last executing test programs:

18.554860384s ago: executing program 4 (id=335):
r0 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045730, 0x0)

17.582568005s ago: executing program 4 (id=338):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
listen(r2, 0x0)

16.379045258s ago: executing program 4 (id=344):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
syz_open_dev$usbfs(0x0, 0x9, 0x600)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xab, &(0x7f0000000680)=""/171, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x7, 0x0, 0x0, 0x7fdfffff}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INFO(r5, 0x0, 0x80, 0x0, &(0x7f0000000280))
shutdown(r5, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func={0x1, 0x0, 0x0, 0x12}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}, {0x0, [0x2e, 0x0, 0x0, 0x61]}}, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
sched_getattr(r1, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

15.730907823s ago: executing program 1 (id=345):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x1, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r0, 0x40049366, 0x1000000000000)

15.730215529s ago: executing program 3 (id=346):
r0 = socket$inet(0x2, 0x4000000805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x2004c850}], 0x1, 0x0)

14.314481875s ago: executing program 4 (id=349):
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008005, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="646f74732c646f74732c646f74732c636865636b3d72656c617865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030302c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d7374726963742c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c6e6f646f74732c646f74732c666d61736b3d30303030303030303030303030303030303030303030322c6e6f646f74732c646f74732c666c7573682c6e6f646f74732c636865636b3d6e6f726d616c2c0079c7cebee7a0df8765ffc536c4e752679b645307d1bf097e07b8e261bb27d1bb80ee490fc501e4f230ddf1483b11ac5c39a93cfc3ba360037c79a9be063a3bf5015e3d6a8cad0e98ccb29619c51c44ec612fc7ff44fa8cf7759eada764c43ba9d602a958bd209ace3df01c3dae04baa94aedc5515da8160ae0"], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
mount$nfs(0x0, 0x0, 0x0, 0x0, 0x0)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x188}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2)

14.300639599s ago: executing program 1 (id=350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x840000000002, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), r0)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x14, r5, 0x303, 0x4, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x4000080)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x140, 0x4b0, 0x3ff, 0x0, 0x0, 0x0, {0x4, 0x4}, {}, {0x0, 0x4}, {0x0, 0x0, 0x8}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x100, 0x0, 0xc})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xe, &(0x7f0000000700)={[{@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x7fffffff}}, {@debug}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x449, &(0x7f0000000180)="$eJzs3MtvG0UYAPBvnUfpi4SqPPoAAgVRXkmTltIDFxBIHEBCgkM5hiStQt0GNUGiVUQDQuWIKnHigjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+8mtmO7cerEJf79pHVmdseZ+XZ37NmdbALoWSPpSxKxJyL+iIihSra2wEjlx63lxal/lhenkiiV3v47KZe7ubw4lRfN37c7z/RHFD5L4lCDeucvXT43WSzOXMzyYwvnPxibv3T5+dnzk2dnzs5cmDh16sTx8RdPTrzQkTjTuG4e/Hju8IHX37325tTpa+/98l2Sx18XR4eMtNr4ZKnU4eq6a29VOunvYkNoS1+lm8ZAuf8PRV+sHryheO3TrjYO2FSlUqn0QPPNSyVgG0ui2y0AuiP/ok+vf/Nli4Yed4UbL1cugNK4b2VLZUt/FLIyA3XXt500EhGnl/79Ol1ic+5DAADU+CEd/zzXaPxXiOr7QvdmcyjDEXFfROyLiJMRsT8i7o8ol30wIh5qs/76SZK145/C9Q0Ftk7p+O+lbG6rdvyXj/5iuC/L7S3HP5CcmS3OHMv2ydEY2JHmx1vU8eOrv3/RbFv1+C9d0vrzsWDWjuv9O2rfMz25MHknMVe78UnEwf5G8ScrMwFJRByIiIMbrGP2mW8PN9t2+/hb6MA8U+mbiKcqx38pyvHnO3t1FjRpPT85dk8UZ46N5WfFWr/+dvWtZvXfUfwdkB7/XQ3P/5X4h5Pq+dr5dn77V0+nr1f//LzpNc1Gz//B5J2adR9NLixcHI8YTN6oNLp6/URduYnV8mn8R4807v/7YnVPHIqI9CR+OCIeiYhHs7Y/FhGPR8SRFnvh51eeeH/j8W+uNP7pto7/amIw6tc0TvSd++n7mkqH24k/Pf4nyqmj2Zr1fP6tp13tns0AAADwf1WIiD2RFEZX0oXC6Gjlb/j3x65CcW5+4dkzcx9emK48IzAcA4X8TtdQ1f3Q8eyyPs9P1OWPZ/eNv7yys5wfnZorTnc7eOhxu5v0/9Rffd1uHbDpPK8FvUv/h96l/0Pv0v+hdzXo/zu70Q5g6zX6/r/ShXYAW6+u/69j2m+b/fc66GGu/6F3baT/+8yA7aFlXx7cunYAW2p+Z9z+IXkJiTWJKNwVzZDYpES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6478AAAD//7Gi6UQ=")

14.23503417s ago: executing program 5 (id=351):
fsopen(&(0x7f0000000380)='hugetlbfs\x00', 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, 0x0, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = dup(0xffffffffffffffff)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)

14.234345924s ago: executing program 3 (id=352):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x840000000002, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), r0)

12.878514183s ago: executing program 3 (id=353):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r5, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100280000000000000002000000200001800d00010075"], 0x34}}, 0x0)

12.55513107s ago: executing program 0 (id=354):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x8001000000000000, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0x11, 0x148, 0xb8, 0x0, 0x190, 0x2a8, 0x2a8, 0x190, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x6, 0x6, 0xd04, 'netbios-ns\x00', {0x5}}}}, {{@ip={@multicast1, @private=0xa010102, 0xffffffff, 0xffffff00, 'veth1_to_batadv\x00', 'macsec0\x00', {0xff}, {}, 0x6, 0x2, 0x8}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x288)

12.373314598s ago: executing program 2 (id=355):
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000280)={0x1, &(0x7f0000528000)=[{0x6}]}, 0x10)
connect$unix(r1, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
close(r0)

10.665172826s ago: executing program 1 (id=356):
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10002, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='netfs_sreq\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
write$tun(r4, &(0x7f0000000380)=ANY=[], 0x36)

10.239936143s ago: executing program 3 (id=357):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x1d})

9.752101948s ago: executing program 5 (id=358):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000080)={0x10001, r1})
memfd_secret(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=<r4=>0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x2b, @empty, @empty}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[@ANYRES64=r5], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r6, 0x0, r0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

9.122470312s ago: executing program 0 (id=359):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
listen(r3, 0x0)

8.575384184s ago: executing program 2 (id=360):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000000)={0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x7, &(0x7f0000000380)={0x0, 0x2, 0x103fe, 0x2})

8.012035571s ago: executing program 5 (id=361):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
syz_open_dev$usbfs(0x0, 0x9, 0x600)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xab, &(0x7f0000000680)=""/171, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x7, 0x0, 0x0, 0x7fdfffff}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INFO(r5, 0x0, 0x80, 0x0, &(0x7f0000000280))
shutdown(r5, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func={0x1, 0x0, 0x0, 0x12}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}, {0x0, [0x2e, 0x0, 0x0, 0x61]}}, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
sched_getattr(r1, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

7.91248433s ago: executing program 2 (id=362):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$can_j1939(0x1d, 0x2, 0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x90880)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r7, 0x13, &(0x7f00000001c0)=[0x6, 0x41], 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000019c0)={&(0x7f0000001840)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x0, [{0x0, 0x3}]}, @ptr, @enum]}}, &(0x7f00000018c0)=""/235, 0x4a, 0xeb, 0x1, 0x0, 0x0, @void, @value}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="4400000011002901800000000000000007000000", @ANYRES32=r8, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)
syz_io_uring_setup(0x4435, &(0x7f0000000140)={0x0, 0x68a9, 0x800, 0x4, 0x801}, &(0x7f00000000c0), &(0x7f0000000040))

7.834393641s ago: executing program 0 (id=363):
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000240)={0xe, 0xfffff664, 0x3, {0xa, @vbi={0x0, 0x914b, 0xfffffff3, 0x3631564e, [0xe, 0xa], [0x5, 0x5], 0x1}}, 0xffffff5f})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f00000001c0)='./file0/file0\x00', 0x10088, &(0x7f0000000580)=ANY=[@ANYBLOB="73686f77657865632c6e6f646f74732c7379735f696d6d757461626c652c646f74732c6e66732c6e6f646f74732c6e6f646f74732c64656275672c646f74732c756d61736b3d30303030303030303030303030303030303030303230302c00c4cd878e2e225ee8a12ec0f0234a613f191236529e2eb19792d74d539f7b74148c4cd01ca5836451894237f5161f323e3dff6322349bb51c07b887571b07ed2b9f7e59a22824b104346da8", @ANYRESOCT], 0x1, 0x21a, &(0x7f0000000900)="$eJzs3T1rW1cYB/BTv1vFL1OhXXpol3a5uO4nEMWGUkGLa5UmQ+Aay4mQIhldkUghg+dM+RwmY7ZAyBfwt8hmAsGTpyjYkt+dOCQ4sq3fD8R5xB/Bc7gSPFego+3/n96vrGXJWtoMQxMxDIWwEXZDmN2rer7prUP79Vg4biP8Ovdg58m/t27/lS8UFpZiXMwv/z4fY5z+8eXDx89+etX89r/n0y/Gw9bsne2386+3vtv6fvvd8r1yFstZrNWbMY0r9XozXamW4mo5qyQx/lMtpVkplmtZqXEiX6vW19fbMa2tTuXWG6Usi2mtHSuldmzWY7PRjundtFyLSZLEqVzgIsXNpaU0f3iBuZEajXw6HEKYPJMUN/vSEADQV+b/Qdab/7nR9ub/XO/ze5L5HwAAAAAAAAAAAAAAroPdTmem0+nMHKwHj/EQwkQI4eB5v/vkcrj+g+3YD/cmQniz0Sq2it21my/+WViYi/tmj16102oVhw/z37p5PJmPhlwvnz83Hwu//NzN97I//i6cyifD6uVvHwAAAAZCEg+de3+fJB/Ku9Wx7wdO3b+PhB9Gvto2AAAAgI/I2o8qabVaaigU16Do9N63V6WfzyhGQwhXoI2LirP/FgIAAFxvR0N/vzsBAAAAAAAAAAAAAAAAAACAwfUJ54GNfulxYv3eIwAAAAAAAAAAAAAAAAAAAAAAAFwV7wMAAP///yzMGA==")
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
renameat2(r3, 0x0, r3, &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r4 = socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg(r4, &(0x7f00000000c0)={0x0, 0x9506, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

7.33881168s ago: executing program 1 (id=364):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x3f00}, @TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x70}}, 0x0)

6.502969666s ago: executing program 4 (id=365):
r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xf604, 0x108008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
preadv2(r0, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

6.262544316s ago: executing program 0 (id=366):
socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000900)=@delchain={0x40, 0x2e, 0xb01, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r0, {}, {0xfff3, 0xffff}, {0x9, 0x4}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}, @filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x40}}, 0x0)

6.256277092s ago: executing program 5 (id=367):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f0000000300)='./file0\x00', 0x2000000, &(0x7f00000018c0)=ANY=[], 0x3, 0x1c4, &(0x7f0000000380)="$eJzs282K02AUxvHnTdLOZPx2dOOqoKAbJ04HPwY3unMztyAMM3EopirWTYtQBMHr8Iq8AS/Bgm4VjCRNU5qm1H6k0fb/W52TMy85meZtTxYRgI1VU01GRlaSd3dNRb/CfmKV2RmAokU7/XcIYDPZ38vuAEA5ek+jKcD0hwG7MjYffDXSE0nffrw/kVUdq/c+SDfcpG62tJ2dLz5LtwfrjZu7fiet7+TW79wcnP+czuuCLuqSLuuKrib103T99QUmIWDzGO1l85EDll40Av9emlfifD/Nq3Fez+QHab4V53snr4PToi4BwJysKfvfzux/J7P/Afy/Wu3Oy+Mg8N/OHDz+GYazr4oDW1JOKXkKySstLwhtKbdULfCkMwUfzYQOFw9qWtVVRE+K46XoiXPCXbedd0M+07/xoTgTdoozZXlXUueLpKW04S7tv+Fq+t+U950EYDW8d803XqvdudtoHp/5Z/6r+qP64YOD+/sPD7148vdG538A62P4o192JwAAAAAAAAAAAAAAYF67upZEzvDgp7K6AQAAAFCkv3pn6OjW0fMFXjkq+xoBAAAAAAAAAAAAAAAAAACAdfEnAAD//wweEbY=")
syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r0 = landlock_create_ruleset(&(0x7f0000000400)={0x2100, 0x0, 0x2}, 0xb, 0x0)
landlock_restrict_self(r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)

5.469841709s ago: executing program 2 (id=368):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xf604, 0x108008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
socket(0x15, 0x5, 0x0)
close(0xffffffffffffffff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000340)={0xa, 0x4e20, 0x4686, @loopback}, 0x1c)
preadv2(r0, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

5.32824734s ago: executing program 5 (id=369):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

5.294424747s ago: executing program 0 (id=370):
fsopen(&(0x7f0000000380)='hugetlbfs\x00', 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, 0x0, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = dup(0xffffffffffffffff)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)

