731.819299][T13982] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a37, chksum : 0xd675b107, utbl_chksum : 0xe619d30d)
[  732.059269][T13987] loop2: detected capacity change from 0 to 512
[  732.077662][T13987] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent
[  732.132943][T13991] loop1: detected capacity change from 0 to 128
[  732.205196][T13991] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  732.226736][T13991] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  732.349494][T13993] loop0: detected capacity change from 0 to 512
[  732.371810][T13993] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  732.408705][T13239] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  732.563506][T13997] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  732.770670][T13993] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  733.107010][T13993] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  733.130419][T13993] System zones: 0-2, 18-18, 34-34
[  733.170922][T13993] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2226: bad orphan inode 15
[  733.229202][T13993] ext4_test_bit(bit=14, block=18) = 1
[  733.234655][T13993] is_bad_inode(inode)=0
[  733.239762][T13993] NEXT_ORPHAN(inode)=2264924160
[  733.244829][T13993] max_ino=32
[  733.248347][T13993] i_nlink=0
[  733.251673][T13993] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  733.270798][T13993] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2226: bg 0: block 80: padding at end of block bitmap is not set
[  733.285599][T13993] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  733.296431][T13993] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  733.889824][T14001] loop1: detected capacity change from 0 to 65536
[  734.608710][T14001] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  734.664919][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  734.666232][T14005] syzkaller1: entered promiscuous mode
[  734.686939][T14005] syzkaller1: entered allmulticast mode
[  734.717760][T14001] XFS (loop1): Ending clean mount
[  734.724440][T14001] XFS (loop1): Quotacheck needed: Please wait.
[  734.856368][T14001] XFS (loop1): Quotacheck: Done.
[  734.934419][T14024] loop0: detected capacity change from 0 to 512
[  736.142701][T14024] EXT4-fs: Ignoring removed nomblk_io_submit option
[  736.196431][T14024] EXT4-fs: old and new quota format mixing
[  736.436598][T13239] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  736.460388][T14039] loop3: detected capacity change from 0 to 512
[  736.522323][T14024] loop0: detected capacity change from 0 to 4096
[  736.554795][T14043] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  736.577471][ T5280] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  736.587284][T14039] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  736.607640][T14039] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  736.649256][   T29] audit: type=1800 audit(1721918602.798:442): pid=14024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2237" name="file1" dev="loop0" ino=15 res=0 errno=0
[  736.669785][    C1] vkms_vblank_simulate: vblank timer overrun
[  736.813800][T14049] loop4: detected capacity change from 0 to 512
[  736.828945][ T5280] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  736.850763][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.895804][ T5280] usb 3-1: config 0 descriptor??
[  736.914427][T14049] loop4: detected capacity change from 0 to 128
[  736.929458][ T5280] cp210x 3-1:0.0: cp210x converter detected
[  736.973404][ T9137] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  737.247958][T14053] loop0: detected capacity change from 0 to 512
[  737.278776][T14053] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  737.347878][T14053] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  737.395347][ T5280] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  737.616851][T14053] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  737.878562][ T5280] usb 3-1: cp210x converter now attached to ttyUSB0
[  737.887709][T14053] System zones: 0-2, 18-18, 34-34
[  737.902280][T14048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  737.913996][T14053] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2245: bad orphan inode 15
[  737.975997][T14053] ext4_test_bit(bit=14, block=18) = 1
[  737.998686][T14053] is_bad_inode(inode)=0
[  738.002897][T14053] NEXT_ORPHAN(inode)=2264924160
[  738.056382][   T52] usb 3-1: USB disconnect, device number 30
[  738.064701][T14053] max_ino=32
[  738.075421][   T52] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  738.083455][T14053] i_nlink=0
[  738.086848][T14053] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  738.108853][   T52] cp210x 3-1:0.0: device disconnected
[  738.149222][T14053] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2245: bg 0: block 80: padding at end of block bitmap is not set
[  738.211108][T14053] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  738.247915][T14053] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  739.602992][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  739.740156][T14076] syzkaller1: entered promiscuous mode
[  739.746795][T14076] syzkaller1: entered allmulticast mode
[  739.950778][    C1] eth0: bad gso: type: 1, size: 1408
[  740.159192][   T52] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  740.203086][T14096] loop2: detected capacity change from 0 to 8192
[  740.268412][   T29] audit: type=1800 audit(1721918606.408:443): pid=14096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2260" name="bus" dev="loop2" ino=1048801 res=0 errno=0
[  740.348026][   T52] usb 5-1: Using ep0 maxpacket: 32
[  740.368498][T14098] loop0: detected capacity change from 0 to 64
[  740.376238][   T52] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  740.403025][   T52] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  740.416159][   T52] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  740.446933][   T52] usb 5-1: Product: syz
[  740.457067][   T52] usb 5-1: Manufacturer: syz
[  740.472434][   T52] usb 5-1: SerialNumber: syz
[  740.487210][   T52] usb 5-1: config 0 descriptor??
[  740.505417][T14084] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  740.514353][   T52] hub 5-1:0.0: bad descriptor, ignoring hub
[  740.534542][   T52] hub 5-1:0.0: probe with driver hub failed with error -5
[  740.565137][   T52] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input26
[  740.810313][ T5280] usb 5-1: USB disconnect, device number 20
[  740.816363][    C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  740.829022][T12101] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  740.837578][T12101] FAT-fs (loop2): Filesystem has been set read-only
[  740.865029][T12101] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  740.897895][    T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  741.022043][T14100] loop1: detected capacity change from 0 to 32768
[  741.043553][T14100] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2262 (14100)
[  741.076863][T12101] syz_tun (unregistering): left promiscuous mode
[  741.093416][T14100] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  741.134316][T14100] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  741.148551][T14100] BTRFS info (device loop1): using free-space-tree
[  741.159419][    T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  741.197514][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  741.218014][    T9] usb 1-1: config 0 descriptor??
[  741.244735][    T9] cp210x 1-1:0.0: cp210x converter detected
[  741.443080][ T3335] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  741.479608][    T8] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  741.659686][T13239] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  741.689968][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  741.711117][    T9] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  741.745459][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  741.864207][    T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  741.901200][ T3335] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  741.904211][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.027233][    T8] usb 4-1: config 0 descriptor??
