last executing test programs: 3m16.885360644s ago: executing program 4 (id=118): madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9) 3m16.508777152s ago: executing program 4 (id=122): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) prlimit64(0x0, 0xe, 0x0, 0x0) r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3) ioctl$sock_TIOCINQ(r1, 0x541b, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40c00c0) socket$nl_netfilter(0x10, 0x3, 0xc) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2, 0x0, 0x5}, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0x0, 0x0) writev(r3, &(0x7f0000000280)=[{&(0x7f0000000000)='4', 0x1}], 0x1) clock_gettime(0xfffffffffffffffc, &(0x7f0000003a40)) syz_init_net_socket$llc(0x1a, 0x2, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@metacopy_on}]}) r4 = fsopen(&(0x7f0000000000)='qnx6\x00', 0x1) r5 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$6lowpan_control(r5, &(0x7f0000000040)='connect aa:aa:aa:aa:aa:10 2', 0x1b) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0) 3m13.85000521s ago: executing program 4 (id=127): setresuid(0x0, 0xee00, 0x0) capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6075ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x4, r2, 0x0, 0x0, 0x0) 3m13.484970853s ago: executing program 4 (id=130): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) r1 = socket$inet_sctp(0x2, 0x800000000000001, 0x84) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'hsr0\x00', 0x4}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f00000003c0)={0x1, 'batadv_slave_0\x00', 0x2}, 0x18) 3m12.182508172s ago: executing program 4 (id=133): memfd_create(&(0x7f00000001c0)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\v\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\xd5)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0) r0 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30) prctl$PR_SET_SECUREBITS(0x1c, 0x2c) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) setuid(0xee00) r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000001c0)={{}, {0x1, 0x1}, [{}], {0x4, 0x1}, [], {0x10, 0x6}}, 0x2c, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x40) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_emit_ethernet(0x32, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x2}}}}}}}, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) 3m10.250029917s ago: executing program 4 (id=142): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZrk6Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtK03U227TabZn8/OJlzzszs/5wNMztnZpgJYGC9FxHXIuJxmqbnI2Isq89lKbZbqbHco4d35xopiTS98c8kkqxu57OSbHoqW+1kRHztyxHfTJ6PW9vcWp6tVMrrWblUX1kr1Ta3LiytzC6WF8ur09NTl2euzFyamexJP09HxNUv/vUH3/3Zl67+6jO3/3Tz7+e+1WjWaDZ/bz9eUH6/ma2uF5rfxd4V1l8y2FGUb/YwM9xuiaHnau695jYBANBe4xj/gxHxyYg4H2MxtP/hLAAAAPAGSj8/Gv9LItL2TnSoBwAAAN4gueY9sEmuGBEjzXwuVyy27uH9cIzkKtVa/dML1Y3V+da9suNRyC0sVcqT2b3C41FIGuWpZv5J+eIz5emIeDsivj823CwX56qV+X6f/AAAAIABcWrP+D8XEf8Za43/AQAAgGNmvN8NAAAAAF47438AAAA4/oz/AQAA4Fj7yvXrjZTuvP96/tbmxnL11oX5cm25uLIxV5yrrq8VF6vVxeYz+1YO+rxKtbr22VjduFOql2v1Um1z6+ZKdWO1fnPpqVdgAwAAAIfo7Y/f/0MSEdufG26mhhPdrdrlYsBRld/NJdm0zWb9x7da078cUqOAQzHU7wYAfZPvdwOAvin0uwFA3yUHzO94885vs+knetseAACg9yY+2vn6f27fNbf3nw0ceTZiGFyu/8Pgal7/7/ZOXgcLcKwUHAHAwHvl6/8HStMXahAAANBzo82U5IrZ6b3RyOWKxYjTzdcCFJKFpUp5MiLeiojfjxU+0ChPNddMDhwzAAAAAAAAAAAAAAAAAAAAAAAAAAAtaZpECgAAABxrEbm/Jb9uPct/Yuzs6LPnB04k/x2L7BWht39844d3Zuv19alG/b926+s/yuov9uMMBgAAAAyEF3qB/844fWccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99Ojh3bmddJhx//GFiBhvFz8fJ5vTk1GIiJF/J5Hfs14SEUM9iD/c+PORdvGTRrN2Q7aLP9yD+Nv39o0f49m30C7+qR7Eh0F2v7H/udZu+8vFe81p++0vH/FU+WV13v/F7v5vqMP2f7rLGO88+EWpY/x7Ee/k2+9/duInHeKf6TL+N76+tdVpXvqTiIm2vz/JU7FK9ZW1Um1z68LSyuxiebG8Oj09dXnmysylmcnSwlKlnP1tG+N7H/vl4/36P9Ih/vgB/T/bZf///+DOww+1soV28c+daRP/Nz/Nlng+fi777ftUlm/Mn9jJb7fye73789+9u1//5zv0/6D//7ku+3/+q9/5c5eLAgCHoLa5tTxbqZTXj22mMUo/As2QOYKZb/f0A9M0TRvb1Ct8ThJH4WtpZvq9ZwIAAHrtyUF/v1sCAAAAAAAAAAAAAAAAAAAAg+swHif2bMzt3VzSi0doAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xPsBAAD//wdy2V0=") 2m54.454075822s ago: executing program 32 (id=142): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZrk6Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtK03U227TabZn8/OJlzzszs/5wNMztnZpgJYGC9FxHXIuJxmqbnI2Isq89lKbZbqbHco4d35xopiTS98c8kkqxu57OSbHoqW+1kRHztyxHfTJ6PW9vcWp6tVMrrWblUX1kr1Ta3LiytzC6WF8ur09NTl2euzFyamexJP09HxNUv/vUH3/3Zl67+6jO3/3Tz7+e+1WjWaDZ/bz9eUH6/ma2uF5rfxd4V1l8y2FGUb/YwM9xuiaHnau695jYBANBe4xj/gxHxyYg4H2MxtP/hLAAAAPAGSj8/Gv9LItL2TnSoBwAAAN4gueY9sEmuGBEjzXwuVyy27uH9cIzkKtVa/dML1Y3V+da9suNRyC0sVcqT2b3C41FIGuWpZv5J+eIz5emIeDsivj823CwX56qV+X6f/AAAAIABcWrP+D8XEf8Za43/AQAAgGNmvN8NAAAAAF47438AAAA4/oz/AQAA4Fj7yvXrjZTuvP96/tbmxnL11oX5cm25uLIxV5yrrq8VF6vVxeYz+1YO+rxKtbr22VjduFOql2v1Um1z6+ZKdWO1fnPpqVdgAwAAAIfo7Y/f/0MSEdufG26mhhPdrdrlYsBRld/NJdm0zWb9x7da078cUqOAQzHU7wYAfZPvdwOAvin0uwFA3yUHzO94885vs+knetseAACg9yY+2vn6f27fNbf3nw0ceTZiGFyu/8Pgal7/7/ZOXgcLcKwUHAHAwHvl6/8HStMXahAAANBzo82U5IrZ6b3RyOWKxYjTzdcCFJKFpUp5MiLeiojfjxU+0ChPNddMDhwzAAAAAAAAAAAAAAAAAAAAAAAAAAAtaZpECgAAABxrEbm/Jb9uPct/Yuzs6LPnB04k/x2L7BWht39844d3Zuv19alG/b926+s/yuov9uMMBgAAAAyEF3qB/844fWccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99Ojh3bmddJhx//GFiBhvFz8fJ5vTk1GIiJF/J5Hfs14SEUM9iD/c+PORdvGTRrN2Q7aLP9yD+Nv39o0f49m30C7+qR7Eh0F2v7H/udZu+8vFe81p++0vH/FU+WV13v/F7v5vqMP2f7rLGO88+EWpY/x7Ee/k2+9/duInHeKf6TL+N76+tdVpXvqTiIm2vz/JU7FK9ZW1Um1z68LSyuxiebG8Oj09dXnmysylmcnSwlKlnP1tG+N7H/vl4/36P9Ih/vgB/T/bZf///+DOww+1soV28c+daRP/Nz/Nlng+fi777ftUlm/Mn9jJb7fye73789+9u1//5zv0/6D//7ku+3/+q9/5c5eLAgCHoLa5tTxbqZTXj22mMUo/As2QOYKZb/f0A9M0TRvb1Ct8ThJH4WtpZvq9ZwIAAHrtyUF/v1sCAAAAAAAAAAAAAAAAAAAAg+swHif2bMzt3VzSi0doAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xPsBAAD//wdy2V0=") 38.477222578s ago: executing program 1 (id=606): syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6163746976655f6c6f67733d362c6661756c745f696e6a656374696f6e3d303030303030303030303030303030303132363600006c6c6f635f6d08006e6f61636c2c686561702c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c636f6d70726573735f63616368652c6a71666d743d7666736f6c642c006c27715578049a57a70544af8735aac0ef19142df79cebff54cc2c2975122bd1a6c9ddce762d"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf7, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x5) getdents64(r0, 0x0, 0x0) getdents64(r0, 0xfffffffffffffffe, 0x29) 32.071565922s ago: executing program 1 (id=618): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x4, 0xffe0}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4) 29.448358459s ago: executing program 1 (id=634): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) prlimit64(0x0, 0xe, 0x0, 0x0) r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3) ioctl$sock_TIOCINQ(r1, 0x541b, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40c00c0) socket$nl_netfilter(0x10, 0x3, 0xc) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2, 0x0, 0x5}, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r3, &(0x7f0000000280)=[{&(0x7f0000000000)='4', 0x1}], 0x1) clock_gettime(0xfffffffffffffffc, &(0x7f0000003a40)) syz_init_net_socket$llc(0x1a, 0x2, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@metacopy_on}]}) r4 = fsopen(&(0x7f0000000000)='qnx6\x00', 0x1) r5 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$6lowpan_control(r5, &(0x7f0000000040)='connect aa:aa:aa:aa:aa:10 2', 0x1b) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0) 20.680520536s ago: executing program 1 (id=649): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)=r1}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f0000000180)=0x20000, &(0x7f00000001c0)=r1}, 0x20) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4) 20.593228375s ago: executing program 0 (id=650): r0 = socket$tipc(0x1e, 0x2, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10) sendmsg$tipc(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc084}, 0x20000090) 19.302763467s ago: executing program 0 (id=654): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190) syz_emit_ethernet(0x0, 0x0, 0x0) 19.285313373s ago: executing program 1 (id=655): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000102, 0x0, 0x0, 0x0) 18.054544496s ago: executing program 0 (id=657): r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) connect$unix(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r5}, 0x18) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0) write$binfmt_script(r2, &(0x7f0000000080)={'#! ', '', [{0x20, '\t\t'}, {}]}, 0x8) close(r2) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) 16.989623723s ago: executing program 1 (id=660): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'}) 15.809355956s ago: executing program 6 (id=663): openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 15.724343726s ago: executing program 0 (id=664): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet6(0xa, 0x2, 0x0) getrandom(0x0, 0x0, 0x0) bind$inet6(r4, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r5, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r4}, 0x20) sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) read$eventfd(r4, 0x0, 0x0) 14.613373309s ago: executing program 6 (id=666): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) writev(r0, &(0x7f0000000480)=[{0x0}, {&(0x7f0000002580)="1a", 0x1}], 0x2) 13.21362307s ago: executing program 6 (id=670): munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000200000002000000005000000030000000100000f040003000000000000000000040000000000000c0000000000000061"], &(0x7f0000000f80)=""/4115, 