3.026283887s ago: executing program 4 (id=371):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x20108c0, &(0x7f0000006780)=ANY=[@ANYRES16=0x0], 0xfe, 0x61e9, &(0x7f000001f540)="$eJzs3c9vHGf9B/DP/vSPfJtYPVT9Rgi5aflRSpM4KSFQoOkBDlx6QLmiRK5bRaSAklCllUVc+cKBE38BCIkjQhwRB/6AHrhy48SJSDYSqCcGjf088exmt2vX9s7a83pJzsxnnxnvM37v7I/MzD4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3v/eDlVZE3Ho/3bAU8X/RiWhHLJT1ckQsLC/l5bsR8XzsNMdzEdGbiyjX3/nnXMRrEfHx2Yit7fXV8uYr++zHd//wt9/+8Mxbf/1979J//vig8/q45R4+/OW///TocNsMAAAATVMURdFKH/PPp8/37bo7BQBMRX79L5J8+6mvf/WPt/48S/1Rq9VqtXoKdVUx2qNqEREb1XXK9wwOxwPACbMRn9TdBWok/0brRsSZujsBzLRW3R3gWGxtr6+2Ur6t6uvB8m57PhdkIP+N1pPrO8ZNJxk+x2Raj6/N6MSzY/qzMKU+zJKcf3s4/1u77f203HHnPy3j8u/vXvrUODn/znD+Q05P/u2R+TdVzr97oPw78gcAAAAAgBmW//9/qebjv3OH35R9+bTjv8tT6gMAAAAAAAAAHLXDjv/3hPH/AAAAYGaVn9VLvz67d9u472Irb7/ZinhmaHmgYdLFMot19wMAAAAAAAAAAAAAmqS7ew7vzVZELyKeWVwsiqL8qRquD+qw6590Td9+aLK6n+QBAGDXx2eHruVvRcxHxM30XX+9xcXFophfWCwWi4W5/H62PzdfLFQ+1+Zpedtcfx9viLv9ovxl85X1qiZ9Xp7UPvz7yvvqF519dOyI9NJfc0xzTWEDQLL7arTlFemUKYpz4958wAD7/ym0FEt1P66YfXU/TAEAAIDjVxRF0Upf530+HfNv190pAGAq8uv/8HGBQ9XtMe0RR/P71Wq1Wq1Wf6a6qhjtUbWIiI3qOuV7BsPxA8AJsxGf1N0FaiT/RutGxPN1dwKYaa26O8Cx2NpeX22lfFvV14M0vns+F2Qg/43Wznp5/VHTSYbPMZnW42szOvHsmP48N6U+zJKcf3s4/1u77f20XM7nXBxP/tMyLv/+ziVzzZPz7wznP+S49/9p2Yz2yPybKuffPVD+HfkDAAAAAMAMy///v+T4b95kAAAAAAAAADhxtrbXV/N1r/n4/+dGLOf6z9Mp5986aP4LaV7+J1rOvz2U/5eHlutU5h+/ubf//2t7ffV3D/75/3m63/zn8kwrPbJa6RHRSvfU6qbpYbbuaZu9Tr+8p16r3emmc36K3jtxJ+7GWlweWLad/h577SsD7WVPewPtVwbau0+1Xx1o76XvHSgWcvvFWI2fxN14e6e9bJubsP3zE9qLCe05/47n/0bK+XcrP2X+i6m9NTQtPf6o/dR+X52Oup8bdz7/i8vHvzkTbUbnybZVldt3oYb+7PxNzvTjZ/fX7l18ePvBg3srkSYDt16JNDliOf/ezs/c3vP/i7vt+Xm/ur8+/qh/4PxnxWZ0x+b/YmW+3N6Xp9y3OuT8++kn5/92ah+9/5/k/Mfv/6/U0B8AAAAAAAAAAAAAAAD4NEVR7FwieiMirqXrf+q6NhMAmK4b+ULvYlcMlmq1Wq1Wq09RXVWM9ka1iIi/VNe5FhE/H/XLAIBZ9t+I+HvdnaA28m+w/H1/5fSlujsDTNX9Dz780e27d9fu3a+7JwAAAAAAAADAZ5XH/1yujP/8UkQsDS03MP7rm7F82PE/u3nmyQCjRzzQ9xib7X6nXRlu/IXYGZ/74rjxvy/E0+N/50slO9XtGKM3ob0/oX1uQvv8yFv30hp5oUdFzv+FynjnZf7nh4Zfb8L4r8Nj3jdBzv9C5fFc5v+loeWq+Re/mbn8N/a74Ga0B/K/9OC9n166/8GHr9557/a7a++u/fjqysrlq9euXb9+/dI7d+6uXd7993h6PQNy/nnsa+eBNkvOP2cu/2bJ+X8h1fJvlpz/F1Mt/2bJ+ef3e/Jvlpx//uwj/2bJ+b+cavk3S87/K6mWf7Nsba/Plfm/kmr5N0ve/7+aavk3S87/1VTLv1ly/hdTLf9myflfSvU+8vf18KdIzj8f4bL/N0vOfyXV8m+WnP+VVMu/WXL+V1Mt/2bJ+b+Wavk3S87/a6mWf7Pk/K+lWv7NkvP/eqrl3yw5/+upln+z5Py/kWr5N0vO/5upln+z5PxfT7X8myXn/61Uy79Zcv7fTrX8myXn/51Uy79Zcv5vpFr+zbL3/f9mzJgxk2fqfmYCAAAAAAAAAAAAAIaNPQ34/Yg4otOJ695GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd68xcp3lHcDP7MVeO4QYCMFJDawdY4yzZNeX+ELrYsK1AUqBhEIv2K53bRZ8w2uXkEay03CJhKOiiqrph7aAojZSVWFVfKBVSvOh6kX90LQf6JeKqhJSoypEARWpLTRbzZz3fXdmdnZm1ju2z57z+0nJsztzzpx3zrzn7Dy7/s8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJptfvvMF2tZltX/a/xvQ5a9rP71uvENjdvecqNHCAAAAKzU/zX+/+It6YZDfazUtMzfvu4fvzk/Pz+ffXT4d0a/Mj+f7hjPstG1Wda4L7ry7x+rNS8TPJqN1Yaavh/qsfnhHveP9Lh/tMf9a3rcv7bH/WM97l+0AxZZl/8+pvFgWxtfbsh3aXZrNtq4b2uHtR6trR0air/Laag11pkfPZ7NZiezmWyqZfl82Vpj+ac317f1nixua6hpW5vqM+QHDx+LY6iFfby1ZVsLjxl9/23Z+A9/8PCxPzr//O2das/d0PJ4+Ti3b6mP83PhlnystWxt2idxnENN49zU4TUZbhlnrbFe/ev2cb7Y5ziHF4Z5XbW/5mPZUOPrZxv7aaT513ppP20Kt/33nVmWXVoYdvsyi7aVDWXrW24ZWnh9xvIZWX+M+lR6ZTayrHm6uY95Wq/TW1vnafsxEV//zWG9kSXG0Pwyff+RNYte9+XO06j+rJc6Vtrn4KCPlaLMwTgvnm086cc6zsGt4fk/vG3pOdhx7nSYg+l5N83BLb3m4NCa4caY04tQa6yzMAd3tiw/3NhSrVGf29Z9Dk6eP3V2cu6zD7159tTREzMnZk7v3rlzavfevfv37588PntyZir//1Xu7eJbnw2lY2BL2HfxGHhj27LNU3X+a4M7Dse6HIcb2pYd9HE40v7katfngFw8p/Nj4/76Th+7PJQtcYw1Xp8dKz8O0/NuOg5Hmo7Djj9TOhyHI30ch/Vlzu7o7z3LSNN/ncZwrX4WbGiag+3vR9rn4KDfjxRlDo6FefGvO5b+WbApjPexieW+HxleNAfT0w3nnvot6f3+2P5G6TQv76jfcdOa7MLczLm7Hzx6/vy5nVko18WrmuZK+3xd3/ScskXzdWjZ8/XQ7Oseu6PD7RvCvhp7c/1/Y0u+VvVl9tzd/bVq/HTrvD9bbt2VhTJg13t/dvppXt+fqZfssj/ry3xucuXvxVNf2nT+HV3i/Bv7/pfy7aWHenR4dCQ/fofT3hltOR+3vlQjjXNXrbHtFyf7Ox+Phv+u9/n41i7n441tyw76fDza/uTi+bjW67cdK9P+eo6FeXJyqvv5uL7Mxl3LnZMjXc/Hd4ZaC/v/TaFTSH1R09xZat6mbY2MjIbnNRK30DpPd7csPxp6s/q2ntp1dfN0+535Yw2nZ7fges3T8bZlBz1P0/lqqXla6/Xbt6vT/nqOhXlx6+7u87S+zDN7Vn7uXBe/bDp3ruk1B0eH19THPJomYX6+n18X5+Dd2bHsTHYym27cu6Yxn2qNbU3c098cXBP+u97nyo1d5uD2tmUHPQfTz7Gl5l5tZPGTH4D213MszIsn7uk+B+vLvGPfYN+7bg+3pGWa3ru2/35tqd953dG2m67l77zq4/zrfd1/N1tf5uT+rn3mole01366K9xyU4f91H78LnVMTWfXZz9tDON8fv/S+6k+nvoyXznQ53w6lGXZxU/f2/h9b/j7yp9d+M43W/7u0ulvOhc/fe8LNx//m+WMH4DV76W8rM9/1jX9Zaqfv/8DAAAAq0Ls+4dCTfT/AAAAUBqx74//KjzR/wMAAEBpxL5/JNSkIv3/xnc8P/vSxSwl8+eDeH/aDffly8WM61T4fnx+Qf32e5+c+dFfXOxv20NZlv3kvt/ouPzG++K4cuNhnFfe2Xr74hUv9rX9Iw8sLNecX/9qePz4fPqdBp0iuFNZlj19y+ON7Yx/7HKjPnPfkUb90KXHHq0v8+KB/Pu4/nOvypf//RD+PXT8aMv6z4X98L1Qp97beX/E9b5x+U2b9n1kYXtxvdqWlzee9hMfzx83fk7Olx/Nl4/7eanx/+WXnvpGffkH39B5/BeHOo//qfC4T4b6P6/Nl29+Derfx/U+H8YftxfXu/vr3+44/itfzJc/+658uSOhxu1vD99vfdfzs83768Ha0Zbnlb07Xy5uf+o7v9W4Pz5efPz28Y8dvtyyP9rnxzP/nD/OZNvy8fa4nejP27Zff5zm+Rm3/9QXjrTs517bv/Kh515bf9z27d/Vttxw2/rtn9j0B59/vOP24ngO/enZludz6IPhOA7bf+LjYT6G+//3yuMt242OfLD1/BOX/+qGiy3PJ3rPD/PtX3nriUb9j/Ef/d5NL7v55ZdeX993Wfbsh/PH67X9E394pmX8X7ttR+P1iPfHjH779pcSt3/uMxOnz8xdmJ1u2quNz855Xz6etWPr1tfHe0s4t7Z/f/jM+U/MnBufGp/KsvHyfoTeVft6qC/k5dJy19/xQHg97/jdp9dv+6cvxdv/5f789svvzX9uvTEs9+Vw+4b89ZuvrXD7T2y+rXF8157Jv2/JsQ/Apq3/ub+vBcPzb39fEOf72Vd/orEf6vc1fm7E43qF4//udP443wr7dT58MvOW2xa217x8/GyEyx/Oj/cV779wmouv6x+H1/v938sfP44rPt/vhvcx397Yer6L8+NbF4faH7/xKR6Xwvkku5TfH5eK+/vyi7d1HF78HJLs0u2N7387Pc7ty3qaS5n77NzkydnTFx6cPD8zd35y7rMPHT515sLp84cbn+V5+JO91l84P61vnJ+mZ/buyabWZVl2Jpu6DiesazP++lf9jf/sA8em901tm545fvTC8fMPnJ05d+LY3Nyxmem5bUePH5/5TK/1Z6cP7tx1YPe+XRMnZqcP7j9wYPeBidnTZ+rDyAfVw96pT02cPne4scrcwT0Hdt5zz56piVNnpmcO7puamrjQa/3Gz6aJ+tq/PnFu5uTR87OnZibmZh+aObjzwN69u3p+GuCps8fnxifPXTg9eWFu5txk/lzGzzdurv/s67U+5TT3b/n72Xa1/IP4sg/ctTd9Pmvdk48s+VD5Im0fIPp8+Cyav3/F2f39fB/7/tFQk4r0/wAAAFAFse9fE2qi/wcAAIDSiH3/2lAT/T8AAACURuz7x0JNytL/17pHD+X/5f/7y//n98v/Vyv/f/bTea50tef/Y35e/r8abnD+f8Xbl/+X/y9f/r///PxqH7/8v/w/ixUt/x/7/nVZVs7+HwAAAEh9//pQE/0/AAAAlEbs+28KNdH/AwAAQGnEvv9loSYV6f/l//vK/+/qFbhayD//OO29cuX/Xf9f/j9bnfn/+OLI/1fGsvP3H7m/5Vv5/0D+X/5f/l/+X/6fFRtd8p4blf+Pff/NoSYV6f8BAACgCmLf//JQE/0/AAAAlEbs+28JNdH/AwAAQGnEvn9DqElF+n/5f9f/l/+X/y91/n+l1/9vGoz8/+rg+v/dyf/3cNX5/zH5/9WY/x8d7PiLnf/vOXz5f66Jol3/P/b9rwg1qUj/DwAAAFUQ+/5XhpqsvVEjAgAAAAYt9v2vCjXx938AAAAojdj33xpqUpH+X/5f/l/+X/5f/r/z9ntf/z//Sv6/WOT/u5P/78H1/6uV/x/w+Iud/x/09f9H39m+vvw/nRQt/x/7/leHmlSk/wcAAIAqiH3/baEm+n8AAAAojdj3vybURP8PAAAApRH7/o2hJhXp/+X/B5P//4eji2+T/5f/j+T/w3woXf4/J/9fLPL/3cn/9yD/L/8v/99f/r/Dh1/J/9NJ0fL/se+/PdSkIv0/AAAAVEHs++8INdH/AwAAQGnEvv+nQk30/wAAAFAase/fFGpSkf5f/t/1/+X/q5X/v2uN/L/8f7nJ/3cn/9+D/L/8v/x/n9f/X2w5+f+1vR6M0iha/j/2/a8NNalI/w8AAABVEPv+14Wa6P8BAACgNGLf//pQE/0/AAAAlEbs+8dDTSrS/8v/lyv//yd/9cTrM/l/+f8e2y9p/j9OA/n/ipP/725A+f8fZ/L/8v8dyP/L/7v+P+2Klv+Pff/mUJOK9P8AAABQBbHv3xJqov8HAACA0oh9/52hJvp/AAAAKI3Y928NNalI/y//X678fyT/L//fbfslzf8n8v/VJv/fQdNBeiOv/9/pZ2U7+X/5/9U8/nLk/+O7X/l/BqNo+f/Y978h1KQi/T8AAABUQez7t4Wa6P8BAACgNGLf/8ZQE/0/AAAAlEbs+7eHmlSk/5f/l/+X/5f/l//vvH35/9VJ/r+75eb/1www/98P+X/5/9U8/nLk/13/n8EqWv4/9v1vCjWpSP8PAAAAVRD7/h2hJvp/AAAAKI347zfzf/eq/wcAAIAyin3/RKhJRfp/+X/5/yrl/2vy//L/8v+lJ//f3Y28/n8/5P/Lm/9vfpt9rcj/y/9TPEXL/8e+/82hJhXp/wEAAKAKYt9/d6iJ/h8AAABKI/b9k6Em+n8AAAAojdj3T4WaVKT/l/+X/69S/t/1/+X/5f/LT/6/O/n/HuT/Xf+/bPn/LJP/54YqWv4/9v07Q00q0v8DAABAFcS+f1eoif4fAAAASiP2/btDTfT/AAAAUBqx798TalKR/l/+X/5f/l/+X/6/8/bl/1cn+f/u5P97kP+X/y9b/t/1/7khFk6IRcv/x77/nlCTivT/AAAAUAWx798baqL/BwAAgNKIff++UJPQ/3f6d90AAADA6hL7/v2hJhX5+7/8f0ny/7/5dy3blv+X/++2/cHk/9fJ/4cq/18sJc3/tx8WV03+vwf5f/l/+X/5fwaqaPn/2PcfCDWpSP8PAAAAVRD7/reEmuj/AQAAoDRi3//ToSb6fwAAACiN2Pf/TKhJRfp/+f+S5P/byP/L/3fbvuv/y/+XWUnz/wNTqvz/kPy//H+xxi//L//PYtc+/x+/6i//H/v+g6EmFen/AQAAoApi3/+zoSb6fwAAACiN2Pe/NdRE/w8AAAClEfv+Q6EmFen/5f/l/+X/5f+vTf7/rVm7Iub/65NH/r9c5P+7K1X+3/X/5f8LNv4bm/9/JMsy+X+Kp2jX/499/9tCTSrS/wMAAEAVxL7/3lAT/T8AAACURuz73x5qov8HAACA0oh9/ztCTSrS/8v/y//L/8v/u/5/5+3L/69O8v/dyf/3IP8v/79q8/+u/08xFS3/H/v+d4aaVKT/BwAAgCqIff+7Qk30/wAAAFAase9/d6iJ/h8AAABKI/b97wk1qUj/L/8v/y//L/8v/995+/L/q5P8f3fy/z3I/8v/y//L/zNQRcv/x77/50JNKtL/AwAAQBXEvv++UBP9PwAAAJRG7PvfG2qi/wcAAIDSiH3/+0JNKtL/y//L/8v/y//L/3fevvz/6iT/3538fw/y/6sx/z9SlPHL/8v/s1jR8v+x739/qElF+n8AAACogtj3/3yoif4fAAAASiP2/R8INdH/AwAAQGnEvv8XQk0q0v/L/8v/Fyv/P3+xeT35f/n/bFD5//pK8v+VIP/fnfx/Dx3y/2uLk/8fk/8v9vjLkv//wk1ZJv/PoBQt/x/7/g+GmlSk/wcAAIAqiH3/h0JN9P8AAABQGrHv/3Coif4fAAAASiP2/feHmlSk/5f/r2T+Pz3l4uX/Xf9f/t/1/+X/V0b+vzv5/x5c/1/+X/7f9f8ZqKLl/2Pf/0CoSUX6fwAAAKiC2Pd/JNRE/w8AAAClEfv+Xww10f8DAABAacS+/6OhJhXp/+X/K5n/L/D1/8uW/x9pmR9Vyv+PNb2eaV7K/8v/Xwfy/93J//cg/y//X+T8f5jN65ZYX/6fIipa/j/2/R8LNalI/w8AAABVEPv+Xwo10f8DAABAacS+/5dDTfT/AAAAUBqx7/+VUJOK9P/y//L/8v+u/+/6/523L/+/Osn/dyf/34P8v/x/kfP/Pcj/U0RFy//Hvv9XQ02WbPxe+K8+niYAAABQILHv/3ioSUX+/g8AAABVEPv+w6Em+n8AAAAojdj3Hwk1qUj/L//fnv+PV1SV/5f/l/+X/5f/X40Gl/9/zc1ZJv8v/y//L/8v/y//z0oULf8f+/6joSYV6f8BAACgCmLf/2uhJvp/AAAAKI3Y9x8LNdH/AwAAQGnEvn861KQi/f8NzP+PFjP/7/r/V5v//4n8v/x/IP/fmfz/9eH6/93J//cg/y//X5L8f/17+X+KoGj5/9j3z4SaVKT/BwAAgBJLvw6Off/xUBP9PwAAAJRG7PtPhJro/wEAAKA0Yt//iVCTivT/rv9/A/P/cTeXJP+fyf8vI/8/0rK8/H9O/l/+fxDk/7uT/+9B/l/+vyT5f9f/pyiKlv+Pff9sqElF+n8AAACogtj3fzLURP8PAAAApRH7/k+Fmuj/AQAAoDRi338y1KQi/b/8v+v/Vz3/X8uyS67/L//fafvy/6uT/H938v89yP/L/8v/y///P3v30VzZWe1x+FzfjiPgGzBmxBBG5iMwZQRVjA0YTA62yRlMzsFkE0zOweScczY5RxMNVU1ZWmt1Szrau9Xa0tn7fZ9nsq4btyV1C9/60/Wrl0nNrf/P3X9F3NLJ/gcAAIAe5O6/T9xi/wMAAEAzcvffN26x/wEAAKAZufvvF7d0sv9b7/9P7vO36f/1/xf+eun/9f/rPv7m+/8TW/9W1v8fzJ7+/sT6v2+/KHzf/v/Od7nqXvp//b/+f5D+X/+v/2e3ufX/ufuvjFs62f8AAADQg9z9949b7H8AAABoRu7+B8Qt9j8AAAA0I3f/VXFLJ/u/9f5/P0fT/99zR+Sn/9f/7/z+WEj/f5P+fz79v/f/L4X3/4fp/0fo//X/+n/9P5OaW/+fu/+BcUsn+x8AAAB6kLv/QXGL/Q8AAADNyN3/4LjF/gcAAIBm5O5/SNzSyf7X/3v/X/+/lP7/lPf/d309+n/9/zr6/2H6/xH6f/2//l//z6Tm1v/n7n9o3NLJ/gcAAIAe5O5/WNxi/wMAAEAzcvc/PG6x/wEAAKAZufsfEbd0sv/1//p//f9S+v9jev9f/6//X7jrV+f/naD/30v/P2Kk/1+t9P9DLrqfX//lLefz34f+X//PXnPr/3P3PzJuudtqdepSv0gAAABgVnL3Pypu6eTP/wEAAKAHufuvjlvsfwAAAGhG7v5r4pZO9r/+X/+v/9f/6//Xf3z9/zJ5/3/Y4fv/O93+inv32/97/3+Y9/+n7v9v+87Q/7Nsc+v/c/dfG7d0sv8BAACgB7n7Hx232P8AAADQjNz9j4lb7H8AAABoRu7+x8Ytnex//X9r/f//7/h5F/T/W7WL/l//P9r/5y+m/l//v1D6/2He/x+x9a+5s/WX+n/9v/f/9f8cztz6/9z9j4tbOtn/AAAA0IPc/Y+PW+x/AAAAaEbu/ifELfY/AAAANCN3/xPjlk72v/6/tf5/58/z/r/+f93H9/6//r9l+v9h+v8Rrbz/f4nfNZvu5w9r05+//l//z15z6/9z9z8pbulk/wMAAEAPcvc/OW6x/wEAAKAZufufErfY/wAAANCM3P1PjVs62f/6f/3/Mvr//Aj6f/3/0ff/Sf+/TPr/Yfr/Ea30/5do0/380j9//b/+n73m1v/n7n9a3NLJ/gcAAIAe5O5/etxi/wMAAEAzcvc/I26x/wEAAKAZufufGbd0sv/1//r/ZfT/3v/X/3v/X/9/cfT/w/T/I/T/+n/9v/6fSc2t/8/df13c0sn+BwAAgB7k7n9W3GL/AwAAQDNy9z87brH/AQAAoBm5+58Tt3Sy//X/+n/9v/5f/7/+4+v/l0n/P0z/P0L/r//X/+v/mdSM+v8LftaZ1XPjlk72PwAAAPQgd//z4hb7HwAAAJqRu//5cYv9DwAAAM3I3f+CuKWT/a//n03/v5XztdX/n12tVvr/Vaf9/9kLfj/r+1L/r/8/Bvr/Yfr/Efp//b/+X//PpGbU/2/9de7+F8Ytnex/AAAA6EHu/hfFLfY/AAAANCN3/4vjFvsfAAAAmpG7/yVxSyf7X/8/m/5/S1v9v/f/d39/9NT/e/9/L/3/8dD/D9P/j9D/6//1//p/JjW3/j93/0vjplMnL/lLBAAAAGYmd//L4pZO/vwfAAAAepC7/+Vxi/0PAAAAC3Xdnh/J3f+KuKWT/a//n7b/P3XBj+n/9f+7vz/0//p//f/R0/8P0/+P0P/r//X/+n8mNbf+P3f/K+OWTvY/AAAA9CB3//Vxi/0PAAAAzcjd/6q4xf4HAACAZuTuf3Xc0sn+1/97/1//r//X/6//+Pr/ZdL/D9P/j9D/6/832/+fPv9/6v9pwwH6/3Pnzl195P1/7v7XxC2d7H8AAADoQe7+18Yt9j8AAAA0I3f/6+IW+x8AAACakbv/9XFLJ/tf/3/A/v/k+n/e4vr//FZfVv9/zWql/9f/6//1/8P0/8P0/yP0//p/7//r/5nU3N7/z93/hrilk/0PAAAAPcjdf0PcYv8DAABAM3L3vzFusf8BAACgGbn73xS3dLL/9f/e/19Q/+/9f/3/jq9nYf3/rSv9/7FYRP9/dv+PP/f+/1r9v/5/QHf9/93vuuMv9f/6f/aaW/+fu//NcUsn+x8AAAB6kLv/LXGL/Q8AAADNyN1/Y9xi/wMAAEAzcve/NW460cn+1//r//X/+n/9//qPf8zv/59arVb6/wksov8fMPf+f5r3/3f/t/w8/b/+f8mfv/5f/89ec+v/c/e/LW7pZP8DAABAD3L3vz1usf8BAACgGbn73xG32P8AAADQjNz974xbOtn/+n/9v/5f/998/3/tIvp/7/9PRP8/bB79//70//r/JX/++n/9PxdvU/1/7v53xS2d7H8AAADoQe7+d8ct9j8AAAA0I3f/e+IW+x8AAACakbv/xrilk/2v/9f/H6T/z89T/99W/396dv3/mR3/vE7e/9f/T0T/P0z/P0L/r//X/1+n/2dKc3v//71bP+vM6n1xSyf7HwAAAHqQu//9cet/urX/AQAAoBm5+z8Qt9j/AAAA0Izc/R+MWzrZ//p//b/3//X/zb//r//viv5/mP5/hP5f/6//9/4/k5pb/5+7/0NxSyf7HwAAAHqQu//DcYv9DwAAAM3I3f+RuMX+BwAAgGbk7r8pbulk/+v/9f/6f/2//n/791D/3wb9/7Dj6f/P6v/1/9XP/1/8t0D/r/8f+/m0aW79f+7+j8Ytnex/AAAA6EHu/o/FLfY/AAAANCN3/8fjFvsfAAAAFunEmh/L3f+JuKWT/a//1//r//X/G+//4x/r/X/9/xSOp/+/Mn/7tzvx/KbQ/3v/P/TT/99xx18t7f3/3f//S/+v/2d6c+v/c/d/Mm7pZP8DAABAD3L3fypusf8BAACgGbn7Px232P8AAADQjNz9n4lbOtn/+n/9v/5f/7/x/j/+c/2//n8K3v8fpv8fof/f6Pv5S//89f/6f/aaW/+fu/+zcUsn+x8AAAB6kLv/c3GL/Q8AAADNyN3/+bjF/gcAAIBmbO3+jMs63P/6f/2//l//r/9f//H1/8uk/x+m/x+h/9f/6//1/0xqbv3/F7Z+1pnVF+OWTvY/AAAA9CB3/5fiFvsfAAAAmpG7/8txi/0PAAAAzcjd/5W4pZP9r//X/x9r/3+HU9v/wYH7/3Pnzl2t/9f/7/x6zvf/Ny+j/79B/38c9P/D9P8j9P/6f/2//p9Jza3/z93/1bilk/0PAAAAPcjd/7W4xf4HAACAZuTu/3rcYv8DAABAM3L3fyNu6WT/6/9n0P+f6aj/9/6//t/7//r/I6b/H6b/H9Fi/3/m4r/8Tffzh7Xpz1//r/9nr7n1/7n7vxm3dLL/AQAAoAe5+78Vt9j/AAAA0Izc/d+OW+x/AAAAaEbu/u/ELZ3sf/3/8fX/t/3a9fL+/9nV+s9f/6//1//r/4+a/n+Y/n9Ei/3/AWy6n1/656//1/+z19z6/9z9341bdg6/kwf7KgEAAIA5yd3/vbilkz//BwAAgB7k7v9+3GL/AwAAQDNy9/8gbulk/+v/Z/D+f4P9v/f/139/6P9n3f9fpv9vg/5/mP5/hP5f/6//n6j/z+9m/X/v5tb/5+7/YdzSyf4HAACAHuTu/1HcYv8DAABAM3L3/zhusf8BAACgGbn7b45bLtj/69ruVuj/9f/6f/2//n/9x9f/L5P+f9jF9v+nV4fr/5P+X/+v/++1//f+P9vm1v/n7v9J3OLP/wEAAGBxTu7z47n7fxq32P8AAADQjNz9P4tb7H8AAABoRu7+n8ctt1y2qU/pWOn/9f/6f/2//n/9x9f/L5P+f5j3/0fo/6fo5y/X/7fR/69W+n8Ob279f+7+X8Qt/vwfAAAAmpG7/5dxi/0PAAAAzcjd/6u4xf4HAACAZuTu/3Xc0sn+1//r/w/Z/2+lmfr/bfr/bfr/9fT/x0P/P0z/P0L/7/1//b/3/5nU3Pr/3P2/iVs62f8AAADQg9z9v41b7H8AAABoRu7+38Ut9j8AAAA0I3f/7+OWTvb/xvr/+KXW/y++//f+v/5f/6//nxX9/zD9/wj9v/5f/6//Z1Jz6/9z9/8hbulk/wMAAEAPcvf/MW6x/wEAAKAZufv/FLfY/wAAANCM3P1/jls62f/Z/2df5/1//b/+X/+v/9+m/18m/f8w/f969Rul/9f/6//1/0xqbv1/7v6/xC2d7H8AAADoQe7+v8Yt9j8AAAA0I3f/LXGL/Q8AAADNyN3/t7ilk/2/sff/9f/6f/2//l//X7+q+v/p6P+HbbL/v8ftxj+s9/833v/np6D/1//r/5nE3Pr/3P1/j1s62f8AAADQg9z9/4hb7H8AAABoRu7+f8Yt9j8AAAA0I3f/v+KWTvb/SP9/uv5G/f8g/f/Oz1//v/77Q/+v/9f/Hz39/zDv/4/Q/3v/X/+v/2dSc+v/c/f/O27pZP8DAABAD3L33xq32P8AAADQjNz9/4lb7H8AAABoRu7+/8Ytnex/7/8vqf+/XP+v/9f/6//1/yP0/8P0/yP0//p//b/+n0nNrf/P3f+/AAAA//+5hks9")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000180)='./file1\x00', r0, &(0x7f0000000640)='./bus\x00', 0x0)