[  742.036055][    T9] usb 1-1: cp210x converter now attached to ttyUSB0
[  742.163058][ T3335] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.334496][    T9] usb 1-1: USB disconnect, device number 25
[  742.368846][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  742.413496][    T9] cp210x 1-1:0.0: device disconnected
[  742.506711][    T8] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  742.513388][ T3335] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.543391][    T8] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  742.682289][ T5245] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  742.738568][ T5245] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  742.751507][ T5245] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  742.767542][ T5245] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  742.776906][ T5245] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  742.784397][ T5245] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  743.242334][ T3335] bridge_slave_1: left allmulticast mode
[  743.253529][ T3335] bridge_slave_1: left promiscuous mode
[  743.283669][ T3335] bridge0: port 2(bridge_slave_1) entered disabled state
[  743.335574][ T3335] bridge_slave_0: left allmulticast mode
[  743.358217][ T3335] bridge_slave_0: left promiscuous mode
[  743.426711][ T3335] bridge0: port 1(bridge_slave_0) entered disabled state
[  743.493551][T14150] loop0: detected capacity change from 0 to 1024
[  743.578778][T14148] loop1: detected capacity change from 0 to 8192
[  743.608396][T14148] vfat: Unknown parameter ''
[  743.872026][T14151] input: syz0 as /devices/virtual/input/input27
[  744.027220][T14142] loop4: detected capacity change from 0 to 40427
[  744.043057][T14142] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  744.052934][T14142] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  744.107057][T14142] F2FS-fs (loop4): Found nat_bits in checkpoint
[  744.288377][T14142] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  744.301798][T14142] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  744.399469][ T6697] hfsplus: b-tree write err: -5, ino 4
[  744.463816][T14148] loop1: detected capacity change from 0 to 512
[  744.666656][  T940] usb 4-1: USB disconnect, device number 32
[  744.748848][T14148] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2275: bg 0: block 248: padding at end of block bitmap is not set
[  744.809090][T14148] Quota error (device loop1): write_blk: dquota write failed
[  744.823419][T14148] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  744.840327][ T5245] Bluetooth: hci5: command tx timeout
[  744.861895][T14148] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.2275: Failed to acquire dquot type 1
[  744.930137][T14148] EXT4-fs (loop1): 1 truncate cleaned up
[  744.948223][T14148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  745.001222][T14148] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.468496][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  745.498069][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  745.526049][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  745.548769][ T3335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  745.554073][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  745.588079][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  745.595687][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  745.604064][ T3335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  745.626172][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  745.654113][ T3335] bond0 (unregistering): Released all slaves
[  745.744319][T14168] loop3: detected capacity change from 0 to 32768
[  745.798438][T14168] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2279 (14168)
[  745.814947][ T3335] Êü: left promiscuous mode
[  745.867573][T13239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  745.893390][T14168] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  745.903923][T14168] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  745.930663][T14168] BTRFS info (device loop3): using free-space-tree
[  746.908333][ T5245] Bluetooth: hci5: command tx timeout
[  747.241268][T14138] chnl_net:caif_netlink_parms(): no params data found
[  747.443227][ T9137] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  747.464876][ T3335] batadv_slave_0: left promiscuous mode
[  747.490854][ T3335] hsr_slave_0: left promiscuous mode
[  747.559047][ T3335] hsr_slave_1: left promiscuous mode
[  747.608394][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  747.626569][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_0
[  747.660459][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  747.677170][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_1
[  747.804253][ T3335] veth1_macvtap: left promiscuous mode
[  747.825562][ T3335] veth0_macvtap: left promiscuous mode
[  747.840116][ T3335] veth1_vlan: left promiscuous mode
[  747.934593][T14279] loop1: detected capacity change from 0 to 8192
[  747.976805][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  747.984209][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  748.000143][ T3335] veth0_vlan: left promiscuous mode
[  748.331950][   T29] audit: type=1800 audit(1721918614.287:444): pid=14279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2289" name="bus" dev="loop1" ino=1048828 res=0 errno=0
[  748.741693][   T29] audit: type=1804 audit(1721918614.447:445): pid=14287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2289" name="/newroot/38/bus/bus" dev="loop1" ino=1048828 res=1 errno=0
[  748.823809][T13239] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  748.840202][T13239] FAT-fs (loop1): Filesystem has been set read-only
[  748.849968][T13239] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  748.990594][ T5245] Bluetooth: hci5: command tx timeout
[  749.006848][ T3335] pimreg (unregistering): left allmulticast mode
[  749.183562][T14295] loop3: detected capacity change from 0 to 256
[  749.265291][T14295] FAT-fs (loop3): Directory bread(block 64) failed
[  749.277641][T14295] FAT-fs (loop3): Directory bread(block 65) failed
[  749.291119][T14295] FAT-fs (loop3): Directory bread(block 66) failed
[  749.311901][T14295] FAT-fs (loop3): Directory bread(block 67) failed
[  749.318993][T14295] FAT-fs (loop3): Directory bread(block 68) failed
[  749.325662][T14295] FAT-fs (loop3): Directory bread(block 69) failed
[  749.332535][T14295] FAT-fs (loop3): Directory bread(block 70) failed
[  749.339276][T14295] FAT-fs (loop3): Directory bread(block 71) failed
[  749.345958][T14295] FAT-fs (loop3): Directory bread(block 72) failed
[  749.356299][T14295] FAT-fs (loop3): Directory bread(block 73) failed
[  749.393665][T14295] syz.3.2292: attempt to access beyond end of device
[  749.393665][T14295] loop3: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  749.425651][T14295] syz.3.2292: attempt to access beyond end of device
[  749.425651][T14295] loop3: rw=0, sector=1160, nr_sectors = 4 limit=256
[  749.450378][   T29] audit: type=1800 audit(1721918615.587:446): pid=14295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2292" name="file0" dev="loop3" ino=1048855 res=0 errno=0
[  749.852267][ T3335] team0 (unregistering): Port device team_slave_1 removed
[  749.940594][ T3335] team0 (unregistering): Port device team_slave_0 removed
[  750.737751][T14138] bridge0: port 1(bridge_slave_0) entered blocking state
[  750.768958][T14138] bridge0: port 1(bridge_slave_0) entered disabled state
[  750.776257][T14138] bridge_slave_0: entered allmulticast mode
[  750.804657][T14138] bridge_slave_0: entered promiscuous mode
[  750.813974][T14138] bridge0: port 2(bridge_slave_1) entered blocking state
[  750.824638][T14138] bridge0: port 2(bridge_slave_1) entered disabled state
[  750.839473][T14138] bridge_slave_1: entered allmulticast mode
[  750.849976][T14138] bridge_slave_1: entered promiscuous mode
[  750.918703][T14299] netlink: 'syz.3.2294': attribute type 12 has an invalid length.
[  751.054598][T14138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  751.070628][ T5245] Bluetooth: hci5: command tx timeout
[  751.073430][T14138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  751.286842][T14138] team0: Port device team_slave_0 added
[  751.331937][T14138] team0: Port device team_slave_1 added
[  751.435884][T14138] batman_adv: batadv0: Adding interface: batadv_slave_0
[  751.455707][T14138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  751.499149][T14138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  751.512049][T14138] batman_adv: batadv0: Adding interface: batadv_slave_1
[  751.519160][T14138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  751.545235][T14138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  751.846989][T14138] hsr_slave_0: entered promiscuous mode
[  751.909165][T14329] program syz.3.2308 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  751.932039][T14138] hsr_slave_1: entered promiscuous mode
[  752.746775][T14138] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  752.764790][T14138] Cannot create hsr debugfs directory
[  753.200326][ T5287] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  753.212142][   T29] audit: type=1804 audit(1721918619.347:447): pid=14345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2313" name="/newroot/144/bus/bus" dev="overlay" ino=809 res=1 errno=0
[  753.218645][T14345] Invalid ELF header magic: != ELF
[  753.240842][ T5229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  753.258871][ T5229] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  753.270600][ T5229] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  753.280844][ T5229] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  753.289756][ T5229] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  753.298846][ T5229] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  753.352351][T14349] loop4: detected capacity change from 0 to 256
[  753.388375][ T3335] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.432527][T14349] FAT-fs (loop4): Directory bread(block 64) failed
[  753.441295][ T5287] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  753.455052][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.457138][T14349] FAT-fs (loop4): Directory bread(block 65) failed
[  753.475118][ T5287] usb 4-1: config 0 descriptor??