0x3d, 0x1013, 0x1}, 0x28) 13.027807002s ago: executing program 0 (id=671): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000700)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x2}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0xadae, 0x7f, 0xfffffffd, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x7, 0x7ed53619, 0x5852, 0x6, 0xa8, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000001, 0x10001, 0x791, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x3, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0x80000d, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0x6, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x1, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0x1000, 0x3, 0x1, 0x6, 0x7, 0x1000008, 0x100, 0xc0000000, 0x6, 0x5, 0x6, 0x8, 0x80000001, 0x6, 0xd, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0xff, 0x5, 0x7, 0x6, 0x10007a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x6a9c41c0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xff0, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x2000001, 0x2, 0xfffffffb, 0x7, 0x8, 0x7ff, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x7, 0x6, 0x10, 0xab, 0x8, 0x80000001, 0x0, 0x0, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x0, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x38, 0x3, 0x6, 0xfffffffd, 0xffb, 0xff, 0x8000005, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x7fff, 0xac, 0xf, 0xd05, 0x800, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x8, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x80001, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x6, 0x1, 0x177, 0x7, 0x3, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x107e, 0x4, 0x235, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x8, 0xa99, 0x5, 0x5, 0x37f, 0x40, 0x6, 0xc, 0x3, 0x800, 0xd2f5, 0x40, 0x3, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x1000, 0x4, 0x0, 0x3, 0x0, 0xffff9f73, 0x6, 0x7, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x1100, 0xec0, 0x10001, 0x4, 0x2, 0x3ff, 0x3e, 0xb828, 0x3, 0x0, 0x365, 0x8, 0x8, 0x19bb, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x800092, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0xffffff37, 0x3, 0x9, 0xc, 0x3, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x1, 0x8, 0xd, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1682, 0xa252, 0x2, 0x200, 0x3, 0x4, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0xfff, 0x12, 0x632a, 0xfff, 0x8, 0x7, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1fd, 0x400003, 0x3e3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x7, 0x2, 0x101, 0x1003, 0x7, 0x0, 0x4, 0x6, 0x80100001, 0x3, 0xffffff9a, 0x2, 0xfff, 0x1, 0x5187, 0x8, 0x3, 0x70d, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x6, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x200, 0x4, 0x218e83b0, 0x2, 0x6, {0x9, 0x1, 0x1000, 0x4, 0x4, 0x401}, {0xe, 0x0, 0xc, 0x1, 0x9, 0x5}, 0x7, 0x80, 0x8}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r7) socket(0x2, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010102}}}], 0x20}}], 0x1, 0x0) 12.836821692s ago: executing program 6 (id=673): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RRENAME(r2, &(0x7f0000000140)={0x7, 0x15, 0x2}, 0x7) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000000203010100000000000000ffffff7f000800034000000000080004400000000008000540000000000900020000000000070000000800010001"], 0x40}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000604ecfe4e938302910bbd7a96390ab4165369e180708d44f43883c12c736f8ce7dbeb5e2692d1f9de0367e8707a8578e31adadff29defa0a9c19c665ddd3f164e1659d75caaeea970a26c018aa64b240f7355ffb033c5c1b93", @ANYRES16=0x0, @ANYBLOB="000a2abd7000fbdbdf25350000000a00060008021100000000000a0006000802110000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20008000}, 0x40) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001b00)=@newqdisc={0x78, 0x24, 0xd0f, 0x0, 0x25dfdbff, {0x60, 0x0, 0x0, r8, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x4, 0x1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7fffffff, 0x14, 0xfcc, 0x400, 0x9}, 0x2, 0x0, 0xc8c3, 0x40, 0x4, 0x1c, 0x11, 0x9, 0x8, 0xffffffff, {0xfffffff5, 0x4, 0xad8, 0x7, 0x4, 0x4}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) ppoll(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32=0x0], 0xb8}}, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) bind$bt_hci(0xffffffffffffffff, &(0x7f00000003c0)={0x1f, 0x3}, 0x6) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e7, &(0x7f0000000080)) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0) 8.817904177s ago: executing program 5 (id=678): capget(&(0x7f0000000040)={0x20071026}, &(0x7f0000000140)={0x5, 0x8, 0xc3f, 0x3, 0xc334, 0x6}) 7.481315672s ago: executing program 5 (id=680): r0 = socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) write(r0, &(0x7f0000000000)="240000001a005f0214f9f4070009040002000000000000010000000008000f0023000000", 0x24) 7.147154191s ago: executing program 2 (id=681): r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000004440), 0x200201, 0x0) fcntl$notify(r0, 0x406, 0x0) 5.925589289s ago: executing program 5 (id=682): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000ffffffff00000000000000001801000020586c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000005000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r2}, 0x10) sendto$inet6(r1, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 5.805523533s ago: executing program 2 (id=684): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1}, 0x50) bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r2}, 0x38) 5.633367373s ago: executing program 5 (id=686): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190) syz_emit_ethernet(0x0, 0x0, 0x0) 5.539923861s ago: executing program 2 (id=687): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f00000005c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18) socketpair(0x1d, 0x2, 0x2, &(0x7f0000000000)={0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r5) 5.455465159s ago: executing program 5 (id=688): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="03000000000000000000210000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0) 2.970413s ago: executing program 2 (id=692): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0) sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x34, r1, 0x1, 0x0, 0x0, {0x2a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4001}, 0x0) 2.888346904s ago: executing program 3 (id=693): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) ppoll(0x0, 0x0, &(0x7f0000000140)={0x0, 0x989680}, 0x0, 0x0) 2.794223643s ago: executing program 2 (id=694): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4048081) bind$can_j1939(r1, &(0x7f0000000280)={0x1d, r2, 0x0, {0x2, 0xf0, 0x3}}, 0x18) sendmsg$can_j1939(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)="ec1af6b6077bc2be6a607d60e2418d376661a671b757a64f26dc1c071870865b91fe61a4aff41b600097ad52bf3ea1e5f678e2c5bf58d39929d1ee20c3c3255938d496933d087950f0ea91b0cae461ebce102f7a56079f086cc2f47a2b1d94119c58ae074243f7cc89783fa735a8e3d4d124aeed90b4c7cda35b89", 0x7b}, 0x1, 0x0, 0x0, 0xc004}, 0x40080) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x74, r2, {0xb, 0xffeb}, {0xfff1, 0xfff2}, {0x7, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x20000050) 2.644329772s ago: executing program 3 (id=695): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000040)=0xe, 0x2) ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000040)) 2.490617648s ago: executing program 3 (id=696): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x18) r3 = socket$inet6(0xa, 0x2, 0x0) getrandom(0x0, 0x0, 0x0) bind$inet6(r3, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r4, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r3}, 0x20) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) read$eventfd(r3, 0x0, 0x0) 1.332240211s ago: executing program 33 (id=660): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'}) 1.24404757s ago: executing program 3 (id=698): r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0) unshare(0x20000400) copy_file_range(r0, 0x0, r0, 0x0, 0x0, 0x0) 1.062330283s ago: executing program 3 (id=699): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/address_bits', 0x82002, 0x105) io_setup(0x20, &(0x7f0000001140)=0x0) io_submit(r1, 0x1, &(0x7f00000005c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x8, r0, &(0x7f0000000000)="9254", 0x2, 0xc}]) 780.205712ms ago: executing program 6 (id=700): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000004c0)={'bridge_slave_1\x00', 0x400}) 588.873033ms ago: executing program 5 (id=701): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190) syz_emit_ethernet(0x42, &(0x7f0000000900)={@multicast, @remote, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0xff, @remote, @mcast2, {[], @mlv2_report={0x8f, 0x0, 0x0, 0xfff7}}}}}}, 0x0) 588.536353ms ago: executing program 3 (id=702): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78) 551.1324ms ago: executing program 2 (id=703): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = syz_open_procfs$namespace(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)}], 0x1) ioctl$NS_GET_USERNS(r0, 0xb701, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) 328.739607ms ago: executing program 