2.603096364s ago: executing program 2 (id=372):
r0 = socket$inet(0x2, 0x4000000805, 0x0)
listen(r0, 0x7)
sendmmsg$inet_sctp(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@authinfo={0x12, 0x84, 0x6, {0x1}}], 0x18, 0x2004c850}], 0x1, 0x0)

2.532319755s ago: executing program 1 (id=373):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000080)={0x10001, r1})
memfd_secret(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=<r4=>0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x2b, @empty, @empty}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[@ANYRES64=r5], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r6, 0x0, r0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2.444070815s ago: executing program 3 (id=374):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x840000000002, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), r0)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x14, r5, 0x303, 0x4, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x4000080)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x140, 0x4b0, 0x3ff, 0x0, 0x0, 0x0, {0x4, 0x4}, {}, {0x0, 0x4}, {0x0, 0x0, 0x8}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x100, 0x0, 0xc})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xe, &(0x7f0000000700)={[{@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x7fffffff}}, {@debug}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x449, &(0x7f0000000180)="$eJzs3MtvG0UYAPBvnUfpi4SqPPoAAgVRXkmTltIDFxBIHEBCgkM5hiStQt0GNUGiVUQDQuWIKnHigjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+8mtmO7cerEJf79pHVmdseZ+XZ37NmdbALoWSPpSxKxJyL+iIihSra2wEjlx63lxal/lhenkiiV3v47KZe7ubw4lRfN37c7z/RHFD5L4lCDeucvXT43WSzOXMzyYwvnPxibv3T5+dnzk2dnzs5cmDh16sTx8RdPTrzQkTjTuG4e/Hju8IHX37325tTpa+/98l2Sx18XR4eMtNr4ZKnU4eq6a29VOunvYkNoS1+lm8ZAuf8PRV+sHryheO3TrjYO2FSlUqn0QPPNSyVgG0ui2y0AuiP/ok+vf/Nli4Yed4UbL1cugNK4b2VLZUt/FLIyA3XXt500EhGnl/79Ol1ic+5DAADU+CEd/zzXaPxXiOr7QvdmcyjDEXFfROyLiJMRsT8i7o8ol30wIh5qs/76SZK145/C9Q0Ftk7p+O+lbG6rdvyXj/5iuC/L7S3HP5CcmS3OHMv2ydEY2JHmx1vU8eOrv3/RbFv1+C9d0vrzsWDWjuv9O2rfMz25MHknMVe78UnEwf5G8ScrMwFJRByIiIMbrGP2mW8PN9t2+/hb6MA8U+mbiKcqx38pyvHnO3t1FjRpPT85dk8UZ46N5WfFWr/+dvWtZvXfUfwdkB7/XQ3P/5X4h5Pq+dr5dn77V0+nr1f//LzpNc1Gz//B5J2adR9NLixcHI8YTN6oNLp6/URduYnV8mn8R4807v/7YnVPHIqI9CR+OCIeiYhHs7Y/FhGPR8SRFnvh51eeeH/j8W+uNP7pto7/amIw6tc0TvSd++n7mkqH24k/Pf4nyqmj2Zr1fP6tp13tns0AAADwf1WIiD2RFEZX0oXC6Gjlb/j3x65CcW5+4dkzcx9emK48IzAcA4X8TtdQ1f3Q8eyyPs9P1OWPZ/eNv7yys5wfnZorTnc7eOhxu5v0/9Rffd1uHbDpPK8FvUv/h96l/0Pv0v+hdzXo/zu70Q5g6zX6/r/ShXYAW6+u/69j2m+b/fc66GGu/6F3baT/+8yA7aFlXx7cunYAW2p+Z9z+IXkJiTWJKNwVzZDYpES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6478AAAD//7Gi6UQ=")

1.184070021s ago: executing program 5 (id=375):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
listen(r3, 0x0)

1.183679055s ago: executing program 0 (id=376):
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10002, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='netfs_sreq\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
write$tun(r4, &(0x7f0000000380)=ANY=[], 0x36)

1.024517454s ago: executing program 2 (id=377):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x1, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x40049366, 0x1000000000000)