[  753.476277][T14349] FAT-fs (loop4): Directory bread(block 66) failed
[  753.486746][T14349] FAT-fs (loop4): Directory bread(block 67) failed
[  753.494938][T14349] FAT-fs (loop4): Directory bread(block 68) failed
[  753.504059][T14349] FAT-fs (loop4): Directory bread(block 69) failed
[  753.512297][T14349] FAT-fs (loop4): Directory bread(block 70) failed
[  753.513176][ T5287] cp210x 4-1:0.0: cp210x converter detected
[  753.519018][T14349] FAT-fs (loop4): Directory bread(block 71) failed
[  753.519128][T14349] FAT-fs (loop4): Directory bread(block 72) failed
[  753.519162][T14349] FAT-fs (loop4): Directory bread(block 73) failed
[  753.548009][T14349] syz.4.2314: attempt to access beyond end of device
[  753.548009][T14349] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  753.580470][T14349] syz.4.2314: attempt to access beyond end of device
[  753.580470][T14349] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256
[  753.600534][   T29] audit: type=1800 audit(1721918619.727:448): pid=14349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2314" name="file0" dev="loop4" ino=1048856 res=0 errno=0
[  753.690677][ T3335] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.752667][T14356] loop0: detected capacity change from 0 to 128
[  753.784474][T14356] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  753.802171][T14356] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  753.882025][ T3335] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.916352][T14358] netlink: 'syz.4.2317': attribute type 21 has an invalid length.
[  753.930597][T14358] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2317'.
[  753.955849][ T5287] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  753.973151][T12039] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  754.006773][ T3335] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.335676][T14365] program syz.4.2320 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  754.349767][ T5287] usb 4-1: cp210x converter now attached to ttyUSB0
[  755.229685][    T9] usb 4-1: USB disconnect, device number 33
[  755.270463][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  755.316224][    T9] cp210x 4-1:0.0: device disconnected
[  755.375796][T14372] loop0: detected capacity change from 0 to 128
[  755.399156][ T5245] Bluetooth: hci0: command tx timeout
[  755.422860][T14369] loop4: detected capacity change from 0 to 32768
[  755.442940][T14372] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[  755.509423][T14369] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  755.525527][ T3335] bridge_slave_1: left allmulticast mode
[  755.525556][ T3335] bridge_slave_1: left promiscuous mode
[  755.525803][ T3335] bridge0: port 2(bridge_slave_1) entered disabled state
[  755.534369][ T3335] bridge_slave_0: left allmulticast mode
[  755.534401][ T3335] bridge_slave_0: left promiscuous mode
[  755.534591][ T3335] bridge0: port 1(bridge_slave_0) entered disabled state
[  755.609352][T14369] XFS (loop4): Ending clean mount
[  755.618282][T14369] XFS (loop4): Quotacheck needed: Please wait.
[  755.718931][T14369] XFS (loop4): Quotacheck: Done.
[  756.378741][   T29] audit: type=1804 audit(1721918622.517:449): pid=14387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2324" name="/newroot/349/bus/bus" dev="overlay" ino=1963 res=1 errno=0
[  756.406492][T14385] loop0: detected capacity change from 0 to 40427
[  756.414738][T14385] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  756.422614][T14385] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  756.445502][T14387] Invalid ELF header magic: != ELF
[  756.453856][T13264] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  756.465997][T14385] F2FS-fs (loop0): Found nat_bits in checkpoint
[  756.520202][T14385] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  756.527356][T14385] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  756.873041][T14392] cannot load conntrack support for proto=3
[  757.469206][ T5245] Bluetooth: hci0: command tx timeout
[  759.548945][ T5245] Bluetooth: hci0: command tx timeout
[  759.588134][ T3335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  759.689341][ T3335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  759.734773][ T3335] bond0 (unregistering): Released all slaves
[  759.820506][T14408] loop4: detected capacity change from 0 to 32768
[  759.830535][T14408] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2331 (14408)
[  759.884356][T14408] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  759.918234][T14408] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  759.935158][T14419] loop0: detected capacity change from 0 to 512
[  759.972683][T14408] BTRFS info (device loop4): using free-space-tree
[  760.056799][T14419] EXT4-fs: Ignoring removed nobh option
[  760.159280][T14419] fscrypt (loop0, inode 2): Error -61 getting encryption context
[  760.220931][T14419] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61
[  760.271265][T14419] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #13: comm syz.0.2334: casefold flag without casefold feature
[  760.331789][T14346] chnl_net:caif_netlink_parms(): no params data found
[  760.362067][T14419] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.2334: couldn't read orphan inode 13 (err -117)
[  760.443563][T14419] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  760.447832][T14138] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  760.613060][T13264] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  760.720843][T14138] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  760.784498][T14138] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  760.900383][ T3335] hsr_slave_0: left promiscuous mode
[  760.937904][ T3335] hsr_slave_1: left promiscuous mode
[  761.004444][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  761.038664][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_0
[  761.049277][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.058991][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  761.088647][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_1
[  761.207322][ T3335] veth1_macvtap: left promiscuous mode
[  761.213945][ T3335] veth0_macvtap: left promiscuous mode
[  761.228663][ T3335] veth1_vlan: left promiscuous mode
[  761.234248][ T3335] veth0_vlan: left promiscuous mode
[  761.610393][T14446] syz.0.2336: attempt to access beyond end of device
[  761.610393][T14446] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  762.749559][ T5245] Bluetooth: hci0: command tx timeout
[  763.526862][T14453] loop0: detected capacity change from 0 to 40427
[  763.536289][T14453] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  763.544097][T14453] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  763.584380][T14453] F2FS-fs (loop0): Found nat_bits in checkpoint
[  763.681842][T14453] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  763.688970][T14453] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  763.917104][T14465] cannot load conntrack support for proto=3
[  764.554089][T14467] loop0: detected capacity change from 0 to 128
[  764.604873][T14467] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  764.628011][T14467] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  764.810488][T12039] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  764.821888][ T3335] team0 (unregistering): Port device team_slave_1 removed
[  764.916674][T14471] loop0: detected capacity change from 0 to 512
[  764.926925][ T3335] team0 (unregistering): Port device team_slave_0 removed
[  764.990830][T14471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  765.007232][T14471] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  765.203688][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  765.519313][T14480] loop0: detected capacity change from 0 to 16
[  765.532579][T14480] erofs: (device loop0): mounted with root inode @ nid 36.
[  766.412430][T14138] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  766.715471][T14346] bridge0: port 1(bridge_slave_0) entered blocking state
[  766.740552][T14346] bridge0: port 1(bridge_slave_0) entered disabled state
[  766.747847][T14346] bridge_slave_0: entered allmulticast mode
[  766.753884][T14487] loop0: detected capacity change from 0 to 256
[  766.754666][T14487] exfat: Deprecated parameter 'utf8'
[  766.761161][T14455] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  766.782174][T14455] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  766.796314][T14346] bridge_slave_0: entered promiscuous mode
[  766.798131][T14487] exfat: Unknown parameter 'dmaskW†”Mmô|'
[  766.824383][T14346] bridge0: port 2(bridge_slave_1) entered blocking state
[  766.878596][T14346] bridge0: port 2(bridge_slave_1) entered disabled state
[  766.886122][T14346] bridge_slave_1: entered allmulticast mode
[  766.894139][T14346] bridge_slave_1: entered promiscuous mode
[  767.894608][T14346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  767.934292][T14346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  768.182469][T14346] team0: Port device team_slave_0 added
[  768.218978][T14346] team0: Port device team_slave_1 added
[  769.073608][T14504] netlink: 'syz.3.2350': attribute type 3 has an invalid length.