0 (id=704): write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x3e, 0x229, 0x0, 0xfffffffd, {0xa}}, 0x14}, 0x1, 0x6000000}, 0x0) 0s ago: executing program 6 (id=705): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f00000005c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18) socketpair(0x1d, 0x2, 0x2, &(0x7f0000000000)={0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) kernel console output (not intermixed with test programs): 4][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 115.072462][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 115.080667][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 115.088913][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 115.099322][ T5846] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 115.114335][ T5849] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 115.122386][ T5849] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 115.145066][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 115.992076][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 116.150574][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 116.200841][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 116.309401][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 116.411657][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 116.507270][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.516413][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.524226][ T5826] bridge_slave_0: entered allmulticast mode [ 116.532148][ T5826] bridge_slave_0: entered promiscuous mode [ 116.598010][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.606192][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.613472][ T5826] bridge_slave_1: entered allmulticast mode [ 116.621730][ T5826] bridge_slave_1: entered promiscuous mode [ 116.720395][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.728074][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.735777][ T5828] bridge_slave_0: entered allmulticast mode [ 116.743469][ T5828] bridge_slave_0: entered promiscuous mode [ 116.827167][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.834658][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.841928][ T5828] bridge_slave_1: entered allmulticast mode [ 116.850014][ T5828] bridge_slave_1: entered promiscuous mode [ 116.857148][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.864486][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.871782][ T5837] bridge_slave_0: entered allmulticast mode [ 116.879851][ T5837] bridge_slave_0: entered promiscuous mode [ 116.898527][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.908145][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 116.924991][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.942019][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.949394][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.956926][ T5832] bridge_slave_0: entered allmulticast mode [ 116.964790][ T5832] bridge_slave_0: entered promiscuous mode [ 117.006411][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.013919][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.021359][ T5837] bridge_slave_1: entered allmulticast mode [ 117.029730][ T5837] bridge_slave_1: entered promiscuous mode [ 117.070194][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.078936][ T5835] Bluetooth: hci0: command tx timeout [ 117.079187][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.091727][ T5832] bridge_slave_1: entered allmulticast mode [ 117.099739][ T5832] bridge_slave_1: entered promiscuous mode [ 117.110133][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 117.155157][ T5849] Bluetooth: hci3: command tx timeout [ 117.155187][ T5839] Bluetooth: hci4: command tx timeout [ 117.155430][ T5846] Bluetooth: hci5: command tx timeout [ 117.160835][ T5835] Bluetooth: hci1: command tx timeout [ 117.212533][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 117.234133][ T5835] Bluetooth: hci2: command tx timeout [ 117.259435][ T5826] team0: Port device team_slave_0 added [ 117.305593][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 117.319549][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 117.329135][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.336462][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.344578][ T5833] bridge_slave_0: entered allmulticast mode [ 117.352176][ T5833] bridge_slave_0: entered promiscuous mode [ 117.361789][ T5826] team0: Port device team_slave_1 added [ 117.378522][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 117.419446][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.426974][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.435228][ T5833] bridge_slave_1: entered allmulticast mode [ 117.442987][ T5833] bridge_slave_1: entered promiscuous mode [ 117.476258][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 117.504505][ T5828] team0: Port device team_slave_0 added [ 117.588510][ T5828] team0: Port device team_slave_1 added [ 117.612617][ T5837] team0: Port device team_slave_0 added [ 117.634769][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 117.641846][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 117.668093][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 117.697336][ T5832] team0: Port device team_slave_0 added [ 117.703592][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.711068][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.718436][ T5827] bridge_slave_0: entered allmulticast mode [ 117.726911][ T5827] bridge_slave_0: entered promiscuous mode [ 117.753054][ T5837] team0: Port device team_slave_1 added [ 117.762231][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 117.772232][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 117.779564][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 117.805623][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 117.818946][ T5832] team0: Port device team_slave_1 added [ 117.825861][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.833056][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.840809][ T5827] bridge_slave_1: entered allmulticast mode [ 117.848975][ T5827] bridge_slave_1: entered promiscuous mode [ 117.856850][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 117.864065][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 117.890380][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 117.918713][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 118.005574][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.012567][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.038598][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 118.125897][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 118.140760][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 118.159113][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 118.166208][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.192364][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 118.206836][ T5833] team0: Port device team_slave_0 added [ 118.228994][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 118.236243][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.262956][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 118.307974][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.315072][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.341397][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 118.354987][ T5833] team0: Port device team_slave_1 added [ 118.369144][ T5826] hsr_slave_0: entered promiscuous mode [ 118.376900][ T5826] hsr_slave_1: entered promiscuous mode [ 118.384406][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.391398][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.417397][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 118.439146][ T5827] team0: Port device team_slave_0 added [ 118.454705][ T5827] team0: Port device team_slave_1 added [ 118.495363][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 118.502374][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.528670][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 118.542302][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.549874][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.576409][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 118.679418][ T5828] hsr_slave_0: entered promiscuous mode [ 118.686002][ T5828] hsr_slave_1: entered promiscuous mode [ 118.692330][ T5828] debugfs: 'hsr0' already exists in 'hsr' [ 118.698506][ T5828] Cannot create hsr debugfs directory [ 118.720088][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 118.727397][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.754874][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 118.840639][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.848015][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 118.874318][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 118.893099][ T5832] hsr_slave_0: entered promiscuous mode [ 118.899882][ T5832] hsr_slave_1: entered promiscuous mode [ 118.906417][ T5832] debugfs: 'hsr0' already exists in 'hsr' [ 118.912182][ T5832] Cannot create hsr debugfs directory [ 118.940221][ T5837] hsr_slave_0: entered promiscuous mode [ 118.946970][ T5837] hsr_slave_1: entered promiscuous mode [ 118.953239][ T5837] debugfs: 'hsr0' already exists in 'hsr' [ 118.959045][ T5837] Cannot create hsr debugfs directory [ 