105.161043ms ago: executing program 3 (id=378):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="010000000000000000000c000000480005800800010065756800070002"], 0x5c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f00000000c0)='./file0\x00', 0x900)
read(r2, 0x0, 0x0)
close(r2)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x1000087}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x28, 0x5, 0x0)
r4 = socket$inet(0x2b, 0x801, 0x0)
setsockopt(r4, 0x0, 0x82, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x803, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
r6 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="000000001000000008"])
ioctl$SCSI_IOCTL_START_UNIT(r6, 0x5)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x196)
close_range(r3, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=379):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
syz_open_dev$usbfs(0x0, 0x9, 0x600)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xab, &(0x7f0000000680)=""/171, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x7, 0x0, 0x0, 0x7fdfffff}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INFO(r5, 0x0, 0x80, 0x0, &(0x7f0000000280))
shutdown(r5, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func={0x1, 0x0, 0x0, 0x12}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}, {0x0, [0x2e, 0x0, 0x0, 0x61]}}, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
sched_getattr(r1, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.88' (ED25519) to the list of known hosts.
[  101.480901][  T969] cfg80211: failed to load regulatory.db
[  102.867268][ T5811] cgroup: Unknown subsys name 'net'
[  102.986244][ T5811] cgroup: Unknown subsys name 'cpuset'
[  102.996127][ T5811] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  104.716208][ T5811] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  107.737182][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.744895][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  107.752800][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  107.761359][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.768877][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  107.776154][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  107.784052][ T5845] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  107.790991][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  107.791795][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.798975][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  107.806106][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  107.819241][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  107.820905][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  107.827913][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.834279][ T5846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  107.848664][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.850539][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  107.858202][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  107.862758][ T5850] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  107.865090][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  107.872434][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  107.878840][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  107.884748][ T5845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  107.891780][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  107.914384][ T5846] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  107.916694][ T5845] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  107.923614][   T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  107.929306][ T5845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  107.937211][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  107.971406][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  108.782691][ T5832] chnl_net:caif_netlink_parms(): no params data found
[  108.908852][ T5831] chnl_net:caif_netlink_parms(): no params data found
[  109.085913][ T5828] chnl_net:caif_netlink_parms(): no params data found
[  109.291168][ T5830] chnl_net:caif_netlink_parms(): no params data found
[  109.305221][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.312936][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.320992][ T5831] bridge_slave_0: entered allmulticast mode
[  109.328736][ T5831] bridge_slave_0: entered promiscuous mode
[  109.352267][ T5829] chnl_net:caif_netlink_parms(): no params data found
[  109.386438][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.394509][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.401810][ T5831] bridge_slave_1: entered allmulticast mode
[  109.409403][ T5831] bridge_slave_1: entered promiscuous mode
[  109.416894][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.424195][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.431426][ T5832] bridge_slave_0: entered allmulticast mode
[  109.439048][ T5832] bridge_slave_0: entered promiscuous mode
[  109.548474][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.555904][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.563205][ T5832] bridge_slave_1: entered allmulticast mode
[  109.571595][ T5832] bridge_slave_1: entered promiscuous mode
[  109.594761][ T5833] chnl_net:caif_netlink_parms(): no params data found
[  109.607275][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.614654][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.622086][ T5828] bridge_slave_0: entered allmulticast mode
[  109.629677][ T5828] bridge_slave_0: entered promiscuous mode
[  109.658419][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.672062][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.713764][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.721312][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.728472][ T5828] bridge_slave_1: entered allmulticast mode
[  109.737163][ T5828] bridge_slave_1: entered promiscuous mode
[  109.846297][ T5831] team0: Port device team_slave_0 added
[  109.857300][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.922875][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.951028][ T5835] Bluetooth: hci4: command tx timeout
[  109.965347][ T5831] team0: Port device team_slave_1 added
[  109.991583][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.030392][   T55] Bluetooth: hci2: command tx timeout
[  110.036858][   T55] Bluetooth: hci0: command tx timeout
[  110.038115][ T5843] Bluetooth: hci3: command tx timeout
[  110.042582][   T55] Bluetooth: hci5: command tx timeout
[  110.053596][ T5835] Bluetooth: hci1: command tx timeout
[  110.081450][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.161043][ T5832] team0: Port device team_slave_0 added
[  110.233176][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.240679][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.247838][ T5830] bridge_slave_0: entered allmulticast mode
[  110.255758][ T5830] bridge_slave_0: entered promiscuous mode
[  110.264873][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.272319][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.279507][ T5830] bridge_slave_1: entered allmulticast mode
[  110.287926][ T5830] bridge_slave_1: entered promiscuous mode
[  110.296633][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.303903][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.329902][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.343637][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.350677][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.376847][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.392291][ T5832] team0: Port device team_slave_1 added
[  110.398401][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.405719][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.413112][ T5829] bridge_slave_0: entered allmulticast mode
[  110.420961][ T5829] bridge_slave_0: entered promiscuous mode
[  110.447512][ T5828] team0: Port device team_slave_0 added
[  110.457438][ T5828] team0: Port device team_slave_1 added
[  110.506332][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.513859][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.521279][ T5829] bridge_slave_1: entered allmulticast mode
[  110.528875][ T5829] bridge_slave_1: entered promiscuous mode
[  110.551809][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.558973][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.566562][ T5833] bridge_slave_0: entered allmulticast mode
[  110.574152][ T5833] bridge_slave_0: entered promiscuous mode
[  110.648045][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.655382][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.662812][ T5833] bridge_slave_1: entered allmulticast mode
[  110.670756][ T5833] bridge_slave_1: entered promiscuous mode
[  110.696168][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.740772][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.747720][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.774338][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.788671][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.801952][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.827335][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.834517][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.861023][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.876367][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.908192][ T5831] hsr_slave_0: entered promiscuous mode
[  110.914837][ T5831] hsr_slave_1: entered promiscuous mode
[  110.923096][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.930720][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.956906][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.008089][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.015142][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.041392][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.072986][ T5830] team0: Port device team_slave_0 added
[  111.126779][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.140127][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  111.238655][ T5830] team0: Port device team_slave_1 added
[  111.278035][ T5829] team0: Port device team_slave_0 added
[  111.287572][ T5829] team0: Port device team_slave_1 added
[  111.315134][ T5833] team0: Port device team_slave_0 added
[  111.364582][ T5832] hsr_slave_0: entered promiscuous mode
[  111.371681][ T5832] hsr_slave_1: entered promiscuous mode
[  111.377912][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.386221][ T5832] Cannot create hsr debugfs directory
[  111.451716][ T5833] team0: Port device team_slave_1 added
[  111.524310][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.531422][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.557835][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.594275][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.601365][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.628239][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.665237][ T5828] hsr_slave_0: entered promiscuous mode
[  111.672424][ T5828] hsr_slave_1: entered promiscuous mode
[  111.678702][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.686480][ T5828] Cannot create hsr debugfs directory
[  111.712170][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.719135][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.745577][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.781305][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.788272][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.814803][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.875616][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.882692][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.908899][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.924605][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.931619][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.958919][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.030638][   T55] Bluetooth: hci4: command tx timeout
[  112.116613][   T55] Bluetooth: hci5: command tx timeout
[  112.122193][ T5835] Bluetooth: hci3: command tx timeout
[  112.122270][ T5844] Bluetooth: hci0: command tx timeout
[  112.127594][ T5835] Bluetooth: hci2: command tx timeout
[  112.138821][ T5843] Bluetooth: hci1: command tx timeout
[  112.261780][ T5829] hsr_slave_0: entered promiscuous mode
[  112.271047][ T5829] hsr_slave_1: entered promiscuous mode
[  112.277348][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  112.285347][ T5829] Cannot create hsr debugfs directory
[  112.327802][ T5833] hsr_slave_0: entered promiscuous mode
[  112.334857][ T5833] hsr_slave_1: entered promiscuous mode
[  112.342375][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  112.349943][ T5833] Cannot create hsr debugfs directory
[  112.363976][ T5830] hsr_slave_0: entered promiscuous mode
[  112.371296][ T5830] hsr_slave_1: entered promiscuous mode
[  112.377506][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  112.385123][ T5830] Cannot create hsr debugfs directory
[  112.788662][ T5831] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  112.832413][ T5831] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  112.877473][ T5831] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  112.917774][ T5831] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  113.044632][ T5832] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  113.064649][ T5832] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  113.082236][ T5832] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  113.107244][ T5832] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  113.215239][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  113.229973][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  113.263823][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  113.277492][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  113.398751][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  113.433320][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  113.472346][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  113.488692][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  113.553763][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.593750][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  113.624524][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  113.638966][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  113.678670][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  113.706862][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[  113.795981][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.810741][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.818094][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.834551][ T5829] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  113.874396][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.881640][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.894218][ T5829] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  113.930950][ T5829] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  113.943439][ T5829] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  113.974902][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.043340][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[  114.083701][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.090851][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.111837][ T5843] Bluetooth: hci4: command tx timeout
[  114.146869][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[  114.165908][ T1077] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.173078][ T1077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.191794][ T5843] Bluetooth: hci1: command tx timeout
[  114.197218][ T5843] Bluetooth: hci0: command tx timeout
[  114.202866][ T5835] Bluetooth: hci3: command tx timeout
[  114.208285][ T5835] Bluetooth: hci2: command tx timeout
[  114.213813][   T55] Bluetooth: hci5: command tx timeout
[  114.224372][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.231560][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.243123][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.250369][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.320368][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.433109][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[  114.457496][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.523759][   T81] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.530989][   T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.580347][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.688940][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.723202][ T1077] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.730435][ T1077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.863288][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[  114.978713][ T4552] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.985971][ T4552] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.034172][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.041387][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.074077][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[  115.128535][ T4552] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.135767][ T4552] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.202449][ T4552] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.209644][ T4552] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.254801][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.357891][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.414283][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.599672][ T5830] veth0_vlan: entered promiscuous mode
[  115.695308][ T5830] veth1_vlan: entered promiscuous mode
[  115.837663][ T5832] veth0_vlan: entered promiscuous mode
[  115.890031][ T5832] veth1_vlan: entered promiscuous mode
[  115.925303][ T5830] veth0_macvtap: entered promiscuous mode
[  115.986751][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.071460][ T5830] veth1_macvtap: entered promiscuous mode
[  116.139717][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.200144][ T5843] Bluetooth: hci4: command tx timeout
[  116.243690][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.255545][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.280571][ T5843] Bluetooth: hci1: command tx timeout
[  116.286014][ T5843] Bluetooth: hci3: command tx timeout
[  116.290221][ T5835] Bluetooth: hci0: command tx timeout
[  116.292255][   T55] Bluetooth: hci2: command tx timeout
[  116.297223][ T5835] Bluetooth: hci5: command tx timeout
[  116.311354][ T5832] veth0_macvtap: entered promiscuous mode
[  116.332107][ T5832] veth1_macvtap: entered promiscuous mode
[  116.363048][ T5830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.372707][ T5830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.382074][ T5830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.392942][ T5830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.411963][ T5833] veth0_vlan: entered promiscuous mode
[  116.477626][ T5833] veth1_vlan: entered promiscuous mode
[  116.507697][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.535945][ T5831] veth0_vlan: entered promiscuous mode
[  116.554840][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.567466][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.580742][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.619596][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.640461][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.653506][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.725274][ T5832] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.742167][ T5832] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.758609][ T5832] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.776241][ T5832] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.802819][ T5831] veth1_vlan: entered promiscuous mode
[  116.882585][ T1077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.898273][ T1077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.924818][ T5833] veth0_macvtap: entered promiscuous mode
[  116.961211][ T5828] veth0_vlan: entered promiscuous mode
[  116.976160][ T4552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.004517][ T5833] veth1_macvtap: entered promiscuous mode
[  117.016646][ T4552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.048201][ T5828] veth1_vlan: entered promiscuous mode
[  117.084815][ T5831] veth0_macvtap: entered promiscuous mode
[  117.158438][ T5831] veth1_macvtap: entered promiscuous mode
[  117.190758][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  117.241949][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.253820][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.263955][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.276056][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.288132][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.334483][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.350098][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.359929][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.387549][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.402163][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.433821][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.462437][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.488627][ T5828] veth0_macvtap: entered promiscuous mode
[  117.509575][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.528040][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.546069][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.558638][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.571738][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.582376][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.594316][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.602774][ T5833] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.614398][ T5833] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.623419][ T5833] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.634038][ T5833] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.715579][ T5828] veth1_macvtap: entered promiscuous mode
[  117.749261][ T1159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.762368][ T1159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.775756][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.787505][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.801835][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.812701][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.822926][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.836921][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.852585][ T5935] loop2: detected capacity change from 0 to 32768
[  117.867295][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.876992][ T5935] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3 (5935)
[  117.885688][ T5831] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.900481][ T5831] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.909216][ T5831] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.919271][ T5831] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.975198][ T5935] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  117.989029][ T5935] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  118.044262][ T5935] BTRFS info (device loop2): using free-space-tree
[  118.105449][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.147174][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.186090][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.227065][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.257686][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.277929][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.288815][ T5953] loop1: detected capacity change from 0 to 64
[  118.289768][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.313924][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.328358][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.355145][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.367215][ T5953] =======================================================
[  118.367215][ T5953] WARNING: The mand mount option has been deprecated and
[  118.367215][ T5953]          and is ignored by this kernel. Remove the mand
[  118.367215][ T5953]          option from the mount to silence this warning.
[  118.367215][ T5953] =======================================================
[  118.374482][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.420757][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.469447][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.526560][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.543924][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.555769][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.566609][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.578640][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.579534][ T5830] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  118.644876][ T5953] loop1: detected capacity change from 0 to 512
[  118.688668][ T5829] veth0_vlan: entered promiscuous mode
[  118.703423][ T5953] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  118.714284][ T5828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.727096][ T5828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.739126][ T5828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.760092][ T5828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.956501][ T5829] veth1_vlan: entered promiscuous mode
[  119.001802][ T5953] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  119.046212][ T5953] loop1: detected capacity change from 0 to 1024