[  769.158860][T14346] batman_adv: batadv0: Adding interface: batadv_slave_0
[  769.165936][T14346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  769.204615][T14346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  769.226068][T14346] batman_adv: batadv0: Adding interface: batadv_slave_1
[  769.234622][T14346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  769.277039][T14510] loop0: detected capacity change from 0 to 64
[  769.289437][T14346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  769.438437][T14512] loop3: detected capacity change from 0 to 16
[  769.451788][T14346] hsr_slave_0: entered promiscuous mode
[  769.460362][T14346] hsr_slave_1: entered promiscuous mode
[  769.468232][T14346] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  769.478353][T14512] erofs: (device loop3): mounted with root inode @ nid 36.
[  769.491291][T12039] hfs: walked past end of dir
[  769.506876][T14346] Cannot create hsr debugfs directory
[  769.779853][T14138] 8021q: adding VLAN 0 to HW filter on device bond0
[  770.510377][T14497] loop4: detected capacity change from 0 to 40427
[  770.522177][T14497] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  770.546134][T14497] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  770.561644][T14138] 8021q: adding VLAN 0 to HW filter on device team0
[  770.579074][T14497] F2FS-fs (loop4): invalid crc value
[  770.623274][T14497] F2FS-fs (loop4): Found nat_bits in checkpoint
[  770.633024][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  770.640206][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  770.661336][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  770.668494][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  770.795858][T14497] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  770.827741][T14497] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  771.269417][T14138] 8021q: adding VLAN 0 to HW filter on device batadv0
[  771.471501][T14138] veth0_vlan: entered promiscuous mode
[  771.519413][T14138] veth1_vlan: entered promiscuous mode
[  771.567615][T14346] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  771.601120][T14346] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  771.612887][T14346] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  771.666398][T14138] veth0_macvtap: entered promiscuous mode
[  771.703381][T14346] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  771.796603][T14138] veth1_macvtap: entered promiscuous mode
[  772.277986][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  772.548433][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.578890][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  772.609115][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.650939][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  772.677715][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.728777][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  772.744446][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.755660][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  772.766357][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.776519][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  772.787234][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.802906][T14138] batman_adv: batadv0: Interface activated: batadv_slave_0
[  772.814295][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  772.833434][T14534] loop4: detected capacity change from 0 to 2048
[  772.840347][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.850324][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  772.863067][T14534] udf: Bad value for 'rootdir'
[  772.868755][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.887458][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  772.908306][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.927201][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  772.937817][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.947768][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  772.960199][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.970210][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  772.980824][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  772.994523][T14138] batman_adv: batadv0: Interface activated: batadv_slave_1
[  773.054542][T14138] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  773.069317][T14138] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  773.088794][T14138] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  773.097570][T14138] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  773.189004][ T5339] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  773.298192][T14209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  773.330982][T14209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  773.397886][T14346] 8021q: adding VLAN 0 to HW filter on device bond0
[  773.404638][ T5339] usb 5-1: Using ep0 maxpacket: 8
[  773.412389][T14249] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  773.422012][ T5339] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  773.425345][T14249] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  773.432711][ T5339] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=21.5e
[  773.473157][ T5339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  773.476243][T14346] 8021q: adding VLAN 0 to HW filter on device team0
[  773.497387][ T5339] usb 5-1: config 0 descriptor??
[  773.504933][ T5339] asix 5-1:0.0: probe with driver asix failed with error -22
[  773.515974][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  773.523159][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  773.551974][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  773.559239][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  773.796157][T14541] loop2: detected capacity change from 0 to 1024
[  773.819881][T14534] 9pnet_fd: Insufficient options for proto=fd
[  773.836443][T14541] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  773.919182][T14541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  774.008122][T14547] loop4: detected capacity change from 0 to 2048
[  774.437573][T14547] /dev/loop4: Can't open blockdev
[  774.809747][T14138] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  774.892885][    T9] usb 5-1: USB disconnect, device number 21
[  775.084686][T14346] 8021q: adding VLAN 0 to HW filter on device batadv0
[  775.195822][T14346] veth0_vlan: entered promiscuous mode
[  776.632566][T14346] veth1_vlan: entered promiscuous mode
[  776.918242][T14346] veth0_macvtap: entered promiscuous mode
[  776.995029][T14346] veth1_macvtap: entered promiscuous mode
[  777.045512][T14569] loop2: detected capacity change from 0 to 40427
[  777.055120][T14569] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  777.062890][T14569] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  777.117356][T14569] F2FS-fs (loop2): Found nat_bits in checkpoint
[  777.190788][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  777.202313][T14569] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  777.209510][T14569] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  777.262562][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.371561][T14584] cannot load conntrack support for proto=3
[  777.410227][T14582] loop3: detected capacity change from 0 to 1024
[  777.417795][T14582] EXT4-fs: Ignoring removed orlov option
[  777.423793][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  777.434454][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.518310][T14582] EXT4-fs (loop3): Test dummy encryption mode enabled