119.023246][ T5833] hsr_slave_0: entered promiscuous mode [ 119.030346][ T5833] hsr_slave_1: entered promiscuous mode [ 119.036905][ T5833] debugfs: 'hsr0' already exists in 'hsr' [ 119.042637][ T5833] Cannot create hsr debugfs directory [ 119.154250][ T5835] Bluetooth: hci0: command tx timeout [ 119.234199][ T5846] Bluetooth: hci3: command tx timeout [ 119.234257][ T5839] Bluetooth: hci4: command tx timeout [ 119.245084][ T5835] Bluetooth: hci1: command tx timeout [ 119.251734][ T5849] Bluetooth: hci5: command tx timeout [ 119.314166][ T5849] Bluetooth: hci2: command tx timeout [ 119.330442][ T5827] hsr_slave_0: entered promiscuous mode [ 119.337236][ T5827] hsr_slave_1: entered promiscuous mode [ 119.343722][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 119.349586][ T5827] Cannot create hsr debugfs directory [ 119.886529][ T5828] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 119.903497][ T5828] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 119.915979][ T5828] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 119.939269][ T5828] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 120.022983][ T5826] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 120.038329][ T5826] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 120.050511][ T5826] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 120.062388][ T5826] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 120.153093][ T5832] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 120.176298][ T5832] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 120.197685][ T5832] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 120.210062][ T5832] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 120.336009][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 120.382984][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 120.396933][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 120.411349][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 120.447353][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.535729][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 120.549298][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 120.561613][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 120.573589][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 120.677627][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.719844][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.727436][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.764382][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.782401][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 120.801684][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 120.833527][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 120.849817][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.857079][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.872469][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.886033][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 120.907916][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.966863][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.974114][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.018895][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.035506][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.042731][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.077313][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.084636][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.139689][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.173476][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.180697][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.227098][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.237646][ T5849] Bluetooth: hci0: command tx timeout [ 121.314401][ T5849] Bluetooth: hci1: command tx timeout [ 121.319871][ T5849] Bluetooth: hci3: command tx timeout [ 121.326198][ T5839] Bluetooth: hci5: command tx timeout [ 121.327282][ T5835] Bluetooth: hci4: command tx timeout [ 121.367656][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.394451][ T5835] Bluetooth: hci2: command tx timeout [ 121.411077][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.440775][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.448023][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.498480][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.505718][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.524562][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.531914][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.580824][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.588074][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.647004][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.769614][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.796813][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.830130][ T5837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 121.892130][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.899422][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.992958][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.000219][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.377850][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.527083][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.550149][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.840012][ T5837] veth0_vlan: entered promiscuous mode [ 122.869994][ T5832] veth0_vlan: entered promiscuous mode [ 122.936479][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.949027][ T5832] veth1_vlan: entered promiscuous mode [ 122.958871][ T5837] veth1_vlan: entered promiscuous mode [ 123.045616][ T5828] veth0_vlan: entered promiscuous mode [ 123.071814][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.093664][ T5828] veth1_vlan: entered promiscuous mode [ 123.188930][ T5832] veth0_macvtap: entered promiscuous mode [ 123.226372][ T5832] veth1_macvtap: entered promiscuous mode [ 123.249571][ T5837] veth0_macvtap: entered promiscuous mode [ 123.278684][ T5837] veth1_macvtap: entered promiscuous mode [ 123.303512][ T5833] veth0_vlan: entered promiscuous mode [ 123.315002][ T5835] Bluetooth: hci0: command tx timeout [ 123.328411][ T5828] veth0_macvtap: entered promiscuous mode [ 123.353357][ T5833] veth1_vlan: entered promiscuous mode [ 123.361915][ T5828] veth1_macvtap: entered promiscuous mode [ 123.394606][ T5846] Bluetooth: hci5: command tx timeout [ 123.394887][ T5849] Bluetooth: hci4: command tx timeout [ 123.400070][ T5846] Bluetooth: hci1: command tx timeout [ 123.412406][ T5835] Bluetooth: hci3: command tx timeout [ 123.422960][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.449648][ T5826] veth0_vlan: entered promiscuous mode [ 123.462130][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 123.476668][ T5835] Bluetooth: hci2: command tx timeout [ 123.485377][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.511222][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.520821][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 123.539799][ T5827] veth0_vlan: entered promiscuous mode [ 123.558276][ T5826] veth1_vlan: entered promiscuous mode [ 123.566400][ T50] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.577068][ T50] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.598147][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 123.618636][ T50] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.627619][ T50] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.677624][ T50] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.686636][ T50] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.703589][ T5827] veth1_vlan: entered promiscuous mode [ 123.719335][ T50] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.728677][ T50] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.744323][ T5833] veth0_macvtap: entered promiscuous mode [ 123.764297][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.793303][ T5833] veth1_macvtap: entered promiscuous mode [ 123.812216][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.821338][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.857740][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.910859][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.934915][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.957348][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.997089][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.036020][ T5826] veth0_macvtap: entered promiscuous mode [ 124.051705][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.064088][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.072902][ T5826] veth1_macvtap: entered promiscuous mode [ 124.091689][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.103603][ T5827] veth0_macvtap: entered promiscuous mode [ 124.129527][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.140759][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.158179][ T5827] veth1_macvtap: entered promiscuous mode [ 124.169945][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.189746][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.198143][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.269980][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 124.292623][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 