[  119.064862][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.090537][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.268237][ T4552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.299890][ T4552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.367707][ T1077] hfsplus: b-tree write err: -5, ino 4
[  119.454057][ T5829] veth0_macvtap: entered promiscuous mode
[  119.490748][ T1077] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.498605][ T1077] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.527295][ T5957] loop2: detected capacity change from 0 to 64
[  119.595294][ T1077] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.605268][ T1077] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.639106][ T5957] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  119.673544][ T5829] veth1_macvtap: entered promiscuous mode
[  119.848823][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.859820][ T1077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.888335][ T1077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.925619][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.960522][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.991355][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.017055][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.060227][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.088814][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.112461][ T5967] netlink: 'syz.3.4': attribute type 1 has an invalid length.
[  120.121838][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.132497][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.137739][ T5966] loop2: detected capacity change from 0 to 1024
[  120.143521][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.169311][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.381384][ T1077] hfsplus: b-tree write err: -5, ino 4
[  120.441546][ T5967] veth3: entered promiscuous mode
[  120.538120][ T5971] loop2: detected capacity change from 0 to 1024
[  120.599615][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.637120][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.675414][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.761746][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.815752][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.826460][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.838009][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.848896][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.858763][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.869255][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.979402][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.269175][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.498492][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.559455][ T5976] tipc: Started in network mode
[  121.564519][ T5976] tipc: Node identity ac14140f, cluster identity 4711
[  121.571792][ T5976] tipc: New replicast peer: 255.255.255.255
[  121.578428][ T5976] tipc: Enabled bearer <udp:syz2>, priority 10
[  121.598973][ T5977] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10'.
[  121.687110][ T5959] loop1: detected capacity change from 0 to 32768
[  121.753912][ T5829] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.774368][ T5829] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.786347][ T5829] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.795597][ T5829] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.126659][ T5986] loop2: detected capacity change from 0 to 512
[  122.203939][ T5986] EXT4-fs (loop2): blocks per group (35) and clusters per group (32768) inconsistent
[  123.084919][ T5918] tipc: Node number set to 2886997007
[  123.122452][ T5992] loop3: detected capacity change from 0 to 16
[  123.149038][   T24] IPVS: starting estimator thread 0...
[  123.216395][ T5992] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  123.440285][ T5994] IPVS: using max 20 ests per chain, 48000 per kthread
[  123.458030][ T5988] loop0: detected capacity change from 0 to 4096
[  123.737036][ T6002] loop5: detected capacity change from 0 to 256
[  123.849778][ T1159] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.919616][ T1159] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.448345][ T5916] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.240411][ T5916] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.416398][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  126.434308][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  127.546527][ T6037] loop0: detected capacity change from 0 to 512
[  127.631558][ T6037] EXT4-fs: Ignoring removed nomblk_io_submit option
[  127.749676][ T6037] EXT4-fs warning (device loop0): dx_probe:845: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  127.780176][ T6037] EXT4-fs warning (device loop0): dx_probe:850: Enable large directory feature to access it
[  127.843758][ T6037] EXT4-fs warning (device loop0): dx_probe:935: inode #2: comm syz.0.28: Corrupt directory, running e2fsck is recommended
[  127.917207][ T6037] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  127.966250][ T6037] EXT4-fs error (device loop0): ext4_iget_extra_inode:4692: inode #15: comm syz.0.28: corrupted in-inode xattr: invalid ea_ino
[  128.068859][ T6037] EXT4-fs (loop0): Remounting filesystem read-only
[  128.112642][ T6037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.271713][ T6037] EXT4-fs warning (device loop0): dx_probe:845: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  128.337835][ T6037] EXT4-fs warning (device loop0): dx_probe:850: Enable large directory feature to access it
[  128.400124][ T6037] EXT4-fs warning (device loop0): dx_probe:935: inode #2: comm syz.0.28: Corrupt directory, running e2fsck is recommended
[  128.453581][ T6049] EXT4-fs warning (device loop0): ext4_empty_dir:3088: inode #2: comm syz.0.28: directory missing '.'
[  128.704964][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.177674][ T6042] loop2: detected capacity change from 0 to 32768
[  129.268038][ T6043] loop4: detected capacity change from 0 to 32768
[  129.351039][ T6043] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[  129.421780][ T6042] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  129.486196][ T6045] loop1: detected capacity change from 0 to 32768
[  129.499075][ T6043] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  129.558617][ T6045] XFS: noikeep mount option is deprecated.
[  129.765755][ T6045] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  129.866452][ T5830] ocfs2: Unmounting device (7,2) on (node local)
[  130.012926][ T5829] ocfs2: Unmounting device (7,4) on (node local)
[  130.087463][ T6045] XFS (loop1): Ending clean mount
[  130.167031][ T6045] XFS (loop1): Quotacheck needed: Please wait.
[  130.318058][ T6045] XFS (loop1): Quotacheck: Done.
[  130.594235][ T5832] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  131.074110][ T6076] loop2: detected capacity change from 0 to 256
[  131.144083][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  131.440381][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  131.758663][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  132.216214][ T6082] loop3: detected capacity change from 0 to 4096
[  132.261148][ T6082] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  132.459080][ T6082] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  132.635267][ T6096] loop0: detected capacity change from 0 to 512
[  132.691523][ T6096] EXT4-fs (loop0): blocks per group (35) and clusters per group (32768) inconsistent
[  132.722771][ T6069] loop4: detected capacity change from 0 to 32768
[  132.804547][ T6069] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  133.111275][ T6110] capability: warning: `syz.3.49' uses deprecated v2 capabilities in a way that may be insecure
[  133.120949][ T6069] XFS (loop4): Ending clean mount
[  133.185229][ T6110] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  133.329456][ T6069] XFS (loop4): Metadata CRC error detected at xfs_rmapbt_read_verify+0x26/0xe0, xfs_rmapbt block 0x14 
[  133.370110][ T6069] XFS (loop4): Unmount and run xfs_repair
[  133.418835][ T6069] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  133.451858][ T6069] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  133.550246][ T6069] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  133.626993][ T6069] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  133.663861][ T6069] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  133.909067][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  134.011457][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  134.062768][ T6069] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  134.205116][ T6069] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  134.216337][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  134.305130][ T6069] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  134.356795][ T6069] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  134.510374][ T6069] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x14 len 4 error 74
[  134.547490][ T6130] loop2: detected capacity change from 0 to 256
[  134.574579][ T6069] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x400/0x970 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  134.633496][ T6126] loop5: detected capacity change from 0 to 4096
[  134.649523][ T6069] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  134.868761][ T5829] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  137.078801][ T6132] loop0: detected capacity change from 0 to 32768
[  137.295127][ T6167] loop4: detected capacity change from 0 to 128
[  137.398769][ T6167] loop4: detected capacity change from 0 to 512
[  137.967462][ T6160] loop3: detected capacity change from 0 to 4096
[  137.972986][ T6132] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  137.999801][ T6167] EXT4-fs: Invalid want_extra_isize 220
[  138.015828][ T6132] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop0": -EINTR
[  138.016727][ T6132] XFS (loop0): log mount failed
[  139.743917][ T6180] input: syz0 as /devices/virtual/input/input7
[  139.815357][ T6182] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  139.858492][ T6182] [U] 
[  139.861367][ T6182] [U] 
[  139.864105][ T6182] [U] 
[  139.866843][ T6182] [U] 
[  139.873187][ T6182] [U] 
[  139.876327][ T6182] [U] 
[  139.880078][ T6182] [U] 
[  139.882890][ T6182] [U] 
[  139.885865][ T6182] [U] 
[  139.888610][ T6182] [U] 
[  139.891348][ T6182] [U] 
[  140.129393][ T6173] [U] 
[  140.604599][ T6185] loop0: detected capacity change from 0 to 256
[  141.901939][ T6196] loop1: detected capacity change from 0 to 4096
[  142.450854][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  142.457426][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  143.350989][ T6204] ALSA: mixer_oss: invalid OSS volume ''
[  143.454610][ T6210] netlink: 48 bytes leftover after parsing attributes in process `syz.3.82'.
[  144.780157][ T6238] [U] 
[  144.782939][ T6238] [U] 
[  144.785678][ T6238] [U] 
[  144.788413][ T6238] [U] 
[  144.823233][ T6238] [U] 
[  144.825992][ T6238] [U] 
[  144.828732][ T6238] [U] 
[  144.831472][ T6238] [U] 
[  144.836260][ T6238] [U] 
[  144.839006][ T6238] [U] 
[  144.841748][ T6238] [U] 
[  144.879465][ T6237] [U] 
[  145.984367][ T6244] loop4: detected capacity change from 0 to 256
[  146.169158][ T6249] netlink: 'syz.5.94': attribute type 4 has an invalid length.
[  146.397032][ T6217] loop2: detected capacity change from 0 to 40427
[  146.698205][ T6217] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  146.740445][ T6217] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  147.353711][ T6217] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-4)
[  147.959217][ T6262] loop2: detected capacity change from 0 to 256
[  148.279189][ T6266] netlink: 48 bytes leftover after parsing attributes in process `syz.0.99'.
[  150.229059][ T6284] [U] 
[  150.231811][ T6284] [U] 
[  150.234623][ T6284] [U] 
[  150.237345][ T6284] [U] 
[  150.251562][ T6284] [U] 
[  150.254364][ T6284] [U] 
[  150.257106][ T6284] [U] 
[  150.259844][ T6284] [U] 
[  150.268887][ T6284] [U] 
[  150.271666][ T6284] [U] 
[  150.274413][ T6284] [U] 
[  150.287578][ T6283] [U] 
[  150.702699][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  150.805100][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  152.420609][ T6295] loop1: detected capacity change from 0 to 256
[  154.250226][ T6314] netlink: 48 bytes leftover after parsing attributes in process `syz.0.115'.
[  154.638217][ T6320] [U] 
[  154.641004][ T6320] [U] 
[  154.643752][ T6320] [U] 
[  154.646498][ T6320] [U] 
[  154.715366][ T6320] [U] 
[  154.718151][ T6320] [U] 
[  154.720915][ T6320] [U] 
[  154.723692][ T6320] [U] 
[  154.770947][ T6320] [U] 
[  154.773720][ T6320] [U] 
[  154.776517][ T6320] [U] 
[  154.780761][ T6318] [U] 
[  155.994336][ T6334] loop2: detected capacity change from 0 to 256
[  156.142427][ T6330] loop5: detected capacity change from 0 to 4096
[  156.171417][ T6330] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  156.289745][ T6338] loop0: detected capacity change from 0 to 512
[  156.425369][ T6338] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  156.485585][ T6338] EXT4-fs (loop0): invalid journal inode
[  156.491851][ T6338] EXT4-fs (loop0): can't get journal size
[  157.127356][ T6338] EXT4-fs (loop0): 1 truncate cleaned up
[  157.326930][ T6330] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  157.337552][ T6338] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.232511][ T6352] Zero length message leads to an empty skb
[  159.485404][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.677367][ T6355] netlink: 60 bytes leftover after parsing attributes in process `syz.2.131'.
[  159.787582][ T6359] loop0: detected capacity change from 0 to 256
[  161.608872][ T6357] loop5: detected capacity change from 0 to 32768
[  161.739556][ T6357] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  161.837162][ T6384] input: syz0 as /devices/virtual/input/input8
[  162.629594][ T6357] XFS (loop5): Ending clean mount
[  162.825970][ T6392] use of bytesused == 0 is deprecated and will be removed in the future,
[  162.834639][ T6392] use the actual size instead.
[  162.858196][ T5831] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  163.382960][ T6401] loop0: detected capacity change from 0 to 512
[  163.419652][ T6401] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  163.429590][ T6400] netlink: 12 bytes leftover after parsing attributes in process `syz.1.143'.
[  163.441503][ T6401] EXT4-fs (loop0): invalid journal inode
[  163.464917][ T6401] EXT4-fs (loop0): can't get journal size
[  163.511663][ T6401] EXT4-fs (loop0): 1 truncate cleaned up
[  163.541658][ T6401] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.794310][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.044565][ T6411] tipc: Started in network mode
[  164.101959][ T6411] tipc: Node identity ac14140f, cluster identity 4711
[  164.109115][ T6411] tipc: New replicast peer: 255.255.255.255
[  164.159772][ T6411] tipc: Enabled bearer <udp:syz2>, priority 10
[  164.340248][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.2.145'.
[  165.162476][ T5893] tipc: Node number set to 2886997007
[  166.943710][ T6415] loop1: detected capacity change from 0 to 262144
[  167.030196][ T6415] F2FS-fs (loop1): invalid crc value
[  167.143628][ T6415] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4)
[  167.581739][ T6435] input: syz0 as /devices/virtual/input/input9
[  168.820985][ T6442] netlink: 60 bytes leftover after parsing attributes in process `syz.3.158'.
[  169.007739][ T6451] loop2: detected capacity change from 0 to 512
[  169.091517][ T6451] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  169.160535][ T6451] EXT4-fs (loop2): invalid journal inode
[  169.166281][ T6451] EXT4-fs (loop2): can't get journal size
[  169.215045][ T6452] loop0: detected capacity change from 0 to 4096
[  169.252000][ T6451] EXT4-fs (loop2): 1 truncate cleaned up
[  169.298089][ T6451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.787344][ T6460] loop5: detected capacity change from 0 to 512
[  170.626476][ T6460] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  170.639622][ T6460] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  170.675379][ T6460] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  170.683489][ T6460] System zones: 1-12
[  170.688998][ T6460] EXT4-fs (loop5): 1 truncate cleaned up
[  170.696847][ T6460] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.819819][ T6452] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  171.075443][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.125011][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.639331][ T5828] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  172.918300][ T6488] loop0: detected capacity change from 0 to 256
[  173.849534][ T6493] input: syz0 as /devices/virtual/input/input10
[  174.191551][ T6496] netlink: 60 bytes leftover after parsing attributes in process `syz.4.174'.
[  174.394203][ T6502] loop2: detected capacity change from 0 to 512
[  174.439720][ T6504] loop3: detected capacity change from 0 to 64
[  174.470087][ T6502] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  174.485768][   T30] audit: type=1326 audit(1747089276.523:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.5.175" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa42db8e969 code=0x0
[  174.542194][ T6502] EXT4-fs (loop2): invalid journal inode
[  174.547921][ T6502] EXT4-fs (loop2): can't get journal size
[  174.700375][ T6502] EXT4-fs (loop2): 1 truncate cleaned up
[  174.836161][ T6502] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.582448][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.679910][ T6501] loop0: detected capacity change from 0 to 32768
[  175.683837][ T6483] loop1: detected capacity change from 0 to 32768
[  175.709581][ T6501] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.176 (6501)
[  175.773804][ T6483] read_mapping_page failed!
[  176.009268][ T6483] jfs_mount: Failed to read AGGREGATE_I
[  176.877923][ T6483] Mount JFS Failure: -5
[  176.940256][ T6483] jfs_mount failed w/return code = -5
[  176.950152][ T6501] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.057393][ T6501] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  177.296135][ T6501] BTRFS info (device loop0): using free-space-tree
[  177.373741][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  177.380830][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  177.460598][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  177.540295][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  178.040522][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  178.073294][ T6536] random: crng reseeded on system resumption
[  178.330368][ T6532] program syz.4.185 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  178.340274][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  178.340674][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  178.400565][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  178.468270][ T6536] program syz.4.185 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  178.498003][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  178.498456][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  178.509284][ T6536] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  178.617801][ T6501] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  178.650593][ T6548] loop2: detected capacity change from 0 to 256
[  178.693403][ T6501] BTRFS error (device loop0): open_ctree failed: -12
[  178.741756][ T6549] loop3: detected capacity change from 0 to 256
[  180.490791][ T6562] input: syz0 as /devices/virtual/input/input11
[  181.929638][ T6566] loop3: detected capacity change from 0 to 256
[  183.815765][ T6582] loop1: detected capacity change from 0 to 256
[  186.757027][ T6607] loop0: detected capacity change from 0 to 256
[  186.808417][ T6608] loop3: detected capacity change from 0 to 16
[  187.656607][ T6608] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  188.998174][ T6618] input: syz0 as /devices/virtual/input/input12
[  190.596022][ T6623] overlayfs: invalid origin (0000)
[  190.742275][ T6628] loop5: detected capacity change from 0 to 512
[  190.754329][ T6628] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  190.787831][ T6628] EXT4-fs (loop5): invalid journal inode
[  190.810446][ T6628] EXT4-fs (loop5): can't get journal size
[  190.908328][ T6635] loop4: detected capacity change from 0 to 256
[  190.920290][ T6628] EXT4-fs (loop5): 1 truncate cleaned up
[  190.928038][ T6628] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.884516][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.586201][ T6652] loop2: detected capacity change from 0 to 256
[  193.749754][ T6653] loop5: detected capacity change from 0 to 2048
[  194.445348][ T6663] loop4: detected capacity change from 0 to 16
[  194.503247][ T6664] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  194.519691][ T6663] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  195.413243][ T6653] overlayfs: upper fs does not support tmpfile.
[  195.612166][ T6653] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  195.813886][ T6653] overlayfs: failed to set xattr on upper
[  195.958251][ T6653] overlayfs: ...falling back to redirect_dir=nofollow.
[  196.169694][ T6653] overlayfs: ...falling back to index=off.
[  196.344903][ T6653] overlayfs: ...falling back to uuid=null.
[  197.000623][ T5835] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  197.144614][ T6672] netlink: 40 bytes leftover after parsing attributes in process `syz.1.225'.
[  198.689559][ T6682] input: syz0 as /devices/virtual/input/input13
[  200.421598][ T6664] NILFS (loop5): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3)
[  200.483476][ T5892] IPVS: starting estimator thread 0...
[  200.528878][ T6664] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=2)
[  200.640142][ T6687] IPVS: using max 21 ests per chain, 50400 per kthread
[  200.765820][ T6664] Remounting filesystem read-only
[  200.825569][ T6695] loop3: detected capacity change from 0 to 256
[  202.368381][ T5831] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=18)
[  202.477585][ T5831] NILFS error (device loop5): nilfs_readdir: bad page in #18
[  203.173110][ T5831] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer
[  203.671468][ T6716] trusted_key: encrypted_key: insufficient parameters specified
[  203.891391][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  203.898073][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  204.642319][ T6727] loop1: detected capacity change from 0 to 16
[  204.649621][ T6727] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  205.923802][ T6739] tipc: Started in network mode
[  206.171860][ T6739] tipc: Node identity fa6ae4f641cc, cluster identity 4711
[  207.069610][ T6739] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  207.218123][ T6750] syzkaller0: entered promiscuous mode
[  207.483995][ T6750] syzkaller0: entered allmulticast mode
[  207.851475][ T6736] tipc: Resetting bearer <eth:syzkaller0>
[  208.144617][ T6736] tipc: Disabling bearer <eth:syzkaller0>
[  208.180302][ T5918] tipc: Node number set to 3148276982
[  209.050509][ T5844] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  210.167260][ T6766] loop5: detected capacity change from 0 to 2048
[  210.186303][ T6763] loop4: detected capacity change from 0 to 4096
[  210.251935][ T6766] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  210.264097][ T6763] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  210.387374][ T6763] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[  210.434037][ T6777] loop3: detected capacity change from 0 to 16
[  210.440512][ T6779] loop2: detected capacity change from 0 to 256
[  210.487846][ T6777] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  211.720621][ T6788] loop4: detected capacity change from 0 to 512
[  211.728073][ T6788] ext4: Bad value for 'dax'
[  213.448022][ T6783] loop5: detected capacity change from 0 to 32768
[  213.529227][ T6783] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  213.539571][ T6806] tipc: Started in network mode
[  213.544596][ T6806] tipc: Node identity 9ea9cf69b0c1, cluster identity 4711
[  213.610613][ T6783] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  213.652649][ T6806] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  213.774946][ T4552] Bluetooth: hci6: Frame reassembly failed (-84)
[  213.893749][ T6814] syzkaller0: entered promiscuous mode
[  214.061030][ T6814] syzkaller0: entered allmulticast mode
[  214.644683][ T6805] tipc: Resetting bearer <eth:syzkaller0>
[  214.912408][ T5908] tipc: Node number set to 778620777
[  215.790117][ T5835] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  217.346236][ T5831] ocfs2: Unmounting device (7,5) on (node local)
[  217.361752][ T6805] tipc: Disabling bearer <eth:syzkaller0>
[  217.445124][ T6824] trusted_key: encrypted_key: insufficient parameters specified
[  218.452029][ T6829] loop3: detected capacity change from 0 to 16
[  218.471197][ T6829] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  218.821657][ T6833] input: syz0 as /devices/virtual/input/input14
[  220.420586][ T6849] loop4: detected capacity change from 0 to 512
[  220.428099][ T6849] ext4: Bad value for 'dax'
[  222.050566][ T6865] loop4: detected capacity change from 0 to 64
[  222.066936][ T6864] loop5: detected capacity change from 0 to 512