[  777.773944][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  782.268786][    C0] DEBUG: holding rtnl_mutex for 508 jiffies.
[  782.274820][    C0] task:syz-executor    state:R  running task     stack:20432 pid:14346 tgid:14346 ppid:14321  flags:0x00004002
[  782.286608][    C0] Call Trace:
[  782.289911][    C0]  <TASK>
[  782.292838][    C0]  __schedule+0x1800/0x4a60
[  782.297363][    C0]  ? __pfx___schedule+0x10/0x10
[  782.302235][    C0]  ? prb_read_valid+0xa9/0xf0
[  782.306921][    C0]  ? preempt_schedule+0xe1/0xf0
[  782.311824][    C0]  preempt_schedule_common+0x84/0xd0
[  782.317117][    C0]  preempt_schedule+0xe1/0xf0
[  782.321819][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  782.327190][    C0]  ? _printk+0xd5/0x120
[  782.331393][    C0]  ? _printk+0xd5/0x120
[  782.335546][    C0]  ? __pfx___down_trylock_console_sem+0x10/0x10
[  782.341801][    C0]  preempt_schedule_thunk+0x1a/0x30
[  782.347003][    C0]  ? vprintk_emit+0x7bb/0x900
[  782.351691][    C0]  ? vprintk_emit+0x828/0x900
[  782.356361][    C0]  vprintk_emit+0x82d/0x900
[  782.360886][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  782.365916][    C0]  _printk+0xd5/0x120
[  782.369916][    C0]  ? batadv_check_known_mac_addr+0x237/0x410
[  782.375918][    C0]  ? __pfx__printk+0x10/0x10
[  782.380547][    C0]  ? batadv_hardif_get_by_netdev+0x49b/0x4e0
[  782.386545][    C0]  ? batadv_hardif_get_by_netdev+0x7f/0x4e0
[  782.392467][    C0]  batadv_check_known_mac_addr+0x2b1/0x410
[  782.398280][    C0]  ? batadv_check_known_mac_addr+0x24/0x410
[  782.404224][    C0]  batadv_hard_if_event+0x3a5/0x1620
[  782.409537][    C0]  ? smc_pnet_netdev_event+0x38f/0x690
[  782.414992][    C0]  ? lockdep_rtnl_is_held+0x26/0x40
[  782.420203][    C0]  notifier_call_chain+0x19f/0x3e0
[  782.425337][    C0]  dev_set_mac_address+0x3d9/0x510
[  782.430484][    C0]  ? __pfx_dev_set_mac_address+0x10/0x10
[  782.436112][    C0]  ? down_write+0x18c/0x220
[  782.440632][    C0]  ? do_setlink+0x7ff/0x41f0
[  782.445309][    C0]  ? do_setlink+0x7ff/0x41f0
[  782.449915][    C0]  ? do_setlink+0x7ff/0x41f0
[  782.454512][    C0]  ? do_setlink+0x7ff/0x41f0
[  782.459125][    C0]  ? trace_kmalloc+0x1f/0xd0
[  782.463732][    C0]  dev_set_mac_address_user+0x31/0x50
[  782.469122][    C0]  do_setlink+0x8b6/0x41f0
[  782.473542][    C0]  ? stack_trace_save+0x118/0x1d0
[  782.478580][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  782.484012][    C0]  ? __pfx_do_setlink+0x10/0x10
[  782.488895][    C0]  ? __nla_validate_parse+0x26ce/0x3090
[  782.494463][    C0]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  782.500042][    C0]  ? rtnl_newlink+0xe9/0x2070
[  782.504736][    C0]  ? __pfx___nla_validate_parse+0x10/0x10
[  782.510491][    C0]  ? validate_linkmsg+0x71e/0x900
[  782.515522][    C0]  rtnl_newlink+0x17a9/0x2070
[  782.520240][    C0]  ? __pfx_rtnl_newlink+0x10/0x10
[  782.525261][    C0]  ? __pfx___mutex_trylock_common+0x10/0x10
[  782.531197][    C0]  ? rcu_is_watching+0x15/0xb0
[  782.535956][    C0]  ? trace_contention_end+0x3c/0x120
[  782.541274][    C0]  ? __mutex_lock+0x2ef/0xd70
[  782.545960][    C0]  ? __pfx_lock_release+0x10/0x10
[  782.551036][    C0]  ? __pfx_rtnl_newlink+0x10/0x10
[  782.556067][    C0]  rtnetlink_rcv_msg+0x744/0xd00
[  782.561043][    C0]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  782.566156][    C0]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  782.571630][    C0]  ? ref_tracker_free+0x643/0x7e0
[  782.576654][    C0]  netlink_rcv_skb+0x1e3/0x430
[  782.581452][    C0]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  782.586959][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  782.592290][    C0]  ? netlink_deliver_tap+0x2e/0x1b0
[  782.597492][    C0]  netlink_unicast+0x7f6/0x990
[  782.602284][    C0]  ? __pfx_netlink_unicast+0x10/0x10
[  782.607569][    C0]  ? __virt_addr_valid+0x183/0x530
[  782.612711][    C0]  ? __check_object_size+0x49c/0x900
[  782.617996][    C0]  ? bpf_lsm_netlink_send+0x9/0x10
[  782.623132][    C0]  netlink_sendmsg+0x8e4/0xcb0
[  782.627911][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  782.633214][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  782.639222][    C0]  ? aa_sock_msg_perm+0x91/0x160
[  782.644165][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  782.649461][    C0]  ? security_socket_sendmsg+0x87/0xb0
[  782.654914][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  782.660216][    C0]  __sock_sendmsg+0x221/0x270
[  782.664909][    C0]  __sys_sendto+0x3a4/0x4f0
[  782.669431][    C0]  ? __pfx___sys_sendto+0x10/0x10
[  782.674461][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  782.680464][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  782.686800][    C0]  __x64_sys_sendto+0xde/0x100
[  782.691583][    C0]  do_syscall_64+0xf3/0x230
[  782.696085][    C0]  ? clear_bhb_loop+0x35/0x90
[  782.700776][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.706662][    C0] RIP: 0033:0x7fda27d77cac
[  782.711097][    C0] RSP: 002b:00007ffcb931a230 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  782.719529][    C0] RAX: ffffffffffffffda RBX: 00007fda28a34620 RCX: 00007fda27d77cac
[  782.727501][    C0] RDX: 000000000000002c RSI: 00007fda28a34670 RDI: 0000000000000003
[  782.735482][    C0] RBP: 0000000000000000 R08: 00007ffcb931a284 R09: 000000000000000c
[  782.743463][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  782.751441][    C0] R13: 0000000000000000 R14: 00007fda28a34670 R15: 0000000000000000
[  782.759438][    C0]  </TASK>
[  782.762450][    C0] DEBUG: waiting rtnl_mutex for 538 jiffies.
[  782.768410][    C0] task:kworker/u8:7    state:D stack:19984 pid:3335  tgid:3335  ppid:2      flags:0x00004000
[  782.778611][    C0] Workqueue: ipv6_addrconf addrconf_dad_work
[  782.784635][    C0] Call Trace:
[  782.787926][    C0]  <TASK>
[  782.790892][    C0]  __schedule+0x1800/0x4a60
[  782.795424][    C0]  ? __pfx___schedule+0x10/0x10
[  782.800298][    C0]  ? __pfx_lock_release+0x10/0x10
[  782.805331][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  782.810824][    C0]  ? kthread_data+0x52/0xd0
[  782.815339][    C0]  ? schedule+0x90/0x320
[  782.819622][    C0]  ? wq_worker_sleeping+0x66/0x240
[  782.824745][    C0]  ? schedule+0x90/0x320
[  782.829006][    C0]  schedule+0x14b/0x320
[  782.833169][    C0]  schedule_preempt_disabled+0x13/0x30
[  782.838635][    C0]  __mutex_lock+0x6a4/0xd70
[  782.843168][    C0]  ? mark_lock+0x9a/0x360
[  782.847508][    C0]  ? __mutex_lock+0x527/0xd70
[  782.852216][    C0]  ? addrconf_dad_work+0xd0/0x16f0
[  782.857334][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  782.862408][    C0]  ? get_rtnl_holder+0x144/0x190
[  782.867357][    C0]  addrconf_dad_work+0xd0/0x16f0
[  782.872347][    C0]  ? __pfx_addrconf_dad_work+0x10/0x10
[  782.877805][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  782.884163][    C0]  ? process_scheduled_works+0x945/0x1830
[  782.889901][    C0]  process_scheduled_works+0xa2c/0x1830
[  782.895468][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  782.901498][    C0]  ? assign_work+0x364/0x3d0
[  782.906095][    C0]  worker_thread+0x86d/0xd40
[  782.910705][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  782.916598][    C0]  ? __kthread_parkme+0x169/0x1d0
[  782.921639][    C0]  ? __pfx_worker_thread+0x10/0x10
[  782.926750][    C0]  kthread+0x2f0/0x390
[  782.930834][    C0]  ? __pfx_worker_thread+0x10/0x10
[  782.935942][    C0]  ? __pfx_kthread+0x10/0x10
[  782.940551][    C0]  ret_from_fork+0x4b/0x80
[  782.944994][    C0]  ? __pfx_kthread+0x10/0x10
[  782.949617][    C0]  ret_from_fork_asm+0x1a/0x30
[  782.954401][    C0]  </TASK>
[  782.957415][    C0] DEBUG: waiting rtnl_mutex for 535 jiffies.