124.342850][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.350684][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.368214][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 124.383874][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.490331][ T36] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.505364][ T36] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.523638][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.535355][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.555933][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.588393][ T36] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.704772][ T36] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.766713][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.767442][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.787311][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.910798][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.929895][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.964020][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.977394][ T5974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.987802][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.989499][ T5974] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.004508][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.285838][ T5974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.293724][ T5974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.320648][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.383919][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.620860][ T5974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.656210][ T5974] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.850094][ T5974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.893971][ T5974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.132909][ T6003] netlink: 'syz.4.15': attribute type 29 has an invalid length. [ 126.162082][ T6003] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15'. [ 126.825207][ C0] Unknown status report in ack skb [ 127.071382][ T6022] loop3: detected capacity change from 0 to 512 [ 127.087783][ T6022] ======================================================= [ 127.087783][ T6022] WARNING: The mand mount option has been deprecated and [ 127.087783][ T6022] and is ignored by this kernel. Remove the mand [ 127.087783][ T6022] option from the mount to silence this warning. [ 127.087783][ T6022] ======================================================= [ 127.230627][ T6022] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 127.277818][ T6022] EXT4-fs (loop3): orphan cleanup on readonly fs [ 127.321641][ T6022] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.20: bg 0: block 248: padding at end of block bitmap is not set [ 127.371450][ T6022] Quota error (device loop3): write_blk: dquota write failed [ 127.379873][ T6022] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 127.390472][ T6022] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.20: Failed to acquire dquot type 1 [ 127.507732][ T6022] EXT4-fs (loop3): 1 truncate cleaned up [ 127.680082][ T6022] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 128.058200][ T6028] netlink: 32 bytes leftover after parsing attributes in process `syz.1.22'. [ 129.693626][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.778346][ T6053] 9pnet: Could not find request transport: f [ 130.008210][ T6062] Cannot find set identified by id 1 to match [ 130.239703][ T6068] process 'syz.3.33' launched '/dev/fd/4' with NULL argv: empty string added [ 130.989963][ T6089] syzkaller0: entered promiscuous mode [ 131.023939][ T6089] syzkaller0: entered allmulticast mode [ 131.060667][ T6099] Zero length message leads to an empty skb [ 132.123434][ T6124] 9pnet: Could not find request transport: f [ 133.093869][ T6156] syz.1.58 uses obsolete (PF_INET,SOCK_PACKET) [ 133.155149][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 133.361151][ T6163] syzkaller0: entered promiscuous mode [ 133.486516][ T6163] syzkaller0: entered allmulticast mode [ 133.737200][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 134.579980][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 135.263903][ T6198] warning: `syz.2.67' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 135.369360][ T6208] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 137.037610][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 137.064476][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 137.079852][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 138.362687][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 138.376391][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 138.576266][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 138.590657][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 139.226814][ T6259] netlink: 180 bytes leftover after parsing attributes in process `syz.2.86'. [ 139.276925][ T6259] netlink: 180 bytes leftover after parsing attributes in process `syz.2.86'. [ 139.755909][ T6269] mmap: syz.0.88 (6269) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 140.212356][ T6285] Driver unsupported XDP return value 0 on prog (id 18) dev N/A, expect packet loss! [ 141.698576][ T6305] loop2: detected capacity change from 0 to 512 [ 142.201696][ T6305] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 144.596307][ T6302] tty tty29: ldisc open failed (-12), clearing slot 28 [ 144.625816][ T6305] EXT4-fs (loop2): orphan cleanup on readonly fs [ 144.664107][ T6305] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.101: bg 0: block 248: padding at end of block bitmap is not set [ 144.681026][ T6305] Quota error (device loop2): write_blk: dquota write failed [ 144.688794][ T6305] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 144.699035][ T6305] EXT4-fs error (device loop2): ext4_acquire_dquot:6943: comm syz.2.101: Failed to acquire dquot type 1 [ 144.728954][ T6305] EXT4-fs (loop2): 1 truncate cleaned up [ 145.448311][ T6305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 145.704454][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.192209][ T6332] fuse: Invalid rootmode [ 146.818828][ T6350] syzkaller0: entered promiscuous mode [ 146.868612][ T6350] syzkaller0: entered allmulticast mode [ 147.895822][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 149.181281][ T6371] netlink: 596 bytes leftover after parsing attributes in process `syz.0.123'. [ 149.377888][ T6371] unsupported nlmsg_type 40 [ 151.114681][ T6390] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 151.149205][ T6389] IPVS: stopping master sync thread 6390 ... [ 151.429583][ T5924] IPVS: starting estimator thread 0... [ 151.466773][ T6398] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.132'. [ 151.534929][ T6398] openvswitch: netlink: Missing key (keys=40, expected=100) [ 151.564042][ T6400] IPVS: using max 25 ests per chain, 60000 per kthread [ 151.894382][ T6413] netlink: 12 bytes leftover after parsing attributes in process `syz.3.136'. [ 153.589940][ T6438] loop5: detected capacity change from 0 to 512 [ 153.647899][ T6438] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 153.663310][ T6440] loop4: detected capacity change from 0 to 512 [ 153.710794][ T6438] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 153.741051][ T6438] EXT4-fs (loop5): SIPHASH is not a valid default hash value [ 153.774508][ T6440] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 153.839736][ T6440] EXT4-fs (loop4): orphan cleanup on readonly fs [ 153.866438][ T6440] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.142: bg 0: block 248: padding at end of block bitmap is not set [ 153.922285][ T6440] Quota error (device loop4): write_blk: dquota write failed [ 154.034230][ T6440] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 154.101701][ T6448] IPVS: stopping master sync thread 6449 ... [ 154.107911][ T6449] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 154.155777][ T6440] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.142: Failed to acquire dquot type 1 [ 154.203259][ T6440] EXT4-fs (loop4): 1 truncate cleaned up [ 154.323368][ T6440] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 154.680719][ T6457] fuse: Unknown parameter '0x0000000000000004' [ 154.739269][ T6452] loop0: detected capacity change from 0 to 4096 [ 154.778542][ T6452] EXT4-fs: Ignoring removed mblk_io_submit option [ 154.828300][ T6452] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 154.873197][ T6452] EXT4-fs (loop0): Test dummy encryption mode enabled [ 154.899180][ T6452] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal [ 156.814336][ T5924] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 157.013565][ T5924] usb 2-1: config 0 has an invalid interface number: 71 but max is 0 [ 157.048354][ T5924] usb 2-1: config 0 has no interface number 0 [ 157.060334][ T5924] usb 2-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice=7f.aa [ 157.074059][ T6484] loop5: detected capacity change from 0 to 2048 [ 157.112808][ T5924] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.121311][ T6484] EXT4-fs: inline encryption not supported [ 157.161340][ T5924] usb 2-1: config 0 descriptor?? [ 157.196785][ T6484] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.258845][ T5924] usb 2-1: unknown interface protocol 0xd, assuming v1 [ 157.336084][ T5924] usb 2-1: cannot find UAC_HEADER [ 157.382479][ T6484] syz_tun: entered allmulticast