[  222.109926][ T6864] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  222.190369][ T6864] EXT4-fs (loop5): invalid journal inode
[  222.236659][ T6864] EXT4-fs (loop5): can't get journal size
[  222.315233][ T6864] EXT4-fs (loop5): 1 truncate cleaned up
[  222.342337][ T6864] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.428726][ T6874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.273'.
[  222.518825][ T6875] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  222.534638][ T6875] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.543373][ T6875] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.637848][ T6010] Bluetooth: hci6: Frame reassembly failed (-84)
[  224.003156][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.390214][ T6883] tipc: Started in network mode
[  224.402006][ T6883] tipc: Node identity 2aed36269602, cluster identity 4711
[  224.455501][ T6883] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  224.489663][ T6884] syzkaller0: entered promiscuous mode
[  224.518993][ T6884] syzkaller0: entered allmulticast mode
[  224.546634][ T6887] syz.5.287 uses obsolete (PF_INET,SOCK_PACKET)
[  224.577173][ T6882] tipc: Resetting bearer <eth:syzkaller0>
[  224.626765][ T6882] tipc: Disabling bearer <eth:syzkaller0>
[  224.673278][ T5835] Bluetooth: hci6: command 0x1003 tx timeout
[  224.673811][ T5844] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  225.501694][ T6894] loop1: detected capacity change from 0 to 256
[  226.872508][ T6900] loop5: detected capacity change from 0 to 512
[  226.888376][ T6900] ext4: Bad value for 'dax'
[  228.262575][ T6910] loop2: detected capacity change from 0 to 512
[  228.287795][ T6910] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  228.326862][ T6910] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  228.484460][ T6910] System zones: 1-12
[  228.728533][ T6910] EXT4-fs (loop2): 1 truncate cleaned up
[  228.739529][ T6910] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.909959][ T6914] loop0: detected capacity change from 0 to 512
[  228.919161][ T6914] EXT4-fs: Ignoring removed nobh option
[  229.324032][ T6914] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #11: comm syz.0.294: invalid indirect mapped block 256 (level 2)
[  229.347181][ T6914] EXT4-fs (loop0): 2 truncates cleaned up
[  230.094885][ T6914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.912226][ T6930] loop1: detected capacity change from 0 to 512
[  230.919019][   T30] audit: type=1800 audit(1747089332.943:3): pid=6932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.294" name="file1" dev="loop0" ino=15 res=0 errno=0
[  231.018689][ T6930] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  231.360821][ T6930] EXT4-fs (loop1): invalid journal inode
[  231.379546][ T6930] EXT4-fs (loop1): can't get journal size
[  231.391027][ T6930] EXT4-fs (loop1): 1 truncate cleaned up
[  231.498922][ T6941] input: syz0 as /devices/virtual/input/input15
[  231.976354][ T6930] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.001252][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.120183][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  232.126584][ T5846] Bluetooth: hci5: command 0x0406 tx timeout
[  232.136219][ T5134] Bluetooth: hci0: command 0x0406 tx timeout
[  232.143185][ T5134] Bluetooth: hci2: command 0x0406 tx timeout
[  232.149214][ T5134] Bluetooth: hci3: command 0x0406 tx timeout
[  232.156046][ T5846] Bluetooth: hci1: command 0x0406 tx timeout
[  232.487316][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.311904][ T5850] Bluetooth: hci6: command 0x1003 tx timeout
[  235.340616][   T55] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  237.980175][ T5996] IPVS: starting estimator thread 0...
[  238.195967][ T6970] loop1: detected capacity change from 0 to 256
[  238.270272][ T6969] IPVS: using max 21 ests per chain, 50400 per kthread
[  240.419260][ T6985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.312'.
[  240.734904][ T6986] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  240.748543][ T6986] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.756596][ T6986] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.630648][ T6989] loop4: detected capacity change from 0 to 512
[  241.725463][ T6989] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  241.840074][ T6989] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  241.849264][ T6989] System zones: 1-12
[  241.949353][ T6989] EXT4-fs (loop4): 1 truncate cleaned up
[  241.969338][ T6989] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.394736][ T6999] loop5: detected capacity change from 0 to 512
[  242.898073][ T5996] IPVS: starting estimator thread 0...
[  242.916400][ T6999] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  243.417568][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.450588][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.602940][ T6999] EXT4-fs (loop5): invalid journal inode
[  243.608707][ T6999] EXT4-fs (loop5): can't get journal size
[  243.620238][ T7004] IPVS: using max 22 ests per chain, 52800 per kthread
[  243.750476][ T6999] EXT4-fs (loop5): 1 truncate cleaned up
[  243.845275][ T6999] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.522788][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.258419][ T7037] netlink: 8 bytes leftover after parsing attributes in process `syz.4.329'.
[  248.026959][ T7037] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  248.039901][ T7037] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.047997][ T7037] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.342130][ T7050] loop2: detected capacity change from 0 to 512
[  249.390895][ T7050] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  249.481191][ T7050] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  249.490294][ T7050] System zones: 1-12
[  249.515259][ T7050] EXT4-fs (loop2): 1 truncate cleaned up
[  249.537473][ T7050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.715221][ T7045] loop1: detected capacity change from 0 to 1024
[  249.978365][ T7045] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.054096][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.065021][ T7052] loop0: detected capacity change from 0 to 4096
[  250.075889][ T7052] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  250.118198][ T7045] EXT4-fs error (device loop1): ext4_xattr_block_find:1869: inode #15: comm syz.1.332: corrupted xattr block 113: invalid header
[  250.274580][ T7052] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  250.425819][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.667021][ T7105] netlink: 8 bytes leftover after parsing attributes in process `syz.2.348'.
[  254.865624][ T7106] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  254.879372][ T7106] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.887268][ T7106] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.509441][ T7109] loop4: detected capacity change from 0 to 256
[  255.662948][ T7116] loop1: detected capacity change from 0 to 512
[  256.508715][ T7116] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  256.771715][ T7116] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  256.779857][ T7116] System zones: 1-12
[  256.787535][ T7116] EXT4-fs (loop1): 1 truncate cleaned up
[  256.797918][ T7116] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.894202][ T7124] tipc: New replicast peer: 255.255.255.255
[  256.902188][ T7124] tipc: Enabled bearer <udp:syz2>, priority 10
[  256.917461][ T7124] netlink: 12 bytes leftover after parsing attributes in process `syz.3.353'.
[  257.985750][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.057091][ T7130] No such timeout policy "syz1"
[  260.525483][ T7154] loop0: detected capacity change from 0 to 128
[  262.330862][ T7161] loop5: detected capacity change from 0 to 64
[  265.327267][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  265.333716][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  267.052681][ T7199] loop3: detected capacity change from 0 to 512
[  267.105443][ T7199] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  267.160896][ T7199] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  267.169657][ T7199] System zones: 1-12
[  267.181280][ T7199] EXT4-fs (loop3): 1 truncate cleaned up
[  267.200541][ T7199] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.742268][   T36] ==================================================================
[  267.750409][   T36] BUG: KASAN: slab-out-of-bounds in iov_iter_revert+0x443/0x5a0
[  267.758091][   T36] Read of size 4 at addr ffff88807c9fa8f8 by task kworker/u8:2/36
[  267.765916][   T36] 
[  267.768252][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  267.768296][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.768320][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  267.768359][   T36] Call Trace:
[  267.768371][   T36]  <TASK>
[  267.768385][   T36]  dump_stack_lvl+0x116/0x1f0
[  267.768443][   T36]  print_report+0xc3/0x670
[  267.768500][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.768544][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.768587][   T36]  ? __phys_addr+0xc6/0x150
[  267.768639][   T36]  ? iov_iter_revert+0x443/0x5a0
[  267.768694][   T36]  kasan_report+0xe0/0x110
[  267.768749][   T36]  ? iov_iter_revert+0x443/0x5a0
[  267.768807][   T36]  iov_iter_revert+0x443/0x5a0
[  267.768867][   T36]  netfs_retry_writes+0x166d/0x1a50
[  267.768905][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.768951][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  267.769004][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.769047][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  267.769105][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  267.769146][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.769190][   T36]  ? register_lock_class+0x41/0x4c0
[  267.769245][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.769288][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  267.769325][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.769372][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  267.769430][   T36]  process_one_work+0x9cf/0x1b70
[  267.769474][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  267.769516][   T36]  ? __pfx_process_one_work+0x10/0x10
[  267.769554][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.769602][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.769645][   T36]  ? assign_work+0x1a0/0x250
[  267.769680][   T36]  worker_thread+0x6c8/0xf10
[  267.769727][   T36]  ? __pfx_worker_thread+0x10/0x10
[  267.769765][   T36]  kthread+0x3c5/0x780
[  267.769797][   T36]  ? __pfx_kthread+0x10/0x10
[  267.769835][   T36]  ? __pfx_kthread+0x10/0x10
[  267.769866][   T36]  ? __pfx_kthread+0x10/0x10
[  267.769897][   T36]  ? __pfx_kthread+0x10/0x10
[  267.769928][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  267.769971][   T36]  ? rcu_is_watching+0x12/0xc0
[  267.770014][   T36]  ? __pfx_kthread+0x10/0x10
[  267.770048][   T36]  ret_from_fork+0x48/0x80
[  267.770081][   T36]  ? __pfx_kthread+0x10/0x10
[  267.770114][   T36]  ret_from_fork_asm+0x1a/0x30
[  267.770177][   T36]  </TASK>
[  267.770189][   T36] 
[  268.010281][   T36] Allocated by task 7048:
[  268.014621][   T36]  kasan_save_stack+0x33/0x60
[  268.019336][   T36]  kasan_save_track+0x14/0x30
[  268.024047][   T36]  __kasan_kmalloc+0xaa/0xb0
[  268.028669][   T36]  proc_self_get_link+0x1a9/0x230
[  268.033736][   T36]  step_into+0x19e7/0x2270
[  268.038180][   T36]  walk_component+0xfc/0x5b0
[  268.042799][   T36]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  268.049158][   T36]  path_openat+0x227/0x2d40
[  268.053699][   T36]  do_filp_open+0x20b/0x470
[  268.058241][   T36]  do_sys_openat2+0x11b/0x1d0
[  268.062938][   T36]  __x64_sys_openat+0x174/0x210
[  268.067808][   T36]  do_syscall_64+0xcd/0x260
[  268.072349][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.078263][   T36] 
[  268.080595][   T36] Freed by task 7048:
[  268.084588][   T36]  kasan_save_stack+0x33/0x60
[  268.089302][   T36]  kasan_save_track+0x14/0x30
[  268.094007][   T36]  kasan_save_free_info+0x3b/0x60
[  268.099047][   T36]  __kasan_slab_free+0x51/0x70
[  268.103839][   T36]  kfree+0x2b6/0x4d0
[  268.107750][   T36]  walk_component+0x1a5/0x5b0
[  268.112443][   T36]  link_path_walk.part.0.constprop.0+0x553/0xd60
[  268.118790][   T36]  path_openat+0x227/0x2d40
[  268.123315][   T36]  do_filp_open+0x20b/0x470
[  268.127839][   T36]  do_sys_openat2+0x11b/0x1d0
[  268.132525][   T36]  __x64_sys_openat+0x174/0x210
[  268.137386][   T36]  do_syscall_64+0xcd/0x260
[  268.141917][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.147821][   T36] 
[  268.150143][   T36] The buggy address belongs to the object at ffff88807c9fa8e0
[  268.150143][   T36]  which belongs to the cache kmalloc-16 of size 16
[  268.164034][   T36] The buggy address is located 8 bytes to the right of
[  268.164034][   T36]  allocated 16-byte region [ffff88807c9fa8e0, ffff88807c9fa8f0)
[  268.178449][   T36] 
[  268.180774][   T36] The buggy address belongs to the physical page:
[  268.187179][   T36] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c9fa
[  268.195944][   T36] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  268.203494][   T36] page_type: f5(slab)
[  268.207486][   T36] raw: 00fff00000000000 ffff88801b441640 0000000000000000 dead000000000001
[  268.216082][   T36] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[  268.224667][   T36] page dumped because: kasan: bad access detected
[  268.231082][   T36] page_owner tracks the page as allocated
[  268.236792][   T36] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5831, tgid 5831 (syz-executor), ts 142297411458, free_ts 142272017098
[  268.256525][   T36]  post_alloc_hook+0x181/0x1b0
[  268.261327][   T36]  get_page_from_freelist+0x135c/0x3920
[  268.266901][   T36]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  268.272831][   T36]  new_slab+0x94/0x340
[  268.276917][   T36]  ___slab_alloc+0xd9c/0x1940
[  268.281610][   T36]  __slab_alloc.constprop.0+0x56/0xb0
[  268.287004][   T36]  __kvmalloc_node_noprof+0x3a6/0x600
[  268.292398][   T36]  xt_replace_table+0x1e3/0x950
[  268.297274][   T36]  __do_replace+0x1cf/0x9e0
[  268.301803][   T36]  do_ipt_set_ctl+0x86d/0xae0
[  268.306595][   T36]  nf_setsockopt+0x8d/0xf0
[  268.311031][   T36]  ip_setsockopt+0xcb/0xf0
[  268.315474][   T36]  tcp_setsockopt+0xa7/0x100
[  268.320079][   T36]  do_sock_setsockopt+0x224/0x470
[  268.325125][   T36]  __sys_setsockopt+0x1a0/0x230
[  268.329984][   T36]  __x64_sys_setsockopt+0xbd/0x160
[  268.335199][   T36] page last free pid 6191 tgid 6188 stack trace:
[  268.341524][   T36]  __free_frozen_pages+0x69d/0xff0
[  268.346661][   T36]  tlb_finish_mmu+0x237/0x7b0
[  268.351358][   T36]  exit_mmap+0x403/0xb90
[  268.355621][   T36]  __mmput+0x12a/0x410
[  268.359713][   T36]  mmput+0x62/0x70
[  268.363463][   T36]  do_exit+0x9d1/0x2c30
[  268.367645][   T36]  do_group_exit+0xd3/0x2a0
[  268.372177][   T36]  get_signal+0x2673/0x26d0
[  268.376699][   T36]  arch_do_signal_or_restart+0x8f/0x7d0
[  268.382269][   T36]  syscall_exit_to_user_mode+0x150/0x2a0
[  268.387927][   T36]  do_syscall_64+0xda/0x260
[  268.392455][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.398362][   T36] 
[  268.400684][   T36] Memory state around the buggy address:
[  268.406313][   T36]  ffff88807c9fa780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  268.414378][   T36]  ffff88807c9fa800: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  268.422445][   T36] >ffff88807c9fa880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  268.430505][   T36]                                                                 ^
[  268.438483][   T36]  ffff88807c9fa900: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[  268.446552][   T36]  ffff88807c9fa980: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  268.454625][   T36] ==================================================================
[  268.616709][   T36] Disabling lock debugging due to kernel taint
[  268.622973][   T36] ==================================================================
[  268.631049][   T36] BUG: KASAN: slab-use-after-free in iov_iter_revert+0x521/0x5a0
[  268.638824][   T36] Read of size 4 at addr ffff88807c9fa8e8 by task kworker/u8:2/36
[  268.646646][   T36] 
[  268.648988][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G    B               6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  268.649043][   T36] Tainted: [B]=BAD_PAGE
[  268.649055][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.649079][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  268.649119][   T36] Call Trace:
[  268.649130][   T36]  <TASK>
[  268.649142][   T36]  dump_stack_lvl+0x116/0x1f0
[  268.649197][   T36]  print_report+0xc3/0x670
[  268.649251][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.649296][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.649340][   T36]  ? __phys_addr+0xc6/0x150
[  268.649391][   T36]  ? iov_iter_revert+0x521/0x5a0
[  268.649442][   T36]  kasan_report+0xe0/0x110
[  268.649496][   T36]  ? iov_iter_revert+0x521/0x5a0
[  268.649553][   T36]  iov_iter_revert+0x521/0x5a0
[  268.649608][   T36]  netfs_retry_writes+0x166d/0x1a50
[  268.649646][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.649692][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  268.649745][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.649788][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  268.649851][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  268.649893][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.649937][   T36]  ? register_lock_class+0x41/0x4c0
[  268.649993][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.650037][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  268.650073][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.650119][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  268.650175][   T36]  process_one_work+0x9cf/0x1b70
[  268.650218][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  268.650260][   T36]  ? __pfx_process_one_work+0x10/0x10
[  268.650297][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.650345][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.650388][   T36]  ? assign_work+0x1a0/0x250
[  268.650422][   T36]  worker_thread+0x6c8/0xf10
[  268.650468][   T36]  ? __pfx_worker_thread+0x10/0x10
[  268.650505][   T36]  kthread+0x3c5/0x780
[  268.650537][   T36]  ? __pfx_kthread+0x10/0x10
[  268.650568][   T36]  ? __pfx_kthread+0x10/0x10
[  268.650598][   T36]  ? __pfx_kthread+0x10/0x10
[  268.650630][   T36]  ? __pfx_kthread+0x10/0x10
[  268.650660][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.650703][   T36]  ? rcu_is_watching+0x12/0xc0
[  268.650745][   T36]  ? __pfx_kthread+0x10/0x10
[  268.650778][   T36]  ret_from_fork+0x48/0x80
[  268.650811][   T36]  ? __pfx_kthread+0x10/0x10
[  268.650847][   T36]  ret_from_fork_asm+0x1a/0x30
[  268.650910][   T36]  </TASK>
[  268.650922][   T36] 
[  268.896734][   T36] Allocated by task 7048:
[  268.901063][   T36]  kasan_save_stack+0x33/0x60
[  268.905768][   T36]  kasan_save_track+0x14/0x30
[  268.910472][   T36]  __kasan_kmalloc+0xaa/0xb0
[  268.915084][   T36]  proc_self_get_link+0x1a9/0x230
[  268.920137][   T36]  step_into+0x19e7/0x2270
[  268.924604][   T36]  walk_component+0xfc/0x5b0
[  268.929213][   T36]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  268.935574][   T36]  path_openat+0x227/0x2d40
[  268.940103][   T36]  do_filp_open+0x20b/0x470
[  268.944629][   T36]  do_sys_openat2+0x11b/0x1d0
[  268.949314][   T36]  __x64_sys_openat+0x174/0x210
[  268.954173][   T36]  do_syscall_64+0xcd/0x260
[  268.958702][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.964619][   T36] 
[  268.966942][   T36] Freed by task 7048:
[  268.970929][   T36]  kasan_save_stack+0x33/0x60
[  268.975631][   T36]  kasan_save_track+0x14/0x30
[  268.980344][   T36]  kasan_save_free_info+0x3b/0x60
[  268.985394][   T36]  __kasan_slab_free+0x51/0x70
[  268.990186][   T36]  kfree+0x2b6/0x4d0
[  268.994115][   T36]  walk_component+0x1a5/0x5b0
[  268.998809][   T36]  link_path_walk.part.0.constprop.0+0x553/0xd60
[  269.005156][   T36]  path_openat+0x227/0x2d40
[  269.009681][   T36]  do_filp_open+0x20b/0x470
[  269.014233][   T36]  do_sys_openat2+0x11b/0x1d0
[  269.018919][   T36]  __x64_sys_openat+0x174/0x210
[  269.023797][   T36]  do_syscall_64+0xcd/0x260
[  269.028326][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.034230][   T36] 
[  269.036556][   T36] The buggy address belongs to the object at ffff88807c9fa8e0
[  269.036556][   T36]  which belongs to the cache kmalloc-16 of size 16
[  269.050449][   T36] The buggy address is located 8 bytes inside of
[  269.050449][   T36]  freed 16-byte region [ffff88807c9fa8e0, ffff88807c9fa8f0)
[  269.063994][   T36] 
[  269.066316][   T36] The buggy address belongs to the physical page:
[  269.072721][   T36] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c9fa
[  269.081494][   T36] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  269.089043][   T36] page_type: f5(slab)
[  269.093037][   T36] raw: 00fff00000000000 ffff88801b441640 0000000000000000 dead000000000001
[  269.101632][   T36] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[  269.110214][   T36] page dumped because: kasan: bad access detected
[  269.116623][   T36] page_owner tracks the page as allocated
[  269.122332][   T36] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5831, tgid 5831 (syz-executor), ts 142297411458, free_ts 142272017098
[  269.142064][   T36]  post_alloc_hook+0x181/0x1b0
[  269.146853][   T36]  get_page_from_freelist+0x135c/0x3920
[  269.152443][   T36]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  269.158380][   T36]  new_slab+0x94/0x340
[  269.162487][   T36]  ___slab_alloc+0xd9c/0x1940
[  269.167178][   T36]  __slab_alloc.constprop.0+0x56/0xb0
[  269.172568][   T36]  __kvmalloc_node_noprof+0x3a6/0x600
[  269.177962][   T36]  xt_replace_table+0x1e3/0x950
[  269.182843][   T36]  __do_replace+0x1cf/0x9e0
[  269.187373][   T36]  do_ipt_set_ctl+0x86d/0xae0
[  269.192077][   T36]  nf_setsockopt+0x8d/0xf0
[  269.196510][   T36]  ip_setsockopt+0xcb/0xf0
[  269.200956][   T36]  tcp_setsockopt+0xa7/0x100
[  269.205554][   T36]  do_sock_setsockopt+0x224/0x470
[  269.210605][   T36]  __sys_setsockopt+0x1a0/0x230
[  269.215466][   T36]  __x64_sys_setsockopt+0xbd/0x160
[  269.220594][   T36] page last free pid 6191 tgid 6188 stack trace:
[  269.226917][   T36]  __free_frozen_pages+0x69d/0xff0
[  269.232047][   T36]  tlb_finish_mmu+0x237/0x7b0
[  269.236747][   T36]  exit_mmap+0x403/0xb90
[  269.241006][   T36]  __mmput+0x12a/0x410
[  269.245092][   T36]  mmput+0x62/0x70
[  269.248834][   T36]  do_exit+0x9d1/0x2c30
[  269.253013][   T36]  do_group_exit+0xd3/0x2a0
[  269.257542][   T36]  get_signal+0x2673/0x26d0
[  269.262070][   T36]  arch_do_signal_or_restart+0x8f/0x7d0
[  269.267645][   T36]  syscall_exit_to_user_mode+0x150/0x2a0
[  269.273307][   T36]  do_syscall_64+0xda/0x260
[  269.277837][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.283744][   T36] 
[  269.286064][   T36] Memory state around the buggy address:
[  269.291696][   T36]  ffff88807c9fa780: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[  269.299790][   T36]  ffff88807c9fa800: fa fb fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc
[  269.307856][   T36] >ffff88807c9fa880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  269.315918][   T36]                                                           ^
[  269.323374][   T36]  ffff88807c9fa900: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[  269.331441][   T36]  ffff88807c9fa980: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  269.339501][   T36] ==================================================================
[  269.359610][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.390279][   T36] ==================================================================
[  269.398389][   T36] BUG: KASAN: slab-use-after-free in iov_iter_advance+0x652/0x6c0
[  269.406252][   T36] Read of size 4 at addr ffff88807c9fa8e8 by task kworker/u8:2/36
[  269.414080][   T36] 
[  269.416424][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G    B               6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  269.416479][   T36] Tainted: [B]=BAD_PAGE
[  269.416491][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.416516][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  269.416557][   T36] Call Trace:
[  269.416574][   T36]  <TASK>
[  269.416587][   T36]  dump_stack_lvl+0x116/0x1f0
[  269.416641][   T36]  print_report+0xc3/0x670
[  269.416694][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.416739][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.416782][   T36]  ? __phys_addr+0xc6/0x150
[  269.416834][   T36]  ? iov_iter_advance+0x652/0x6c0
[  269.416887][   T36]  kasan_report+0xe0/0x110
[  269.416942][   T36]  ? iov_iter_advance+0x652/0x6c0
[  269.417000][   T36]  iov_iter_advance+0x652/0x6c0
[  269.417062][   T36]  netfs_reissue_write+0x13d/0x240
[  269.417103][   T36]  netfs_retry_writes+0x168a/0x1a50
[  269.417141][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.417187][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  269.417240][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.417282][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  269.417339][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  269.417380][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.417423][   T36]  ? register_lock_class+0x41/0x4c0