[  782.963418][    C0] task:kworker/1:2     state:D stack:20560 pid:1173  tgid:1173  ppid:2      flags:0x00004000
[  782.973588][    C0] Workqueue: events linkwatch_event
[  782.978823][    C0] Call Trace:
[  782.982102][    C0]  <TASK>
[  782.985027][    C0]  __schedule+0x1800/0x4a60
[  782.989557][    C0]  ? __pfx___schedule+0x10/0x10
[  782.994435][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  783.000488][    C0]  ? __pfx_lock_release+0x10/0x10
[  783.005527][    C0]  ? kick_pool+0x45c/0x620
[  783.009967][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  783.015157][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  783.020367][    C0]  ? schedule+0x90/0x320
[  783.024625][    C0]  schedule+0x14b/0x320
[  783.028812][    C0]  schedule_preempt_disabled+0x13/0x30
[  783.034266][    C0]  __mutex_lock+0x6a4/0xd70
[  783.038831][    C0]  ? __mutex_lock+0x527/0xd70
[  783.043554][    C0]  ? linkwatch_event+0xe/0x60
[  783.048221][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  783.053267][    C0]  ? get_rtnl_holder+0x144/0x190
[  783.058205][    C0]  ? process_scheduled_works+0x945/0x1830
[  783.063937][    C0]  linkwatch_event+0xe/0x60
[  783.068431][    C0]  process_scheduled_works+0xa2c/0x1830
[  783.074007][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  783.080021][    C0]  ? assign_work+0x364/0x3d0
[  783.084611][    C0]  worker_thread+0x86d/0xd40
[  783.089219][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  783.095113][    C0]  ? __kthread_parkme+0x169/0x1d0
[  783.100245][    C0]  ? __pfx_worker_thread+0x10/0x10
[  783.105357][    C0]  kthread+0x2f0/0x390
[  783.109458][    C0]  ? __pfx_worker_thread+0x10/0x10
[  783.114586][    C0]  ? __pfx_kthread+0x10/0x10
[  783.119202][    C0]  ret_from_fork+0x4b/0x80
[  783.123650][    C0]  ? __pfx_kthread+0x10/0x10
[  783.128233][    C0]  ret_from_fork_asm+0x1a/0x30
[  783.133029][    C0]  </TASK>
[  783.136066][    C0] 
[  783.136066][    C0] Showing all locks held in the system:
[  783.143791][    C0] 3 locks held by kworker/1:0/25:
[  783.148852][    C0] 3 locks held by kworker/1:2/1173:
[  783.154039][    C0]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  783.165031][    C0]  #1: ffffc900049f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  783.176014][    C0]  #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  783.185005][    C0] 3 locks held by kworker/u8:7/3335:
[  783.190290][    C0]  #0: ffff88802a990148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  783.201886][    C0]  #1: ffffc9000aa57d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  783.214703][    C0]  #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  783.224127][    C0] 2 locks held by getty/4979:
[  783.228899][    C0]  #0: ffff88802f6310a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  783.238649][    C0]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  783.248789][    C0] 2 locks held by syz-executor/5215:
[  783.254091][    C0] 4 locks held by kworker/1:4/5280:
[  783.259294][    C0] 3 locks held by kworker/1:8/5339:
[  783.264481][    C0] 3 locks held by kworker/0:9/9255:
[  783.269689][    C0] 3 locks held by kworker/u8:11/14229:
[  783.275134][    C0] 3 locks held by syz-executor/14346:
[  783.280512][    C0] 3 locks held by syz.2.2364/14568:
[  783.285694][    C0]  #0: ffff88805f775008 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  783.295905][    C0]  #1: ffffffff8fce6230 ((netlink_chain).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain+0x53/0x90
[  783.307079][    C0]  #2: ffff88802af400b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nft_rcv_nl_event+0x120/0x6b0
[  783.317482][    C0] 3 locks held by syz.2.2364/14569:
[  783.322690][    C0]  #0: ffffffff8f144328 (reading_mutex){+.+.}-{3:3}, at: rng_dev_read+0x171/0x6d0
[  783.331934][    C0]  #1: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  783.342047][    C0]  #2: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  783.351903][    C0] 2 locks held by syz.2.2364/14583:
[  783.357091][    C0]  #0: ffff88802af400b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x32/0x100
[  783.367833][    C0]  #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  783.378807][    C0] 1 lock held by syz.2.2364/14584:
[  783.383923][    C0]  #0: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  783.394824][    C0] 1 lock held by syz.4.2365/14575:
[  783.399993][    C0] 1 lock held by syz.4.2365/14586:
[  783.405117][    C0] 1 lock held by syz.3.2367/14582:
[  783.410261][    C0]  #0: ffff8880617220e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x221/0x9d0
[  783.420396][    C0] 
[  783.422711][    C0] =============================================
[  783.422711][    C0] 
[  783.989500][T14582] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  783.990030][T14582] EXT4-fs: failed to create workqueue
[  784.022713][T14582] EXT4-fs (loop3): mount failed
[  784.041630][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.063521][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  784.077396][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.100888][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  784.128847][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.144062][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  784.154780][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.164764][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  784.175471][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.187535][T14346] batman_adv: batadv0: Interface activated: batadv_slave_0
[  784.254765][T14594] loop3: detected capacity change from 0 to 512
[  784.291230][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  784.344994][T14594] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2370: bg 0: block 131: padding at end of block bitmap is not set
[  784.368837][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.426687][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  784.468603][T14594] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  784.499150][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.499337][T14594] EXT4-fs (loop3): 1 truncate cleaned up
[  784.539760][T14594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  784.548819][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  784.588801][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.634139][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  784.826526][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  784.863454][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  784.969359][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  785.102324][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  785.178283][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  785.267350][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  785.364408][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  785.509865][T14346] batman_adv: batadv0: Interface activated: batadv_slave_1
[  785.647846][ T5229] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  785.670234][ T5229] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  785.681828][ T5229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  785.707743][ T5229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  785.708975][ T9137] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  785.732602][ T5229] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  785.740032][ T5229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  785.837543][T14604] tmpfs: Bad value for 'mpol'