mode [ 157.435224][ T6482] syz_tun: left allmulticast mode [ 157.503401][ T5924] snd-usb-audio 2-1:0.71: probe with driver snd-usb-audio failed with error -22 [ 157.589412][ T5834] udevd[5834]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.71/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 157.606485][ T5924] usb 2-1: USB disconnect, device number 2 [ 157.678870][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.916043][ T6501] tipc: Started in network mode [ 157.922199][ T6501] tipc: Node identity eae399e36d93, cluster identity 4711 [ 157.985387][ T6501] tipc: Enabled bearer , priority 0 [ 158.017139][ T6504] syzkaller0: entered promiscuous mode [ 158.040981][ T6504] syzkaller0: entered allmulticast mode [ 158.203435][ T6497] tipc: Resetting bearer [ 158.211052][ T6510] loop1: detected capacity change from 0 to 128 [ 158.268938][ T6496] tipc: Resetting bearer [ 158.327435][ T6510] FAT-fs (loop1): error, invalid access to FAT (entry 0x0fff0000) [ 158.354073][ T6510] FAT-fs (loop1): Filesystem has been set read-only [ 158.369858][ T6496] tipc: Disabling bearer [ 158.377397][ T6510] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 159.759257][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.2.173'. [ 161.181656][ T6536] loop3: detected capacity change from 0 to 2048 [ 161.247071][ T6536] EXT4-fs: inline encryption not supported [ 161.323202][ T6536] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.517322][ T6536] syz_tun: entered allmulticast mode [ 161.556084][ T6535] syz_tun: left allmulticast mode [ 161.632630][ T6549] loop1: detected capacity change from 0 to 512 [ 161.721122][ T6549] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.055220][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.540059][ T6593] netlink: 8 bytes leftover after parsing attributes in process `syz.2.193'. [ 167.401500][ T6593] syz.2.193 (6593) used greatest stack depth: 18472 bytes left [ 167.706843][ T6596] loop3: detected capacity change from 0 to 256 [ 167.800188][ T6596] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 167.884160][ T6596] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 167.908499][ T6596] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 167.979986][ T6596] exFAT-fs (loop3): failed to load alloc-bitmap [ 168.006453][ T6596] exFAT-fs (loop3): failed to recognize exfat type [ 169.446695][ T5828] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.493379][ T6615] loop2: detected capacity change from 0 to 2048 [ 169.657784][ T6615] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.744204][ T6615] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 169.971797][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.198729][ T6605] loop3: detected capacity change from 0 to 128 [ 170.255056][ T6605] ext4: Unknown parameter 'seclabel' [ 170.290986][ T6628] capability: warning: `syz.2.209' uses deprecated v2 capabilities in a way that may be insecure [ 170.346852][ T5827] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.756075][ T5846] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 170.766413][ T5846] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 170.774996][ T5846] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 170.802457][ T5846] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 170.815056][ T5846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 171.344470][ T30] audit: type=1326 audit(1763609390.376:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.403329][ T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.423998][ T30] audit: type=1326 audit(1763609390.406:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.474617][ T30] audit: type=1326 audit(1763609390.416:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.499601][ T30] audit: type=1326 audit(1763609390.416:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.531187][ T6645] syzkaller0: entered promiscuous mode [ 171.538699][ T6645] syzkaller0: entered allmulticast mode [ 171.563961][ T30] audit: type=1326 audit(1763609390.416:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.633119][ T30] audit: type=1326 audit(1763609390.416:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.723400][ T30] audit: type=1326 audit(1763609390.426:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.814854][ T30] audit: type=1326 audit(1763609390.436:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.913911][ T30] audit: type=1326 audit(1763609390.456:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 171.993232][ T30] audit: type=1326 audit(1763609390.456:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.1.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fd34698f749 code=0x7ffc0000 [ 172.468450][ T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.707019][ T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.810385][ T6663] syz.3.224 (6663): /proc/6661/oom_adj is deprecated, please use /proc/6661/oom_score_adj instead. [ 172.838492][ T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.926035][ T5835] Bluetooth: hci6: command tx timeout [ 173.690258][ T6631] chnl_net:caif_netlink_parms(): no params data found [ 173.796880][ T6651] loop0: detected capacity change from 0 to 40427 [ 173.817894][ T36] bridge_slave_1: left allmulticast mode [ 173.828925][ T6651] F2FS-fs (loop0): build fault injection rate: 174 [ 173.839456][ T6651] F2FS-fs (loop0): build fault injection type: 0x3bfe8c [ 173.842498][ T36] bridge_slave_1: left promiscuous mode [ 173.877948][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.941212][ T36] bridge_slave_0: left allmulticast mode [ 173.953368][ T36] bridge_slave_0: left promiscuous mode [ 173.987028][ T6651] F2FS-fs (loop0): invalid crc value [ 173.998909][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.390908][ T6651] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 174.473434][ T6651] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 174.614306][ T6651] syz.0.219: attempt to access beyond end of device [ 174.614306][ T6651] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 174.687045][ T6651] CPU: 1 UID: 0 PID: 6651 Comm: syz.0.219 Not tainted syzkaller #0 PREEMPT(full) [ 174.687097][ T6651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 174.687124][ T6651] Call Trace: [ 174.687149][ T6651] [ 174.687167][ T6651] dump_stack_lvl+0x16c/0x1f0 [ 174.687232][ T6651] f2fs_handle_critical_error+0x624/0x9f0 [ 174.687281][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.687329][ T6651] ? f2fs_build_fault_attr+0x53/0x1f0 [ 174.687404][ T6651] f2fs_write_end_io+0x958/0xcf0 [ 174.687457][ T6651] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 174.687509][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.687564][ T6651] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 174.687608][ T6651] bio_endio+0x713/0x860 [ 174.687663][ T6651] submit_bio_noacct+0x306/0x1f60 [ 174.687716][ T6651] __submit_merged_bio+0x33c/0x770 [ 174.687778][ T6651] __submit_merged_write_cond+0x319/0x3f0 [ 174.687839][ T6651] f2fs_write_cache_pages+0x2067/0x2570 [ 174.687950][ T6651] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 174.688003][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688061][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688108][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688157][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688205][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688251][ T6651] ? rcu_is_watching+0x12/0xc0 [ 174.688302][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688370][ T6651] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 174.688494][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688540][ T6651] ? add_lock_to_list+0x9d/0x130 [ 174.688600][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688655][ T6651] f2fs_write_data_pages+0x4ad/0xd90 [ 174.688739][ T6651] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 174.688807][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688868][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.688914][ T6651] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 174.688973][ T6651] do_writepages+0x27a/0x600 [ 174.689021][ T6651] ? __pfx_do_writepages+0x10/0x10 [ 174.689059][ T6651] ? do_raw_spin_unlock+0x172/0x230 [ 174.689104][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.689150][ T6651] ? _raw_spin_unlock+0x28/0x50 [ 174.689200][ T6651] filemap_fdatawrite_wbc+0x104/0x160 [ 174.689241][ T6651] ? __pfx_stack_trace_save+0x10/0x10 [ 174.689299][ T6651] __filemap_fdatawrite_range+0xb9/0x100 [ 174.689354][ T6651] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 174.689409][ T6651] ? check_path.constprop.0+0x24/0x50 [ 174.689519][ T6651] ? find_held_lock+0x2b/0x80 [ 174.689571][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.689618][ T6651] ? do_raw_spin_unlock+0x172/0x230 [ 174.689663][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.689716][ T6651] f2fs_sync_dirty_inodes+0x2a2/0x980 [ 174.689800][ T6651] block_operations+0x2b0/0xfe0 [ 174.689860][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.689924][ T6651] ? __pfx_block_operations+0x10/0x10 [ 174.690037][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.690091][ T6651] ? ktime_get+0x200/0x310 [ 174.690147][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.690193][ T6651] ? lockdep_hardirqs_on+0x7c/0x110 [ 