[  269.417478][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.417522][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  269.417558][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.417616][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  269.417673][   T36]  process_one_work+0x9cf/0x1b70
[  269.417718][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  269.417760][   T36]  ? __pfx_process_one_work+0x10/0x10
[  269.417799][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.417847][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.417890][   T36]  ? assign_work+0x1a0/0x250
[  269.417925][   T36]  worker_thread+0x6c8/0xf10
[  269.417975][   T36]  ? __pfx_worker_thread+0x10/0x10
[  269.418013][   T36]  kthread+0x3c5/0x780
[  269.418046][   T36]  ? __pfx_kthread+0x10/0x10
[  269.418077][   T36]  ? __pfx_kthread+0x10/0x10
[  269.418108][   T36]  ? __pfx_kthread+0x10/0x10
[  269.418139][   T36]  ? __pfx_kthread+0x10/0x10
[  269.418170][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  269.418213][   T36]  ? rcu_is_watching+0x12/0xc0
[  269.418255][   T36]  ? __pfx_kthread+0x10/0x10
[  269.418288][   T36]  ret_from_fork+0x48/0x80
[  269.418321][   T36]  ? __pfx_kthread+0x10/0x10
[  269.418354][   T36]  ret_from_fork_asm+0x1a/0x30
[  269.418416][   T36]  </TASK>
[  269.418428][   T36] 
[  269.669766][   T36] Allocated by task 7048:
[  269.674095][   T36]  kasan_save_stack+0x33/0x60
[  269.678834][   T36]  kasan_save_track+0x14/0x30
[  269.683542][   T36]  __kasan_kmalloc+0xaa/0xb0
[  269.688152][   T36]  proc_self_get_link+0x1a9/0x230
[  269.693304][   T36]  step_into+0x19e7/0x2270
[  269.697736][   T36]  walk_component+0xfc/0x5b0
[  269.702344][   T36]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  269.708691][   T36]  path_openat+0x227/0x2d40
[  269.713217][   T36]  do_filp_open+0x20b/0x470
[  269.717742][   T36]  do_sys_openat2+0x11b/0x1d0
[  269.722429][   T36]  __x64_sys_openat+0x174/0x210
[  269.727288][   T36]  do_syscall_64+0xcd/0x260
[  269.731819][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.737728][   T36] 
[  269.740050][   T36] Freed by task 7048:
[  269.744027][   T36]  kasan_save_stack+0x33/0x60
[  269.748727][   T36]  kasan_save_track+0x14/0x30
[  269.753431][   T36]  kasan_save_free_info+0x3b/0x60
[  269.758472][   T36]  __kasan_slab_free+0x51/0x70
[  269.763260][   T36]  kfree+0x2b6/0x4d0
[  269.767170][   T36]  walk_component+0x1a5/0x5b0
[  269.771867][   T36]  link_path_walk.part.0.constprop.0+0x553/0xd60
[  269.778212][   T36]  path_openat+0x227/0x2d40
[  269.782737][   T36]  do_filp_open+0x20b/0x470
[  269.787260][   T36]  do_sys_openat2+0x11b/0x1d0
[  269.791945][   T36]  __x64_sys_openat+0x174/0x210
[  269.796808][   T36]  do_syscall_64+0xcd/0x260
[  269.801347][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.807252][   T36] 
[  269.809571][   T36] The buggy address belongs to the object at ffff88807c9fa8e0
[  269.809571][   T36]  which belongs to the cache kmalloc-16 of size 16
[  269.823457][   T36] The buggy address is located 8 bytes inside of
[  269.823457][   T36]  freed 16-byte region [ffff88807c9fa8e0, ffff88807c9fa8f0)
[  269.837024][   T36] 
[  269.839353][   T36] The buggy address belongs to the physical page:
[  269.845763][   T36] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c9fa
[  269.854534][   T36] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  269.862095][   T36] page_type: f5(slab)
[  269.866084][   T36] raw: 00fff00000000000 ffff88801b441640 0000000000000000 dead000000000001
[  269.874680][   T36] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[  269.883263][   T36] page dumped because: kasan: bad access detected
[  269.889677][   T36] page_owner tracks the page as allocated
[  269.895392][   T36] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5831, tgid 5831 (syz-executor), ts 142297411458, free_ts 142272017098
[  269.915149][   T36]  post_alloc_hook+0x181/0x1b0
[  269.919949][   T36]  get_page_from_freelist+0x135c/0x3920
[  269.925529][   T36]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  269.931458][   T36]  new_slab+0x94/0x340
[  269.935540][   T36]  ___slab_alloc+0xd9c/0x1940
[  269.940238][   T36]  __slab_alloc.constprop.0+0x56/0xb0
[  269.945630][   T36]  __kvmalloc_node_noprof+0x3a6/0x600
[  269.951026][   T36]  xt_replace_table+0x1e3/0x950
[  269.955908][   T36]  __do_replace+0x1cf/0x9e0
[  269.960436][   T36]  do_ipt_set_ctl+0x86d/0xae0
[  269.965140][   T36]  nf_setsockopt+0x8d/0xf0
[  269.969580][   T36]  ip_setsockopt+0xcb/0xf0
[  269.974020][   T36]  tcp_setsockopt+0xa7/0x100
[  269.978623][   T36]  do_sock_setsockopt+0x224/0x470
[  269.983676][   T36]  __sys_setsockopt+0x1a0/0x230
[  269.988546][   T36]  __x64_sys_setsockopt+0xbd/0x160
[  269.993684][   T36] page last free pid 6191 tgid 6188 stack trace:
[  270.000015][   T36]  __free_frozen_pages+0x69d/0xff0
[  270.005156][   T36]  tlb_finish_mmu+0x237/0x7b0
[  270.009885][   T36]  exit_mmap+0x403/0xb90
[  270.014143][   T36]  __mmput+0x12a/0x410
[  270.018235][   T36]  mmput+0x62/0x70
[  270.021979][   T36]  do_exit+0x9d1/0x2c30
[  270.026160][   T36]  do_group_exit+0xd3/0x2a0
[  270.030707][   T36]  get_signal+0x2673/0x26d0
[  270.035231][   T36]  arch_do_signal_or_restart+0x8f/0x7d0
[  270.040801][   T36]  syscall_exit_to_user_mode+0x150/0x2a0
[  270.046471][   T36]  do_syscall_64+0xda/0x260
[  270.051005][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.056910][   T36] 
[  270.059230][   T36] Memory state around the buggy address:
[  270.064862][   T36]  ffff88807c9fa780: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[  270.072929][   T36]  ffff88807c9fa800: fa fb fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc
[  270.081005][   T36] >ffff88807c9fa880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  270.089067][   T36]                                                           ^
[  270.096522][   T36]  ffff88807c9fa900: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[  270.104599][   T36]  ffff88807c9fa980: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  270.112666][   T36] ==================================================================
[  270.564650][   T36] ==================================================================
[  270.572761][   T36] BUG: KASAN: slab-use-after-free in _copy_from_iter+0x132f/0x15b0
[  270.580707][   T36] Read of size 4 at addr ffff88807c9fa8ec by task kworker/u8:2/36
[  270.588527][   T36] 
[  270.590868][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G    B               6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  270.590921][   T36] Tainted: [B]=BAD_PAGE
[  270.590934][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  270.590958][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  270.590998][   T36] Call Trace:
[  270.591009][   T36]  <TASK>
[  270.591022][   T36]  dump_stack_lvl+0x116/0x1f0
[  270.591076][   T36]  print_report+0xc3/0x670
[  270.591128][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.591172][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.591215][   T36]  ? __phys_addr+0xc6/0x150
[  270.591265][   T36]  ? _copy_from_iter+0x132f/0x15b0
[  270.591318][   T36]  kasan_report+0xe0/0x110
[  270.591372][   T36]  ? _copy_from_iter+0x132f/0x15b0
[  270.591430][   T36]  _copy_from_iter+0x132f/0x15b0
[  270.591485][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.591528][   T36]  ? p9pdu_writef+0xc3/0x100
[  270.591570][   T36]  ? __pfx__copy_from_iter+0x10/0x10
[  270.591625][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.591668][   T36]  ? lock_acquire+0x2cd/0x350
[  270.591721][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.591765][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.591808][   T36]  ? __asan_memcpy+0x3c/0x60
[  270.591854][   T36]  p9pdu_vwritef+0x2da/0x1d30
[  270.591895][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.591938][   T36]  ? p9pdu_writef+0xc3/0x100
[  270.591973][   T36]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  270.592010][   T36]  ? __pfx_p9_tag_alloc+0x10/0x10
[  270.592062][   T36]  ? rcu_is_watching+0x12/0xc0
[  270.592104][   T36]  ? rcu_is_watching+0x12/0xc0
[  270.592144][   T36]  ? rcu_is_watching+0x12/0xc0
[  270.592184][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.592231][   T36]  p9_client_prepare_req+0x247/0x4d0
[  270.592287][   T36]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  270.592341][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.592386][   T36]  ? trace_sched_exit_tp+0xde/0x130
[  270.592437][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.592480][   T36]  ? __schedule+0x1186/0x5de0
[  270.592525][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.592628][   T36]  p9_client_rpc+0x1c4/0xc50
[  270.592686][   T36]  ? __pfx_p9_client_rpc+0x10/0x10
[  270.592743][   T36]  ? __pfx___schedule+0x10/0x10
[  270.592795][   T36]  ? __pfx_vprintk_emit+0x10/0x10
[  270.592839][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.592881][   T36]  ? rcu_is_watching+0x12/0xc0
[  270.592921][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.592965][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.593012][   T36]  p9_client_write+0x245/0x6f0
[  270.593053][   T36]  ? __pfx_p9_client_write+0x10/0x10
[  270.593093][   T36]  v9fs_issue_write+0xe3/0x1b0
[  270.593144][   T36]  ? __pfx_v9fs_issue_write+0x10/0x10
[  270.593197][   T36]  ? iov_iter_advance+0x380/0x6c0
[  270.593249][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.593294][   T36]  ? rcu_is_watching+0x12/0xc0
[  270.593336][   T36]  netfs_do_issue_write+0x95/0x110
[  270.593372][   T36]  netfs_retry_writes+0x168a/0x1a50
[  270.593410][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.593455][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  270.593507][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.593549][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  270.593611][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  270.593651][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.593694][   T36]  ? register_lock_class+0x41/0x4c0
[  270.593750][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.593792][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  270.593827][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.593873][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  270.593929][   T36]  process_one_work+0x9cf/0x1b70
[  270.593973][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  270.594015][   T36]  ? __pfx_process_one_work+0x10/0x10
[  270.594052][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.594100][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.594142][   T36]  ? assign_work+0x1a0/0x250
[  270.594176][   T36]  worker_thread+0x6c8/0xf10
[  270.594222][   T36]  ? __pfx_worker_thread+0x10/0x10
[  270.594259][   T36]  kthread+0x3c5/0x780
[  270.594291][   T36]  ? __pfx_kthread+0x10/0x10
[  270.594321][   T36]  ? __pfx_kthread+0x10/0x10
[  270.594352][   T36]  ? __pfx_kthread+0x10/0x10
[  270.594383][   T36]  ? __pfx_kthread+0x10/0x10
[  270.594413][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  270.594456][   T36]  ? rcu_is_watching+0x12/0xc0
[  270.594496][   T36]  ? __pfx_kthread+0x10/0x10
[  270.594529][   T36]  ret_from_fork+0x48/0x80
[  270.594562][   T36]  ? __pfx_kthread+0x10/0x10
[  270.594600][   T36]  ret_from_fork_asm+0x1a/0x30
[  270.594662][   T36]  </TASK>
[  270.594674][   T36] 
[  271.046434][   T36] Allocated by task 7048:
[  271.050764][   T36]  kasan_save_stack+0x33/0x60
[  271.055500][   T36]  kasan_save_track+0x14/0x30
[  271.060205][   T36]  __kasan_kmalloc+0xaa/0xb0
[  271.064833][   T36]  proc_self_get_link+0x1a9/0x230
[  271.069886][   T36]  step_into+0x19e7/0x2270
[  271.074317][   T36]  walk_component+0xfc/0x5b0
[  271.078927][   T36]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  271.085276][   T36]  path_openat+0x227/0x2d40
[  271.089806][   T36]  do_filp_open+0x20b/0x470
[  271.094357][   T36]  do_sys_openat2+0x11b/0x1d0
[  271.099045][   T36]  __x64_sys_openat+0x174/0x210
[  271.103905][   T36]  do_syscall_64+0xcd/0x260
[  271.108436][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.114341][   T36] 
[  271.116660][   T36] Freed by task 7048:
[  271.120638][   T36]  kasan_save_stack+0x33/0x60
[  271.125339][   T36]  kasan_save_track+0x14/0x30
[  271.130043][   T36]  kasan_save_free_info+0x3b/0x60
[  271.135083][   T36]  __kasan_slab_free+0x51/0x70
[  271.139869][   T36]  kfree+0x2b6/0x4d0
[  271.143778][   T36]  walk_component+0x1a5/0x5b0
[  271.148477][   T36]  link_path_walk.part.0.constprop.0+0x553/0xd60
[  271.154837][   T36]  path_openat+0x227/0x2d40
[  271.159369][   T36]  do_filp_open+0x20b/0x470
[  271.163924][   T36]  do_sys_openat2+0x11b/0x1d0
[  271.168623][   T36]  __x64_sys_openat+0x174/0x210
[  271.173494][   T36]  do_syscall_64+0xcd/0x260
[  271.178027][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.183936][   T36] 
[  271.186258][   T36] The buggy address belongs to the object at ffff88807c9fa8e0
[  271.186258][   T36]  which belongs to the cache kmalloc-16 of size 16
[  271.200153][   T36] The buggy address is located 12 bytes inside of
[  271.200153][   T36]  freed 16-byte region [ffff88807c9fa8e0, ffff88807c9fa8f0)
[  271.213788][   T36] 
[  271.216113][   T36] The buggy address belongs to the physical page:
[  271.222521][   T36] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807c9fa2e0 pfn:0x7c9fa
[  271.232615][   T36] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff)
[  271.240692][   T36] page_type: f5(slab)
[  271.244682][   T36] raw: 00fff00000000200 ffff88801b441640 ffffea0001e01650 ffffea0000a5e910
[  271.253281][   T36] raw: ffff88807c9fa2e0 000000000080007d 00000000f5000000 0000000000000000
[  271.261868][   T36] page dumped because: kasan: bad access detected
[  271.268277][   T36] page_owner tracks the page as allocated
[  271.273987][   T36] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5831, tgid 5831 (syz-executor), ts 142297411458, free_ts 142272017098
[  271.293814][   T36]  post_alloc_hook+0x181/0x1b0
[  271.298641][   T36]  get_page_from_freelist+0x135c/0x3920
[  271.304222][   T36]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  271.310146][   T36]  new_slab+0x94/0x340
[  271.314234][   T36]  ___slab_alloc+0xd9c/0x1940
[  271.318926][   T36]  __slab_alloc.constprop.0+0x56/0xb0
[  271.324315][   T36]  __kvmalloc_node_noprof+0x3a6/0x600
[  271.329711][   T36]  xt_replace_table+0x1e3/0x950
[  271.334594][   T36]  __do_replace+0x1cf/0x9e0
[  271.339121][   T36]  do_ipt_set_ctl+0x86d/0xae0
[  271.343827][   T36]  nf_setsockopt+0x8d/0xf0
[  271.348260][   T36]  ip_setsockopt+0xcb/0xf0
[  271.352703][   T36]  tcp_setsockopt+0xa7/0x100
[  271.357300][   T36]  do_sock_setsockopt+0x224/0x470
[  271.362348][   T36]  __sys_setsockopt+0x1a0/0x230
[  271.367214][   T36]  __x64_sys_setsockopt+0xbd/0x160
[  271.372338][   T36] page last free pid 6191 tgid 6188 stack trace:
[  271.378660][   T36]  __free_frozen_pages+0x69d/0xff0
[  271.383807][   T36]  tlb_finish_mmu+0x237/0x7b0
[  271.388511][   T36]  exit_mmap+0x403/0xb90
[  271.392766][   T36]  __mmput+0x12a/0x410
[  271.396858][   T36]  mmput+0x62/0x70
[  271.400601][   T36]  do_exit+0x9d1/0x2c30
[  271.404782][   T36]  do_group_exit+0xd3/0x2a0
[  271.409339][   T36]  get_signal+0x2673/0x26d0
[  271.413862][   T36]  arch_do_signal_or_restart+0x8f/0x7d0
[  271.419433][   T36]  syscall_exit_to_user_mode+0x150/0x2a0
[  271.425112][   T36]  do_syscall_64+0xda/0x260
[  271.429640][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.435545][   T36] 
[  271.437865][   T36] Memory state around the buggy address:
[  271.443497][   T36]  ffff88807c9fa780: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[  271.451569][   T36]  ffff88807c9fa800: fa fb fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc
[  271.459645][   T36] >ffff88807c9fa880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  271.467706][   T36]                                                           ^
[  271.475161][   T36]  ffff88807c9fa900: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[  271.483227][   T36]  ffff88807c9fa980: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  271.491394][   T36] ==================================================================
[  271.552618][   T36] ==================================================================
[  271.560707][   T36] BUG: KASAN: slab-use-after-free in _copy_from_iter+0x1447/0x15b0
[  271.568617][   T36] Read of size 8 at addr ffff88807c9fa8e0 by task kworker/u8:2/36
[  271.576433][   T36] 
[  271.578764][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G    B               6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  271.578804][   T36] Tainted: [B]=BAD_PAGE
[  271.578814][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  271.578834][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  271.578866][   T36] Call Trace:
[  271.578877][   T36]  <TASK>
[  271.578888][   T36]  dump_stack_lvl+0x116/0x1f0
[  271.578930][   T36]  print_report+0xc3/0x670
[  271.578970][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579003][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579035][   T36]  ? __phys_addr+0xc6/0x150
[  271.579073][   T36]  ? _copy_from_iter+0x1447/0x15b0
[  271.579112][   T36]  kasan_report+0xe0/0x110
[  271.579153][   T36]  ? _copy_from_iter+0x1447/0x15b0
[  271.579197][   T36]  _copy_from_iter+0x1447/0x15b0
[  271.579238][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579270][   T36]  ? p9pdu_writef+0xc3/0x100
[  271.579298][   T36]  ? __pfx__copy_from_iter+0x10/0x10
[  271.579339][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579371][   T36]  ? lock_acquire+0x2cd/0x350
[  271.579415][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579459][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579491][   T36]  ? __asan_memcpy+0x3c/0x60
[  271.579526][   T36]  p9pdu_vwritef+0x2da/0x1d30
[  271.579556][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579593][   T36]  ? p9pdu_writef+0xc3/0x100
[  271.579619][   T36]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  271.579647][   T36]  ? __pfx_p9_tag_alloc+0x10/0x10
[  271.579686][   T36]  ? rcu_is_watching+0x12/0xc0
[  271.579717][   T36]  ? rcu_is_watching+0x12/0xc0
[  271.579748][   T36]  ? rcu_is_watching+0x12/0xc0
[  271.579778][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579813][   T36]  p9_client_prepare_req+0x247/0x4d0
[  271.579856][   T36]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  271.579897][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.579930][   T36]  ? trace_sched_exit_tp+0xde/0x130
[  271.579969][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580009][   T36]  ? __schedule+0x1186/0x5de0
[  271.580051][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580094][   T36]  p9_client_rpc+0x1c4/0xc50
[  271.580137][   T36]  ? __pfx_p9_client_rpc+0x10/0x10
[  271.580179][   T36]  ? __pfx___schedule+0x10/0x10
[  271.580214][   T36]  ? __pfx_vprintk_emit+0x10/0x10
[  271.580248][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580280][   T36]  ? rcu_is_watching+0x12/0xc0
[  271.580310][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580343][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580378][   T36]  p9_client_write+0x245/0x6f0
[  271.580409][   T36]  ? __pfx_p9_client_write+0x10/0x10
[  271.580439][   T36]  v9fs_issue_write+0xe3/0x1b0
[  271.580478][   T36]  ? __pfx_v9fs_issue_write+0x10/0x10
[  271.580515][   T36]  ? iov_iter_advance+0x380/0x6c0
[  271.580554][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580593][   T36]  ? rcu_is_watching+0x12/0xc0
[  271.580624][   T36]  netfs_do_issue_write+0x95/0x110
[  271.580651][   T36]  netfs_retry_writes+0x168a/0x1a50
[  271.580680][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580714][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  271.580753][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580785][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  271.580828][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  271.580859][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580891][   T36]  ? register_lock_class+0x41/0x4c0
[  271.580932][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.580964][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  271.580991][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.581026][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  271.581068][   T36]  process_one_work+0x9cf/0x1b70
[  271.581100][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  271.581131][   T36]  ? __pfx_process_one_work+0x10/0x10
[  271.581159][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.581195][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.581227][   T36]  ? assign_work+0x1a0/0x250
[  271.581253][   T36]  worker_thread+0x6c8/0xf10
[  271.581287][   T36]  ? __pfx_worker_thread+0x10/0x10
[  271.581315][   T36]  kthread+0x3c5/0x780
[  271.581340][   T36]  ? __pfx_kthread+0x10/0x10
[  271.581362][   T36]  ? __pfx_kthread+0x10/0x10
[  271.581385][   T36]  ? __pfx_kthread+0x10/0x10
[  271.581408][   T36]  ? __pfx_kthread+0x10/0x10
[  271.581431][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  271.581463][   T36]  ? rcu_is_watching+0x12/0xc0
[  271.581493][   T36]  ? __pfx_kthread+0x10/0x10
[  271.581517][   T36]  ret_from_fork+0x48/0x80
[  271.581543][   T36]  ? __pfx_kthread+0x10/0x10
[  271.581567][   T36]  ret_from_fork_asm+0x1a/0x30
[  271.581618][   T36]  </TASK>
[  271.581626][   T36] 
[  272.032872][   T36] Allocated by task 7048:
[  272.037199][   T36]  kasan_save_stack+0x33/0x60
[  272.041904][   T36]  kasan_save_track+0x14/0x30
[  272.046609][   T36]  __kasan_kmalloc+0xaa/0xb0
[  272.051221][   T36]  proc_self_get_link+0x1a9/0x230
[  272.056284][   T36]  step_into+0x19e7/0x2270
[  272.060708][   T36]  walk_component+0xfc/0x5b0
[  272.065304][   T36]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  272.071654][   T36]  path_openat+0x227/0x2d40
[  272.076169][   T36]  do_filp_open+0x20b/0x470
[  272.080682][   T36]  do_sys_openat2+0x11b/0x1d0
[  272.085354][   T36]  __x64_sys_openat+0x174/0x210
[  272.090202][   T36]  do_syscall_64+0xcd/0x260
[  272.094736][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.100631][   T36] 
[  272.102941][   T36] Freed by task 7048:
[  272.106993][   T36]  kasan_save_stack+0x33/0x60
[  272.111680][   T36]  kasan_save_track+0x14/0x30
[  272.116365][   T36]  kasan_save_free_info+0x3b/0x60
[  272.121395][   T36]  __kasan_slab_free+0x51/0x70
[  272.126168][   T36]  kfree+0x2b6/0x4d0
[  272.130066][   T36]  walk_component+0x1a5/0x5b0
[  272.134749][   T36]  link_path_walk.part.0.constprop.0+0x553/0xd60
[  272.141083][   T36]  path_openat+0x227/0x2d40
[  272.145593][   T36]  do_filp_open+0x20b/0x470
[  272.150105][   T36]  do_sys_openat2+0x11b/0x1d0
[  272.154778][   T36]  __x64_sys_openat+0x174/0x210
[  272.159623][   T36]  do_syscall_64+0xcd/0x260
[  272.164140][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.170040][   T36] 
[  272.172354][   T36] The buggy address belongs to the object at ffff88807c9fa8e0
[  272.172354][   T36]  which belongs to the cache kmalloc-16 of size 16
[  272.186228][   T36] The buggy address is located 0 bytes inside of
[  272.186228][   T36]  freed 16-byte region [ffff88807c9fa8e0, ffff88807c9fa8f0)
[  272.199760][   T36] 
[  272.202084][   T36] The buggy address belongs to the physical page:
[  272.208492][   T36] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807c9fa2e0 pfn:0x7c9fa
[  272.218548][   T36] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff)
[  272.226623][   T36] page_type: f5(slab)
[  272.230603][   T36] raw: 00fff00000000200 ffff88801b441640 ffffea0001e01650 ffffea0000a5e910
[  272.239183][   T36] raw: ffff88807c9fa2e0 000000000080007d 00000000f5000000 0000000000000000
[  272.247756][   T36] page dumped because: kasan: bad access detected
[  272.254158][   T36] page_owner tracks the page as allocated
[  272.259858][   T36] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5831, tgid 5831 (syz-executor), ts 142297411458, free_ts 142272017098
[  272.279587][   T36]  post_alloc_hook+0x181/0x1b0
[  272.284368][   T36]  get_page_from_freelist+0x135c/0x3920
[  272.289930][   T36]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  272.295837][   T36]  new_slab+0x94/0x340
[  272.299940][   T36]  ___slab_alloc+0xd9c/0x1940
[  272.304623][   T36]  __slab_alloc.constprop.0+0x56/0xb0
[  272.310004][   T36]  __kvmalloc_node_noprof+0x3a6/0x600
[  272.315420][   T36]  xt_replace_table+0x1e3/0x950
[  272.320287][   T36]  __do_replace+0x1cf/0x9e0
[  272.324803][   T36]  do_ipt_set_ctl+0x86d/0xae0
[  272.329493][   T36]  nf_setsockopt+0x8d/0xf0
[  272.333917][   T36]  ip_setsockopt+0xcb/0xf0
[  272.338364][   T36]  tcp_setsockopt+0xa7/0x100
[  272.342963][   T36]  do_sock_setsockopt+0x224/0x470
[  272.347995][   T36]  __sys_setsockopt+0x1a0/0x230
[  272.352856][   T36]  __x64_sys_setsockopt+0xbd/0x160
[  272.357991][   T36] page last free pid 6191 tgid 6188 stack trace:
[  272.364328][   T36]  __free_frozen_pages+0x69d/0xff0
[  272.369447][   T36]  tlb_finish_mmu+0x237/0x7b0
[  272.374131][   T36]  exit_mmap+0x403/0xb90
[  272.378470][   T36]  __mmput+0x12a/0x410
[  272.382546][   T36]  mmput+0x62/0x70
[  272.386290][   T36]  do_exit+0x9d1/0x2c30
[  272.390458][   T36]  do_group_exit+0xd3/0x2a0
[  272.394988][   T36]  get_signal+0x2673/0x26d0
[  272.399509][   T36]  arch_do_signal_or_restart+0x8f/0x7d0
[  272.405076][   T36]  syscall_exit_to_user_mode+0x150/0x2a0
[  272.410725][   T36]  do_syscall_64+0xda/0x260
[  272.415241][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.421139][   T36] 
[  272.423450][   T36] Memory state around the buggy address:
[  272.429067][   T36]  ffff88807c9fa780: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[  272.437124][   T36]  ffff88807c9fa800: fa fb fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc
[  272.445181][   T36] >ffff88807c9fa880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  272.453236][   T36]                                                        ^
[  272.460428][   T36]  ffff88807c9fa900: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[  272.468491][   T36]  ffff88807c9fa980: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  272.476548][   T36] ==================================================================
[  272.495596][   T36] ==================================================================
[  272.503692][   T36] BUG: KASAN: slab-use-after-free in _copy_from_iter+0x1459/0x15b0
[  272.511629][   T36] Read of size 4 at addr ffff88807c9fa8e8 by task kworker/u8:2/36
[  272.519429][   T36] 
[  272.521766][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G    B               6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  272.521807][   T36] Tainted: [B]=BAD_PAGE
[  272.521816][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.521835][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  272.521865][   T36] Call Trace:
[  272.521874][   T36]  <TASK>
[  272.521884][   T36]  dump_stack_lvl+0x116/0x1f0
[  272.521926][   T36]  print_report+0xc3/0x670
[  272.521966][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.521998][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522030][   T36]  ? __phys_addr+0xc6/0x150
[  272.522068][   T36]  ? _copy_from_iter+0x1459/0x15b0
[  272.522108][   T36]  kasan_report+0xe0/0x110
[  272.522149][   T36]  ? _copy_from_iter+0x1459/0x15b0
[  272.522192][   T36]  _copy_from_iter+0x1459/0x15b0
[  272.522234][   T36]  ? p9pdu_writef+0xc3/0x100
[  272.522262][   T36]  ? __pfx__copy_from_iter+0x10/0x10
[  272.522303][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522335][   T36]  ? lock_acquire+0x2cd/0x350
[  272.522375][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522408][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522440][   T36]  ? __asan_memcpy+0x3c/0x60
[  272.522475][   T36]  p9pdu_vwritef+0x2da/0x1d30
[  272.522505][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522537][   T36]  ? p9pdu_writef+0xc3/0x100
[  272.522569][   T36]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  272.522596][   T36]  ? __pfx_p9_tag_alloc+0x10/0x10
[  272.522636][   T36]  ? rcu_is_watching+0x12/0xc0
[  272.522667][   T36]  ? rcu_is_watching+0x12/0xc0
[  272.522697][   T36]  ? rcu_is_watching+0x12/0xc0
[  272.522727][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522762][   T36]  p9_client_prepare_req+0x247/0x4d0
[  272.522804][   T36]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  272.522845][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522878][   T36]  ? trace_sched_exit_tp+0xde/0x130
[  272.522917][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.522949][   T36]  ? __schedule+0x1186/0x5de0
[  272.522983][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523018][   T36]  p9_client_rpc+0x1c4/0xc50
[  272.523060][   T36]  ? __pfx_p9_client_rpc+0x10/0x10
[  272.523102][   T36]  ? __pfx___schedule+0x10/0x10
[  272.523137][   T36]  ? __pfx_vprintk_emit+0x10/0x10
[  272.523170][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523202][   T36]  ? rcu_is_watching+0x12/0xc0
[  272.523232][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523265][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523300][   T36]  p9_client_write+0x245/0x6f0
[  272.523331][   T36]  ? __pfx_p9_client_write+0x10/0x10
[  272.523361][   T36]  v9fs_issue_write+0xe3/0x1b0
[  272.523399][   T36]  ? __pfx_v9fs_issue_write+0x10/0x10
[  272.523437][   T36]  ? iov_iter_advance+0x380/0x6c0
[  272.523476][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523508][   T36]  ? rcu_is_watching+0x12/0xc0
[  272.523539][   T36]  netfs_do_issue_write+0x95/0x110
[  272.523569][   T36]  netfs_retry_writes+0x168a/0x1a50
[  272.523598][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523632][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  272.523671][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523703][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  272.523745][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  272.523775][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523807][   T36]  ? register_lock_class+0x41/0x4c0
[  272.523849][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523880][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  272.523908][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.523942][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  272.523984][   T36]  process_one_work+0x9cf/0x1b70
[  272.524017][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  272.524048][   T36]  ? __pfx_process_one_work+0x10/0x10
[  272.524076][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.524112][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.524144][   T36]  ? assign_work+0x1a0/0x250
[  272.524169][   T36]  worker_thread+0x6c8/0xf10
[  272.524204][   T36]  ? __pfx_worker_thread+0x10/0x10
[  272.524232][   T36]  kthread+0x3c5/0x780
[  272.524261][   T36]  ? __pfx_kthread+0x10/0x10
[  272.524284][   T36]  ? __pfx_kthread+0x10/0x10
[  272.524306][   T36]  ? __pfx_kthread+0x10/0x10
[  272.524329][   T36]  ? __pfx_kthread+0x10/0x10
[  272.524352][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.524384][   T36]  ? rcu_is_watching+0x12/0xc0
[  272.524414][   T36]  ? __pfx_kthread+0x10/0x10
[  272.524439][   T36]  ret_from_fork+0x48/0x80
[  272.524463][   T36]  ? __pfx_kthread+0x10/0x10
[  272.524487][   T36]  ret_from_fork_asm+0x1a/0x30
[  272.524534][   T36]  </TASK>
[  272.524543][   T36] 
[  272.969805][   T36] Allocated by task 7048:
[  272.974126][   T36]  kasan_save_stack+0x33/0x60
[  272.978827][   T36]  kasan_save_track+0x14/0x30
[  272.983511][   T36]  __kasan_kmalloc+0xaa/0xb0
[  272.988107][   T36]  proc_self_get_link+0x1a9/0x230
[  272.993140][   T36]  step_into+0x19e7/0x2270
[  272.997556][   T36]  walk_component+0xfc/0x5b0
[  273.002154][   T36]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  273.008486][   T36]  path_openat+0x227/0x2d40
[  273.012995][   T36]  do_filp_open+0x20b/0x470
[  273.017502][   T36]  do_sys_openat2+0x11b/0x1d0
[  273.022173][   T36]  __x64_sys_openat+0x174/0x210
[  273.027019][   T36]  do_syscall_64+0xcd/0x260
[  273.031534][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.037431][   T36] 
[  273.039742][   T36] Freed by task 7048:
[  273.043707][   T36]  kasan_save_stack+0x33/0x60
[  273.048390][   T36]  kasan_save_track+0x14/0x30
[  273.053077][   T36]  kasan_save_free_info+0x3b/0x60
[  273.058101][   T36]  __kasan_slab_free+0x51/0x70
[  273.062873][   T36]  kfree+0x2b6/0x4d0
[  273.066768][   T36]  walk_component+0x1a5/0x5b0
[  273.071448][   T36]  link_path_walk.part.0.constprop.0+0x553/0xd60
[  273.077780][   T36]  path_openat+0x227/0x2d40
[  273.082291][   T36]  do_filp_open+0x20b/0x470
[  273.086895][   T36]  do_sys_openat2+0x11b/0x1d0
[  273.091572][   T36]  __x64_sys_openat+0x174/0x210
[  273.096420][   T36]  do_syscall_64+0xcd/0x260
[  273.100938][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.106830][   T36] 
[  273.109140][   T36] The buggy address belongs to the object at ffff88807c9fa8e0
[  273.109140][   T36]  which belongs to the cache kmalloc-16 of size 16
[  273.123016][   T36] The buggy address is located 8 bytes inside of
[  273.123016][   T36]  freed 16-byte region [ffff88807c9fa8e0, ffff88807c9fa8f0)
[  273.136551][   T36] 
[  273.138868][   T36] The buggy address belongs to the physical page:
[  273.145264][   T36] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807c9fa2e0 pfn:0x7c9fa
[  273.155325][   T36] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff)
[  273.163387][   T36] page_type: f5(slab)
[  273.167365][   T36] raw: 00fff00000000200 ffff88801b441640 ffffea0001e01650 ffffea0000a5e910
[  273.175951][   T36] raw: ffff88807c9fa2e0 000000000080007d 00000000f5000000 0000000000000000
[  273.184532][   T36] page dumped because: kasan: bad access detected
[  273.190947][   T36] page_owner tracks the page as allocated
[  273.196653][   T36] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5831, tgid 5831 (syz-executor), ts 142297411458, free_ts 142272017098
[  273.216381][   T36]  post_alloc_hook+0x181/0x1b0
[  273.221159][   T36]  get_page_from_freelist+0x135c/0x3920
[  273.226716][   T36]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  273.232619][   T36]  new_slab+0x94/0x340
[  273.236690][   T36]  ___slab_alloc+0xd9c/0x1940
[  273.241370][   T36]  __slab_alloc.constprop.0+0x56/0xb0
[  273.246745][   T36]  __kvmalloc_node_noprof+0x3a6/0x600
[  273.252123][   T36]  xt_replace_table+0x1e3/0x950
[  273.256984][   T36]  __do_replace+0x1cf/0x9e0
[  273.261500][   T36]  do_ipt_set_ctl+0x86d/0xae0
[  273.266185][   T36]  nf_setsockopt+0x8d/0xf0
[  273.270616][   T36]  ip_setsockopt+0xcb/0xf0
[  273.275050][   T36]  tcp_setsockopt+0xa7/0x100
[  273.279640][   T36]  do_sock_setsockopt+0x224/0x470
[  273.284679][   T36]  __sys_setsockopt+0x1a0/0x230
[  273.289530][   T36]  __x64_sys_setsockopt+0xbd/0x160
[  273.294648][   T36] page last free pid 6191 tgid 6188 stack trace:
[  273.300983][   T36]  __free_frozen_pages+0x69d/0xff0
[  273.306100][   T36]  tlb_finish_mmu+0x237/0x7b0
[  273.310783][   T36]  exit_mmap+0x403/0xb90
[  273.315026][   T36]  __mmput+0x12a/0x410
[  273.319099][   T36]  mmput+0x62/0x70
[  273.322843][   T36]  do_exit+0x9d1/0x2c30
[  273.327025][   T36]  do_group_exit+0xd3/0x2a0
[  273.331539][   T36]  get_signal+0x2673/0x26d0
[  273.336050][   T36]  arch_do_signal_or_restart+0x8f/0x7d0
[  273.341607][   T36]  syscall_exit_to_user_mode+0x150/0x2a0
[  273.347268][   T36]  do_syscall_64+0xda/0x260
[  273.351788][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.357682][   T36] 
[  273.359997][   T36] Memory state around the buggy address:
[  273.365627][   T36]  ffff88807c9fa780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  273.373691][   T36]  ffff88807c9fa800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  273.381749][   T36] >ffff88807c9fa880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  273.389808][   T36]                                                           ^
[  273.397266][   T36]  ffff88807c9fa900: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[  273.405324][   T36]  ffff88807c9fa980: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  273.413382][   T36] ==================================================================
[  273.436498][   T36] ==================================================================
[  273.444574][   T36] BUG: KASAN: wild-memory-access in _copy_from_iter+0x8c9/0x15b0
[  273.452339][   T36] Read of size 12 at addr ffe7288c8ff3bd29 by task kworker/u8:2/36
[  273.460250][   T36] 
[  273.462599][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G    B               6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  273.462651][   T36] Tainted: [B]=BAD_PAGE
[  273.462663][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.462687][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  273.462725][   T36] Call Trace:
[  273.462736][   T36]  <TASK>
[  273.462749][   T36]  dump_stack_lvl+0x116/0x1f0
[  273.462804][   T36]  kasan_report+0xe0/0x110
[  273.462861][   T36]  ? _copy_from_iter+0x8c9/0x15b0
[  273.462921][   T36]  kasan_check_range+0xef/0x1a0
[  273.462960][   T36]  __asan_memcpy+0x23/0x60
[  273.463004][   T36]  _copy_from_iter+0x8c9/0x15b0
[  273.463060][   T36]  ? p9pdu_writef+0xc3/0x100
[  273.463098][   T36]  ? __pfx__copy_from_iter+0x10/0x10
[  273.463152][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.463198][   T36]  ? lock_acquire+0x2cd/0x350
[  273.463252][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.463297][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.463340][   T36]  ? __asan_memcpy+0x3c/0x60
[  273.463387][   T36]  p9pdu_vwritef+0x2da/0x1d30
[  273.463429][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.463485][   T36]  ? p9pdu_writef+0xc3/0x100
[  273.463521][   T36]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  273.463558][   T36]  ? __pfx_p9_tag_alloc+0x10/0x10
[  273.463620][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.463663][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.463705][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.463744][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.463792][   T36]  p9_client_prepare_req+0x247/0x4d0
[  273.463849][   T36]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  273.463904][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.463949][   T36]  ? trace_sched_exit_tp+0xde/0x130
[  273.464001][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.464044][   T36]  ? __schedule+0x1186/0x5de0
[  273.464091][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.464139][   T36]  p9_client_rpc+0x1c4/0xc50
[  273.464194][   T36]  ? __pfx_p9_client_rpc+0x10/0x10
[  273.464249][   T36]  ? __pfx___schedule+0x10/0x10
[  273.464294][   T36]  ? __pfx_vprintk_emit+0x10/0x10
[  273.464339][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.464380][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.464420][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.464476][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.464524][   T36]  p9_client_write+0x245/0x6f0
[  273.464570][   T36]  ? __pfx_p9_client_write+0x10/0x10
[  273.464611][   T36]  v9fs_issue_write+0xe3/0x1b0
[  273.464662][   T36]  ? __pfx_v9fs_issue_write+0x10/0x10
[  273.464713][   T36]  ? iov_iter_advance+0x380/0x6c0
[  273.464765][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.464808][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.464850][   T36]  netfs_do_issue_write+0x95/0x110
[  273.464886][   T36]  netfs_retry_writes+0x168a/0x1a50
[  273.464924][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.464969][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  273.465021][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.465063][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  273.465119][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  273.465159][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.465201][   T36]  ? register_lock_class+0x41/0x4c0
[  273.465255][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.465297][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  273.465333][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.465380][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  273.465446][   T36]  process_one_work+0x9cf/0x1b70
[  273.465491][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  273.465533][   T36]  ? __pfx_process_one_work+0x10/0x10
[  273.465577][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.465626][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.465669][   T36]  ? assign_work+0x1a0/0x250
[  273.465704][   T36]  worker_thread+0x6c8/0xf10
[  273.465750][   T36]  ? __pfx_worker_thread+0x10/0x10
[  273.465787][   T36]  kthread+0x3c5/0x780
[  273.465820][   T36]  ? __pfx_kthread+0x10/0x10
[  273.465851][   T36]  ? __pfx_kthread+0x10/0x10
[  273.465881][   T36]  ? __pfx_kthread+0x10/0x10
[  273.465913][   T36]  ? __pfx_kthread+0x10/0x10
[  273.465943][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.465987][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.466028][   T36]  ? __pfx_kthread+0x10/0x10
[  273.466061][   T36]  ret_from_fork+0x48/0x80
[  273.466094][   T36]  ? __pfx_kthread+0x10/0x10
[  273.466125][   T36]  ret_from_fork_asm+0x1a/0x30
[  273.466187][   T36]  </TASK>
[  273.466198][   T36] ==================================================================
[  273.933001][   T36] ==================================================================
[  273.941089][   T36] BUG: KASAN: slab-use-after-free in _copy_from_iter+0x1416/0x15b0
[  273.949027][   T36] Read of size 4 at addr ffff88807c9fa8e8 by task kworker/u8:2/36
[  273.956844][   T36] 
[  273.959168][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G    B               6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  273.959209][   T36] Tainted: [B]=BAD_PAGE
[  273.959218][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.959237][   T36] Workqueue: events_unbound netfs_write_collection_worker
[  273.959267][   T36] Call Trace:
[  273.959276][   T36]  <TASK>
[  273.959286][   T36]  dump_stack_lvl+0x116/0x1f0
[  273.959328][   T36]  print_report+0xc3/0x670
[  273.959368][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.959401][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.959433][   T36]  ? __phys_addr+0xc6/0x150
[  273.959484][   T36]  ? _copy_from_iter+0x1416/0x15b0
[  273.959524][   T36]  kasan_report+0xe0/0x110
[  273.959569][   T36]  ? _copy_from_iter+0x1416/0x15b0
[  273.959612][   T36]  _copy_from_iter+0x1416/0x15b0
[  273.959654][   T36]  ? p9pdu_writef+0xc3/0x100
[  273.959682][   T36]  ? __pfx__copy_from_iter+0x10/0x10
[  273.959724][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.959756][   T36]  ? lock_acquire+0x2cd/0x350
[  273.959796][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.959831][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.959863][   T36]  ? __asan_memcpy+0x3c/0x60
[  273.959898][   T36]  p9pdu_vwritef+0x2da/0x1d30
[  273.959929][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.959961][   T36]  ? p9pdu_writef+0xc3/0x100
[  273.959989][   T36]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  273.960026][   T36]  ? __pfx_p9_tag_alloc+0x10/0x10
[  273.960080][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.960123][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.960160][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.960190][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960225][   T36]  p9_client_prepare_req+0x247/0x4d0
[  273.960268][   T36]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  273.960309][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960343][   T36]  ? trace_sched_exit_tp+0xde/0x130
[  273.960382][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960414][   T36]  ? __schedule+0x1186/0x5de0
[  273.960448][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960483][   T36]  p9_client_rpc+0x1c4/0xc50
[  273.960526][   T36]  ? __pfx_p9_client_rpc+0x10/0x10
[  273.960572][   T36]  ? __pfx___schedule+0x10/0x10
[  273.960607][   T36]  ? __pfx_vprintk_emit+0x10/0x10
[  273.960641][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960673][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.960704][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960737][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960773][   T36]  p9_client_write+0x245/0x6f0
[  273.960804][   T36]  ? __pfx_p9_client_write+0x10/0x10
[  273.960836][   T36]  v9fs_issue_write+0xe3/0x1b0
[  273.960874][   T36]  ? __pfx_v9fs_issue_write+0x10/0x10
[  273.960912][   T36]  ? iov_iter_advance+0x380/0x6c0
[  273.960952][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.960984][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.961016][   T36]  netfs_do_issue_write+0x95/0x110
[  273.961042][   T36]  netfs_retry_writes+0x168a/0x1a50
[  273.961071][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961105][   T36]  ? lockdep_hardirqs_on+0x7c/0x110
[  273.961146][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961189][   T36]  ? __lock_acquire+0xaa4/0x1ba0
[  273.961247][   T36]  ? __pfx_netfs_retry_writes+0x10/0x10
[  273.961279][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961311][   T36]  ? register_lock_class+0x41/0x4c0
[  273.961352][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961385][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  273.961412][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961447][   T36]  netfs_write_collection_worker+0x23fd/0x3830
[  273.961489][   T36]  process_one_work+0x9cf/0x1b70
[  273.961522][   T36]  ? __pfx_io_ring_exit_work+0x10/0x10
[  273.961554][   T36]  ? __pfx_process_one_work+0x10/0x10
[  273.961586][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961623][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961655][   T36]  ? assign_work+0x1a0/0x250
[  273.961681][   T36]  worker_thread+0x6c8/0xf10
[  273.961716][   T36]  ? __pfx_worker_thread+0x10/0x10
[  273.961743][   T36]  kthread+0x3c5/0x780
[  273.961768][   T36]  ? __pfx_kthread+0x10/0x10
[  273.961790][   T36]  ? __pfx_kthread+0x10/0x10
[  273.961813][   T36]  ? __pfx_kthread+0x10/0x10
[  273.961838][   T36]  ? __pfx_kthread+0x10/0x10
[  273.961861][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  273.961894][   T36]  ? rcu_is_watching+0x12/0xc0
[  273.961924][   T36]  ? __pfx_kthread+0x10/0x10
[  273.961949][   T36]  ret_from_fork+0x48/0x80
[  273.961974][   T36]  ? __pfx_kthread+0x10/0x10
[  273.961998][   T36]  ret_from_fork_asm+0x1a/0x30
[  273.962045][   T36]  </TASK>
[  273.962054][   T36] 
[  274.407865][   T36] Allocated by task 7048:
[  274.412196][   T36]  kasan_save_stack+0x33/0x60
[  274.416899][   T36]  kasan_save_track+0x14/0x30
[  274.421602][   T36]  __kasan_kmalloc+0xaa/0xb0
[  274.426211][   T36]  proc_self_get_link+0x1a9/0x230
[  274.431263][   T36]  step_into+0x19e7/0x2270
[  274.435699][   T36]  walk_component+0xfc/0x5b0
[  274.440307][   T36]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  274.446654][   T36]  path_openat+0x227/0x2d40
[  274.451178][   T36]  do_filp_open+0x20b/0x470
[  274.455699][   T36]  do_sys_openat2+0x11b/0x1d0
[  274.460383][   T36]  __x64_sys_openat+0x174/0x210
[  274.465241][   T36]  do_syscall_64+0xcd/0x260
[  274.469768][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.475674][   T36] 
[  274.477992][   T36] Freed by task 7048:
[  274.481967][   T36]  kasan_save_stack+0x33/0x60
[  274.486666][   T36]  kasan_save_track+0x14/0x30
[  274.491364][   T36]  kasan_save_free_info+0x3b/0x60
[  274.496399][   T36]  __kasan_slab_free+0x51/0x70
[  274.501187][   T36]  kfree+0x2b6/0x4d0
[  274.505101][   T36]  walk_component+0x1a5/0x5b0
[  274.509793][   T36]  link_path_walk.part.0.constprop.0+0x553/0xd60
[  274.516139][   T36]  path_openat+0x227/0x2d40
[  274.520665][   T36]  do_filp_open+0x20b/0x470
[  274.525189][   T36]  do_sys_openat2+0x11b/0x1d0
[  274.529871][   T36]  __x64_sys_openat+0x174/0x210
[  274.534736][   T36]  do_syscall_64+0xcd/0x260
[  274.539271][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.545173][   T36] 
[  274.547492][   T36] The buggy address belongs to the object at ffff88807c9fa8e0
[  274.547492][   T36]  which belongs to the cache kmalloc-16 of size 16
[  274.561375][   T36] The buggy address is located 8 bytes inside of
[  274.561375][   T36]  freed 16-byte region [ffff88807c9fa8e0, ffff88807c9fa8f0)
[  274.574919][   T36] 
[  274.577241][   T36] The buggy address belongs to the physical page:
[  274.583652][   T36] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807c9fa2e0 pfn:0x7c9fa
[  274.593725][   T36] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff)
[  274.601795][   T36] page_type: f5(slab)
[  274.605790][   T36] raw: 00fff00000000200 ffff88801b441640 ffffea0001e01650 ffffea0000a5e910
[  274.614394][   T36] raw: ffff88807c9fa2e0 000000000080007d 00000000f5000000 0000000000000000
[  274.622978][   T36] page dumped because: kasan: bad access detected
[  274.629384][   T36] page_owner tracks the page as allocated
[  274.635092][   T36] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5831, tgid 5831 (syz-executor), ts 142297411458, free_ts 142272017098
[  274.654825][   T36]  post_alloc_hook+0x181/0x1b0
[  274.659614][   T36]  get_page_from_freelist+0x135c/0x3920
[  274.665182][   T36]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  274.671100][   T36]  new_slab+0x94/0x340
[  274.675181][   T36]  ___slab_alloc+0xd9c/0x1940
[  274.679874][   T36]  __slab_alloc.constprop.0+0x56/0xb0
[  274.685289][   T36]  __kvmalloc_node_noprof+0x3a6/0x600
[  274.690685][   T36]  xt_replace_table+0x1e3/0x950
[  274.695587][   T36]  __do_replace+0x1cf/0x9e0
[  274.700113][   T36]  do_ipt_set_ctl+0x86d/0xae0
[  274.704817][   T36]  nf_setsockopt+0x8d/0xf0
[  274.709253][   T36]  ip_setsockopt+0xcb/0xf0
[  274.713697][   T36]  tcp_setsockopt+0xa7/0x100
[  274.718300][   T36]  do_sock_setsockopt+0x224/0x470
[  274.723354][   T36]  __sys_setsockopt+0x1a0/0x230
[  274.728226][   T36]  __x64_sys_setsockopt+0xbd/0x160
[  274.733346][   T36] page last free pid 6191 tgid 6188 stack trace:
[  274.739669][   T36]  __free_frozen_pages+0x69d/0xff0
[  274.744800][   T36]  tlb_finish_mmu+0x237/0x7b0
[  274.749496][   T36]  exit_mmap+0x403/0xb90
[  274.753758][   T36]  __mmput+0x12a/0x410
[  274.757846][   T36]  mmput+0x62/0x70
[  274.761590][   T36]  do_exit+0x9d1/0x2c30
[  274.765771][   T36]  do_group_exit+0xd3/0x2a0
[  274.770302][   T36]  get_signal+0x2673/0x26d0
[  274.774822][   T36]  arch_do_signal_or_restart+0x8f/0x7d0
[  274.780391][   T36]  syscall_exit_to_user_mode+0x150/0x2a0
[  274.786075][   T36]  do_syscall_64+0xda/0x260
[  274.790608][   T36]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.796519][   T36] 
[  274.798840][   T36] Memory state around the buggy address:
[  274.804493][   T36]  ffff88807c9fa780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  274.812560][   T36]  ffff88807c9fa800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  274.820636][   T36] >ffff88807c9fa880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  274.828695][   T36]                                                           ^
[  274.836152][   T36]  ffff88807c9fa900: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[  274.844221][   T36]  ffff88807c9fa980: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  274.852284][   T36] ==================================================================