[  785.930662][T14606] loop4: detected capacity change from 0 to 64
[  785.984528][T14346] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  786.029392][T14346] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  786.042182][T14346] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  786.045165][T14610] loop3: detected capacity change from 0 to 256
[  786.053161][T14346] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  786.126762][T13264] hfs: walked past end of dir
[  786.139510][T14610] FAT-fs (loop3): Directory bread(block 64) failed
[  786.149149][T14610] FAT-fs (loop3): Directory bread(block 65) failed
[  786.155796][T14610] FAT-fs (loop3): Directory bread(block 66) failed
[  786.190059][T14610] FAT-fs (loop3): Directory bread(block 67) failed
[  786.196741][T14610] FAT-fs (loop3): Directory bread(block 68) failed
[  786.217306][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.228952][T14610] FAT-fs (loop3): Directory bread(block 69) failed
[  786.235604][T14610] FAT-fs (loop3): Directory bread(block 70) failed
[  786.249936][T14610] FAT-fs (loop3): Directory bread(block 71) failed
[  786.256561][T14610] FAT-fs (loop3): Directory bread(block 72) failed
[  786.300993][T14610] FAT-fs (loop3): Directory bread(block 73) failed
[  786.419623][T14610] syz.3.2375: attempt to access beyond end of device
[  786.419623][T14610] loop3: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  786.449149][T14610] syz.3.2375: attempt to access beyond end of device
[  786.449149][T14610] loop3: rw=0, sector=1160, nr_sectors = 4 limit=256
[  786.493367][   T29] audit: type=1800 audit(1721918652.637:450): pid=14610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2375" name="file0" dev="loop3" ino=1048861 res=0 errno=0
[  786.496089][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.520151][T14612] loop3: detected capacity change from 256 to 0
[  786.540378][   T29] audit: type=1804 audit(1721918652.677:451): pid=14610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2375" name="/newroot/367/file0/file0" dev="loop3" ino=1048861 res=1 errno=0
[  786.550323][T14610] syz.3.2375: attempt to access beyond end of device
[  786.550323][T14610] loop3: rw=0, sector=4, nr_sectors = 4 limit=0
[  786.668640][ T9137] syz-executor: attempt to access beyond end of device
[  786.668640][ T9137] loop3: rw=0, sector=20, nr_sectors = 4 limit=0
[  786.701326][ T9137] syz-executor: attempt to access beyond end of device
[  786.701326][ T9137] loop3: rw=0, sector=24, nr_sectors = 4 limit=0
[  786.722847][ T9137] syz-executor: attempt to access beyond end of device
[  786.722847][ T9137] loop3: rw=0, sector=28, nr_sectors = 4 limit=0
[  786.736154][ T9137] syz-executor: attempt to access beyond end of device
[  786.736154][ T9137] loop3: rw=0, sector=32, nr_sectors = 4 limit=0
[  786.788924][ T9137] syz-executor: attempt to access beyond end of device
[  786.788924][ T9137] loop3: rw=0, sector=36, nr_sectors = 4 limit=0
[  786.811926][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.828940][ T9137] syz-executor: attempt to access beyond end of device
[  786.828940][ T9137] loop3: rw=0, sector=40, nr_sectors = 4 limit=0
[  786.873346][ T9137] syz-executor: attempt to access beyond end of device
[  786.873346][ T9137] loop3: rw=0, sector=44, nr_sectors = 4 limit=0
[  786.899908][T14229] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  786.907752][T14229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  787.060178][T14618] afs: Unknown parameter '·«ûÂdÏ_’|:â1þ´+éOv'
[  787.549209][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  787.608177][T14238] FAT-fs (loop3): unable to read inode block for updating (i_pos 899)
[  787.624942][ T9137] FAT-fs (loop3): unable to read boot sector to mark fs as dirty
[  787.663330][ T3335] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  787.736934][ T3335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  787.790722][ T5245] Bluetooth: hci3: command tx timeout
[  787.871539][ T5245] Bluetooth: hci5: unexpected event 0x31 length: 23 > 6
[  788.092195][T14601] chnl_net:caif_netlink_parms(): no params data found
[  788.130238][   T35] bridge_slave_0: left allmulticast mode
[  788.140238][T14621] netdevsim netdevsim2: Direct firmware load for ng failed with error -2
[  788.311881][T14628] ==================================================================
[  788.313717][   T35] bridge_slave_0: left promiscuous mode
[  788.320059][T14628] BUG: KASAN: slab-use-after-free in uprobe_mmap+0xb9a/0x11a0
[  788.320091][T14628] Read of size 8 at addr ffff88802f1442b0 by task syz.1.2304/14628
[  788.320109][T14628] 
[  788.320125][T14628] CPU: 0 UID: 0 PID: 14628 Comm: syz.1.2304 Not tainted 6.10.0-next-20240725-syzkaller #0
[  788.320151][T14628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  788.320165][T14628] Call Trace:
[  788.320174][T14628]  <TASK>
[  788.320183][T14628]  dump_stack_lvl+0x241/0x360
[  788.320216][T14628]  ? __pfx_dump_stack_lvl+0x10/0x10
[  788.320246][T14628]  ? __pfx__printk+0x10/0x10
[  788.320273][T14628]  ? _printk+0xd5/0x120
[  788.320299][T14628]  ? __virt_addr_valid+0x183/0x530
[  788.320319][T14628]  ? __virt_addr_valid+0x183/0x530
[  788.320340][T14628]  print_report+0x169/0x550
[  788.320362][T14628]  ? __virt_addr_valid+0x183/0x530
[  788.320382][T14628]  ? __virt_addr_valid+0x183/0x530
[  788.320401][T14628]  ? __virt_addr_valid+0x45f/0x530
[  788.320420][T14628]  ? __phys_addr+0xba/0x170
[  788.320440][T14628]  ? uprobe_mmap+0xb9a/0x11a0
[  788.320464][T14628]  kasan_report+0x143/0x180
[  788.320488][T14628]  ? uprobe_mmap+0xb9a/0x11a0
[  788.320517][T14628]  uprobe_mmap+0xb9a/0x11a0
[  788.320550][T14628]  ? __pfx_uprobe_mmap+0x10/0x10
[  788.320581][T14628]  mmap_region+0x1891/0x2090
[  788.320615][T14628]  ? __pfx_mmap_region+0x10/0x10
[  788.320636][T14628]  ? irqentry_exit+0x63/0x90
[  788.320662][T14628]  ? lockdep_hardirqs_on+0x99/0x150
[  788.320695][T14628]  ? do_mmap+0xb6b/0x1010
[  788.320716][T14628]  ? path_noexec+0x44/0xe0
[  788.320751][T14628]  do_mmap+0x8f9/0x1010
[  788.320779][T14628]  ? __pfx_do_mmap+0x10/0x10
[  788.320799][T14628]  ? __pfx_down_write_killable+0x10/0x10
[  788.320820][T14628]  ? __pfx_ima_file_mmap+0x10/0x10
[  788.320847][T14628]  ? security_mmap_file+0x178/0x1a0
[  788.320874][T14628]  vm_mmap_pgoff+0x1dd/0x3d0
[  788.320901][T14628]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  788.320922][T14628]  ? __fget_files+0x29/0x470
[  788.320943][T14628]  ? __fget_files+0x3f6/0x470
[  788.320968][T14628]  ksys_mmap_pgoff+0x4f1/0x720
[  788.320990][T14628]  ? __x64_sys_mmap+0x7f/0x140
[  788.321023][T14628]  do_syscall_64+0xf3/0x230
[  788.321052][T14628]  ? clear_bhb_loop+0x35/0x90
[  788.321077][T14628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.321098][T14628] RIP: 0033:0x7fda27d75f19
[  788.321116][T14628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  788.321135][T14628] RSP: 002b:00007fda28b09048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  788.321158][T14628] RAX: ffffffffffffffda RBX: 00007fda27f06110 RCX: 00007fda27d75f19
[  788.321175][T14628] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 0000000020000000
[  788.321189][T14628] RBP: 00007fda27de4e68 R08: 000000000000000a R09: 0000000000000000
[  788.321203][T14628] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[  788.321216][T14628] R13: 000000000000006e R14: 00007fda27f06110 R15: 00007ffcb931a678
[  788.321240][T14628]  </TASK>
[  788.321248][T14628] 