174.690244][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.690291][ T6651] ? rcu_is_watching+0x12/0xc0 [ 174.690348][ T6651] f2fs_write_checkpoint+0x32b/0x5300 [ 174.690411][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.690460][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.690506][ T6651] ? down_write+0x14d/0x200 [ 174.690562][ T6651] ? __pfx_down_write+0x10/0x10 [ 174.690616][ T6651] ? check_path.constprop.0+0x24/0x50 [ 174.690685][ T6651] f2fs_issue_checkpoint+0x17b/0x5a0 [ 174.690754][ T6651] ? __pfx_f2fs_issue_checkpoint+0x10/0x10 [ 174.690812][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.690857][ T6651] ? __lock_acquire+0x1053/0x1c90 [ 174.690964][ T6651] ? down_read+0x13d/0x480 [ 174.691017][ T6651] ? do_raw_spin_lock+0x12c/0x2b0 [ 174.691061][ T6651] ? __pfx___up_read+0x10/0x10 [ 174.691138][ T6651] f2fs_sync_fs+0x22b/0x400 [ 174.691205][ T6651] f2fs_do_sync_file+0xc5d/0x1c50 [ 174.691256][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691303][ T6651] ? __pfx_f2fs_do_sync_file+0x10/0x10 [ 174.691343][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691447][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691494][ T6651] ? down_write+0x14d/0x200 [ 174.691549][ T6651] ? __pfx_down_write+0x10/0x10 [ 174.691609][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691664][ T6651] __f2fs_ioctl+0x4370/0xa440 [ 174.691712][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691769][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691815][ T6651] ? find_held_lock+0x2b/0x80 [ 174.691865][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691921][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.691967][ T6651] ? tomoyo_path_number_perm+0x18d/0x580 [ 174.692036][ T6651] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 174.692101][ T6651] ? __pfx___f2fs_ioctl+0x10/0x10 [ 174.692160][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.692206][ T6651] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 174.692261][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.692307][ T6651] ? do_vfs_ioctl+0x128/0x14f0 [ 174.692358][ T6651] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 174.692429][ T6651] f2fs_ioctl+0x1f5/0x700 [ 174.692479][ T6651] ? __pfx_f2fs_ioctl+0x10/0x10 [ 174.692524][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 174.692578][ T6651] ? __fget_files+0x20e/0x3c0 [ 174.692647][ T6651] ? __pfx_f2fs_ioctl+0x10/0x10 [ 174.692695][ T6651] __x64_sys_ioctl+0x18e/0x210 [ 174.692758][ T6651] do_syscall_64+0xcd/0xfa0 [ 174.692811][ T6651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.692849][ T6651] RIP: 0033:0x7f690578f749 [ 174.692878][ T6651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.692914][ T6651] RSP: 002b:00007f69065d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 174.692960][ T6651] RAX: ffffffffffffffda RBX: 00007f69059e5fa0 RCX: 00007f690578f749 [ 174.692985][ T6651] RDX: 0000000000000000 RSI: 000000000000f502 RDI: 0000000000000005 [ 174.693008][ T6651] RBP: 00007f6905813f91 R08: 0000000000000000 R09: 0000000000000000 [ 174.693031][ T6651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.693054][ T6651] R13: 00007f69059e6038 R14: 00007f69059e5fa0 R15: 00007fff21022938 [ 174.693106][ T6651] [ 175.319710][ T6651] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 175.333056][ T6651] CPU: 1 UID: 0 PID: 6651 Comm: syz.0.219 Not tainted syzkaller #0 PREEMPT(full) [ 175.333091][ T6651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 175.333108][ T6651] Call Trace: [ 175.333117][ T6651] [ 175.333127][ T6651] dump_stack_lvl+0x16c/0x1f0 [ 175.333170][ T6651] f2fs_handle_critical_error+0x624/0x9f0 [ 175.333205][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.333240][ T6651] ? f2fs_build_fault_attr+0x53/0x1f0 [ 175.333312][ T6651] f2fs_write_end_io+0x958/0xcf0 [ 175.333363][ T6651] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 175.333415][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.333470][ T6651] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 175.333515][ T6651] bio_endio+0x713/0x860 [ 175.333573][ T6651] submit_bio_noacct+0x306/0x1f60 [ 175.333626][ T6651] __submit_merged_bio+0x33c/0x770 [ 175.333678][ T6651] __submit_merged_write_cond+0x319/0x3f0 [ 175.333747][ T6651] f2fs_write_cache_pages+0x2067/0x2570 [ 175.333832][ T6651] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 175.333884][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.333938][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.333985][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334045][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334093][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334138][ T6651] ? rcu_is_watching+0x12/0xc0 [ 175.334189][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334258][ T6651] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 175.334381][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334427][ T6651] ? add_lock_to_list+0x9d/0x130 [ 175.334487][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334542][ T6651] f2fs_write_data_pages+0x4ad/0xd90 [ 175.334606][ T6651] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 175.334679][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334735][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.334781][ T6651] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 175.334839][ T6651] do_writepages+0x27a/0x600 [ 175.334886][ T6651] ? __pfx_do_writepages+0x10/0x10 [ 175.334923][ T6651] ? do_raw_spin_unlock+0x172/0x230 [ 175.334968][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.335013][ T6651] ? _raw_spin_unlock+0x28/0x50 [ 175.335063][ T6651] filemap_fdatawrite_wbc+0x104/0x160 [ 175.335102][ T6651] ? __pfx_stack_trace_save+0x10/0x10 [ 175.335159][ T6651] __filemap_fdatawrite_range+0xb9/0x100 [ 175.335214][ T6651] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 175.335268][ T6651] ? check_path.constprop.0+0x24/0x50 [ 175.335376][ T6651] ? find_held_lock+0x2b/0x80 [ 175.335414][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.335468][ T6651] ? do_raw_spin_unlock+0x172/0x230 [ 175.335500][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.335539][ T6651] f2fs_sync_dirty_inodes+0x2a2/0x980 [ 175.335596][ T6651] block_operations+0x2b0/0xfe0 [ 175.335634][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.335678][ T6651] ? __pfx_block_operations+0x10/0x10 [ 175.335774][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.335810][ T6651] ? ktime_get+0x200/0x310 [ 175.335850][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.335883][ T6651] ? lockdep_hardirqs_on+0x7c/0x110 [ 175.335919][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.335952][ T6651] ? rcu_is_watching+0x12/0xc0 [ 175.335994][ T6651] f2fs_write_checkpoint+0x32b/0x5300 [ 175.336040][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.336075][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.336108][ T6651] ? down_write+0x14d/0x200 [ 175.336149][ T6651] ? __pfx_down_write+0x10/0x10 [ 175.336187][ T6651] ? check_path.constprop.0+0x24/0x50 [ 175.336238][ T6651] f2fs_issue_checkpoint+0x17b/0x5a0 [ 175.336282][ T6651] ? __pfx_f2fs_issue_checkpoint+0x10/0x10 [ 175.336323][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.336356][ T6651] ? __lock_acquire+0x1053/0x1c90 [ 175.336436][ T6651] ? down_read+0x13d/0x480 [ 175.336475][ T6651] ? do_raw_spin_lock+0x12c/0x2b0 [ 175.336506][ T6651] ? __pfx___up_read+0x10/0x10 [ 175.336543][ T6651] f2fs_sync_fs+0x22b/0x400 [ 175.336587][ T6651] f2fs_do_sync_file+0xc5d/0x1c50 [ 175.336625][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.336659][ T6651] ? __pfx_f2fs_do_sync_file+0x10/0x10 [ 175.336688][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.336773][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.336806][ T6651] ? down_write+0x14d/0x200 [ 175.336853][ T6651] ? __pfx_down_write+0x10/0x10 [ 175.336897][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.336937][ T6651] __f2fs_ioctl+0x4370/0xa440 [ 175.336971][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.337007][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.337040][ T6651] ? find_held_lock+0x2b/0x80 [ 175.337077][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.337118][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.337150][ T6651] ? tomoyo_path_number_perm+0x18d/0x580 [ 175.337201][ T6651] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 175.337248][ T6651] ? __pfx___f2fs_ioctl+0x10/0x10 [ 175.337292][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.337325][ T6651] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 175.337364][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.337396][ T6651] ? do_vfs_ioctl+0x128/0x14f0 [ 175.337433][ T6651] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 175.337486][ T6651] f2fs_ioctl+0x1f5/0x700 [ 175.337521][ T6651] ? __pfx_f2fs_ioctl+0x10/0x10 [ 175.337553][ T6651] ? srso_alias_return_thunk+0x5/0xfbef5 [ 175.337586][ T6651] ? __fget_files+0x20e/0x3c0 [ 175.337636][ T6651] ? __pfx_f2fs_ioctl+0x10/0x10 [ 175.337672][ T6651] __x64_sys_ioctl+0x18e/0x210 [ 175.337715][ T6651] do_syscall_64+0xcd/0xfa0 [ 175.337755][ T6651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.337783][ T6651] RIP: 0033:0x7f690578f749 [ 175.337805][ T6651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.337832][ T6651] RSP: 002b:00007f69065d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 