[  788.321253][T14628] Allocated by task 14497:
[  788.321264][T14628]  kasan_save_track+0x3f/0x80
[  788.321283][T14628]  __kasan_kmalloc+0x98/0xb0
[  788.321300][T14628]  __kmalloc_node_noprof+0x22a/0x440
[  788.638931][T14628]  __kvmalloc_node_noprof+0x72/0x190
[  788.644224][T14628]  f2fs_build_node_manager+0x1385/0x2870
[  788.649853][T14628]  f2fs_fill_super+0x5328/0x7b80
[  788.654793][T14628]  mount_bdev+0x20a/0x2d0
[  788.659133][T14628]  legacy_get_tree+0xee/0x190
[  788.663806][T14628]  vfs_get_tree+0x90/0x2a0
[  788.668214][T14628]  do_new_mount+0x2be/0xb40
[  788.672711][T14628]  __se_sys_mount+0x2d6/0x3c0
[  788.677381][T14628]  do_syscall_64+0xf3/0x230
[  788.681893][T14628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.687785][T14628] 
[  788.690109][T14628] Freed by task 13264:
[  788.694166][T14628]  kasan_save_track+0x3f/0x80
[  788.698868][T14628]  kasan_save_free_info+0x40/0x50
[  788.703889][T14628]  poison_slab_object+0xe0/0x150
[  788.708824][T14628]  __kasan_slab_free+0x37/0x60
[  788.713578][T14628]  kfree+0x149/0x360
[  788.717472][T14628]  f2fs_destroy_node_manager+0xad1/0xd20
[  788.723108][T14628]  f2fs_put_super+0xad9/0x1150
[  788.727882][T14628]  generic_shutdown_super+0x136/0x2d0
[  788.733268][T14628]  kill_block_super+0x44/0x90
[  788.737944][T14628]  kill_f2fs_super+0x344/0x690
[  788.742715][T14628]  deactivate_locked_super+0xc4/0x130
[  788.748103][T14628]  cleanup_mnt+0x41f/0x4b0
[  788.752528][T14628]  task_work_run+0x24f/0x310
[  788.757114][T14628]  syscall_exit_to_user_mode+0x168/0x370
[  788.762761][T14628]  do_syscall_64+0x100/0x230
[  788.767353][T14628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.773246][T14628] 
[  788.775563][T14628] The buggy address belongs to the object at ffff88802f144280
[  788.775563][T14628]  which belongs to the cache kmalloc-64 of size 64
[  788.789443][T14628] The buggy address is located 48 bytes inside of
[  788.789443][T14628]  freed 64-byte region [ffff88802f144280, ffff88802f1442c0)
[  788.803064][T14628] 
[  788.805382][T14628] The buggy address belongs to the physical page:
[  788.811813][T14628] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2f144
[  788.820583][T14628] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  788.827698][T14628] page_type: 0xfdffffff(slab)
[  788.832394][T14628] raw: 00fff00000000000 ffff8880158418c0 ffffea0000af37c0 dead000000000004
[  788.840988][T14628] raw: 0000000000000000 0000000000200020 00000001fdffffff 0000000000000000
[  788.849562][T14628] page dumped because: kasan: bad access detected
[  788.855971][T14628] page_owner tracks the page as allocated
[  788.861684][T14628] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 62, tgid 62 (kworker/u8:4), ts 20060180773, free_ts 0
[  788.879742][T14628]  post_alloc_hook+0x1f3/0x230
[  788.884510][T14628]  get_page_from_freelist+0x2e4c/0x2f10
[  788.890055][T14628]  __alloc_pages_noprof+0x256/0x6c0
[  788.895249][T14628]  alloc_slab_page+0x5f/0x120
[  788.899919][T14628]  allocate_slab+0x5a/0x2f0
[  788.904417][T14628]  ___slab_alloc+0xcd1/0x14b0
[  788.909099][T14628]  __slab_alloc+0x58/0xa0
[  788.913457][T14628]  __kmalloc_noprof+0x25a/0x400
[  788.918316][T14628]  security_task_alloc+0x43/0x130
[  788.923361][T14628]  copy_process+0x1692/0x3d90
[  788.928052][T14628]  kernel_clone+0x226/0x8f0
[  788.932574][T14628]  user_mode_thread+0x132/0x1a0
[  788.937438][T14628]  call_usermodehelper_exec_work+0x5c/0x230
[  788.943340][T14628]  process_scheduled_works+0xa2c/0x1830
[  788.948887][T14628]  worker_thread+0x86d/0xd40
[  788.953478][T14628]  kthread+0x2f0/0x390
[  788.957541][T14628] page_owner free stack trace missing
[  788.962901][T14628] 
[  788.965227][T14628] Memory state around the buggy address:
[  788.970849][T14628]  ffff88802f144180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  788.978911][T14628]  ffff88802f144200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[  788.986989][T14628] >ffff88802f144280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  788.995045][T14628]                                      ^
[  789.000664][T14628]  ffff88802f144300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  789.008716][T14628]  ffff88802f144380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  789.016773][T14628] ==================================================================
[  789.027889][T14628] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  789.035203][T14628] CPU: 0 UID: 0 PID: 14628 Comm: syz.1.2304 Not tainted 6.10.0-next-20240725-syzkaller #0
[  789.045110][T14628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  789.055182][T14628] Call Trace:
[  789.058456][T14628]  <TASK>
[  789.061379][T14628]  dump_stack_lvl+0x241/0x360
[  789.066063][T14628]  ? __pfx_dump_stack_lvl+0x10/0x10
[  789.071273][T14628]  ? __pfx__printk+0x10/0x10
[  789.075890][T14628]  ? preempt_schedule+0xe1/0xf0
[  789.080771][T14628]  ? vscnprintf+0x5d/0x90
[  789.085125][T14628]  panic+0x349/0x870
[  789.089049][T14628]  ? check_panic_on_warn+0x21/0xb0
[  789.094179][T14628]  ? __pfx_panic+0x10/0x10
[  789.098619][T14628]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  789.104619][T14628]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  789.110972][T14628]  ? print_report+0x502/0x550
[  789.115675][T14628]  check_panic_on_warn+0x86/0xb0
[  789.120635][T14628]  ? uprobe_mmap+0xb9a/0x11a0
[  789.125341][T14628]  end_report+0x77/0x160
[  789.129603][T14628]  kasan_report+0x154/0x180
[  789.134124][T14628]  ? uprobe_mmap+0xb9a/0x11a0
[  789.138828][T14628]  uprobe_mmap+0xb9a/0x11a0
[  789.143366][T14628]  ? __pfx_uprobe_mmap+0x10/0x10
[  789.148338][T14628]  mmap_region+0x1891/0x2090
[  789.152959][T14628]  ? __pfx_mmap_region+0x10/0x10
[  789.157924][T14628]  ? irqentry_exit+0x63/0x90
[  789.162549][T14628]  ? lockdep_hardirqs_on+0x99/0x150
[  789.167786][T14628]  ? do_mmap+0xb6b/0x1010
[  789.172144][T14628]  ? path_noexec+0x44/0xe0
[  789.176588][T14628]  do_mmap+0x8f9/0x1010
[  789.180765][T14628]  ? __pfx_do_mmap+0x10/0x10
[  789.185366][T14628]  ? __pfx_down_write_killable+0x10/0x10
[  789.191015][T14628]  ? __pfx_ima_file_mmap+0x10/0x10
[  789.196146][T14628]  ? security_mmap_file+0x178/0x1a0
[  789.201368][T14628]  vm_mmap_pgoff+0x1dd/0x3d0
[  789.205981][T14628]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  789.211109][T14628]  ? __fget_files+0x29/0x470
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  789.215733][T14628]  ? __fget_files+0x3f6/0x470
[  789.220422][T14628]  ksys_mmap_pgoff+0x4f1/0x720
[  789.225177][T14628]  ? __x64_sys_mmap+0x7f/0x140
[  789.229953][T14628]  do_syscall_64+0xf3/0x230
[  789.234659][T14628]  ? clear_bhb_loop+0x35/0x90
[  789.239365][T14628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.245295][T14628] RIP: 0033:0x7fda27d75f19
[  789.249724][T14628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.269356][T14628] RSP: 002b:00007fda28b09048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  789.277803][T14628] RAX: ffffffffffffffda RBX: 00007fda27f06110 RCX: 00007fda27d75f19
[  789.285800][T14628] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 0000000020000000
[  789.293782][T14628] RBP: 00007fda27de4e68 R08: 000000000000000a R09: 0000000000000000
[  789.301774][T14628] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[  789.309763][T14628] R13: 000000000000006e R14: 00007fda27f06110 R15: 00007ffcb931a678
[  789.317772][T14628]  </TASK>
[  789.321151][T14628] Kernel Offset: disabled
[  789.325473][T14628] Rebooting in 86400 seconds..