175.337864][ T6651] RAX: ffffffffffffffda RBX: 00007f69059e5fa0 RCX: 00007f690578f749 [ 175.337882][ T6651] RDX: 0000000000000000 RSI: 000000000000f502 RDI: 0000000000000005 [ 175.337899][ T6651] RBP: 00007f6905813f91 R08: 0000000000000000 R09: 0000000000000000 [ 175.337916][ T6651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 175.337932][ T6651] R13: 00007f69059e6038 R14: 00007f69059e5fa0 R15: 00007fff21022938 [ 175.337973][ T6651] [ 175.963396][ T5835] Bluetooth: hci6: command tx timeout [ 175.998757][ T6651] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 176.099694][ T6707] loop5: detected capacity change from 0 to 512 [ 176.309055][ T6707] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 176.386429][ T6707] System zones: 0-2, 18-18, 34-35 [ 176.509589][ T6707] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.527206][ T6707] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.908291][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 176.915684][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.974532][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.113281][ T36] bond0 (unregistering): Released all slaves [ 177.851632][ T6724] overlayfs: failed to resolve './file0': -2 [ 178.104463][ T5835] Bluetooth: hci6: command tx timeout [ 178.230286][ T6729] random: crng reseeded on system resumption [ 179.036600][ T6631] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.062984][ T6631] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.079535][ T6631] bridge_slave_0: entered allmulticast mode [ 179.099542][ T6631] bridge_slave_0: entered promiscuous mode [ 179.914653][ T6631] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.084195][ T6631] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.099336][ T6722] loop5: detected capacity change from 0 to 40427 [ 180.132161][ T5835] Bluetooth: hci6: command tx timeout [ 180.155888][ T6631] bridge_slave_1: entered allmulticast mode [ 180.203432][ T6631] bridge_slave_1: entered promiscuous mode [ 180.209943][ T6722] F2FS-fs (loop5): Invalid Fs Meta Ino: node(1) meta(15) root(3) [ 180.276090][ T6722] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 180.374841][ T6722] F2FS-fs (loop5): invalid crc value [ 180.426855][ T6722] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-4) [ 180.782145][ T6631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 181.970463][ T6631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 182.481323][ T36] hsr_slave_0: left promiscuous mode [ 182.497556][ T36] hsr_slave_1: left promiscuous mode [ 182.520620][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 182.555216][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 182.586460][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 182.607990][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 182.666436][ T36] veth1_macvtap: left promiscuous mode [ 182.672412][ T36] veth0_macvtap: left promiscuous mode [ 182.712554][ T36] veth1_vlan: left promiscuous mode [ 182.726784][ T36] veth0_vlan: left promiscuous mode [ 183.362545][ T6805] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 183.687396][ T36] team0 (unregistering): Port device team_slave_1 removed [ 183.728564][ T36] team0 (unregistering): Port device team_slave_0 removed [ 183.737329][ T5933] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 183.906420][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 183.922146][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 183.941043][ T5933] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 183.977805][ T5933] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 183.987142][ T5933] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.030142][ T5933] usb 1-1: config 0 descriptor?? [ 184.371848][ T6631] team0: Port device team_slave_0 added [ 184.420740][ T6631] team0: Port device team_slave_1 added [ 184.482282][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.530770][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.543434][ T6816] tipc: Started in network mode [ 184.560289][ T6816] tipc: Node identity 0e53d6341fb4, cluster identity 4 [ 184.563867][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.588182][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.596185][ T6816] tipc: Enabled bearer , priority 0 [ 184.634133][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.648179][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.665610][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.694772][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.713883][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.725357][ T5933] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 184.761550][ T6817] syzkaller0: entered promiscuous mode [ 184.790437][ T6817] syzkaller0: entered allmulticast mode [ 184.823712][ T6814] tipc: Resetting bearer [ 184.840201][ T5933] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 184.947139][ T5933] usb 1-1: USB disconnect, device number 2 [ 185.183038][ T6813] tipc: Resetting bearer [ 185.218348][ T6813] tipc: Disabling bearer [ 185.224927][ T6836] fido_id[6836]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 185.309267][ T6631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 185.327965][ T6631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 185.367582][ T6631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 185.395337][ T6631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 185.402724][ T6631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 185.503640][ T6631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.143982][ T6847] netlink: 64 bytes leftover after parsing attributes in process `syz.5.263'. [ 188.145736][ T6631] hsr_slave_0: entered promiscuous mode [ 188.184825][ T6631] hsr_slave_1: entered promiscuous mode [ 188.225033][ T6631] debugfs: 'hsr0' already exists in 'hsr' [ 188.230933][ T6631] Cannot create hsr debugfs directory [ 189.673477][ T6882] xt_bpf: check failed: parse error [ 190.496157][ T5933] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 190.728246][ T5933] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.776367][ T5933] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 191.109099][ T5933] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 191.123328][ T5933] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.166924][ T5933] usb 4-1: Product: syz [ 191.171628][ T5933] usb 4-1: Manufacturer: syz [ 191.526376][ T5933] usb 4-1: SerialNumber: syz [ 191.772708][ T5933] cdc_mbim 4-1:1.0: skipping garbage [ 192.092983][ T6889] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 192.797576][ T6631] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 192.867521][ T6631] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 192.932296][ T5933] cdc_mbim 4-1:1.0: failed GET_NTB_PARAMETERS [ 192.934702][ T6631] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 192.953984][ T5933] cdc_mbim 4-1:1.0: bind() failure [ 193.073892][ T6631] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 193.285742][ T5933] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 193.292618][ T5933] cdc_ncm 4-1:1.1: bind() failure [ 193.935769][ T5933] IPVS: starting estimator thread 0... [ 194.034334][ T6931] IPVS: using max 21 ests per chain, 50400 per kthread [ 194.260260][ T6941] loop0: detected capacity change from 0 to 16 [ 194.367251][ T6941] erofs: Unknown parameter '0000000000000000000018446744073709551615' [ 194.549591][ T6631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.330339][ T6945] loop0: detected capacity change from 0 to 2048 [ 196.405667][ T6953] loop1: detected capacity change from 0 to 256 [ 196.896868][ T6945] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.576102][ T5837] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.667009][ T6631] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.856227][ T6671] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.863567][ T6671] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.879730][ T6671] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.887002][ T6671] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.098404][ T6972] loop2: detected capacity change from 0 to 2048 [ 199.128632][ T6972] EXT4-fs: inline encryption not supported [ 199.189253][ T6972] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.342024][ T6972] syz_tun: entered allmulticast mode [ 199.387754][ T6970] syz_tun: left allmulticast mode [ 199.522081][ T5933] usb 4-1: USB disconnect, device number 2 [ 199.553365][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.671675][ T6631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.659823][ T7054] netlink: 8 bytes leftover after parsing attributes in process `syz.3.308'. [ 203.494332][ T7063] loop2: detected capacity change from 0 to 512 [ 203.621632][ T7063] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 203.765724][ T7063] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 203.799777][ T7063] EXT4-fs (loop2): 1 truncate cleaned up [ 203.850818][ T7063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.015305][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.499256][ T6631] veth0_vlan: entered promiscuous mode [ 206.596050][ T6631] veth1_vlan: entered promiscuous mode [ 206.613196][ T7097] tipc: Failed to remove unknown binding: 66,1,1/0:479942002/479942004 [ 206.640721][ T7097] tipc: Failed to remove unknown binding: 66,1,1/0:479942002/479942004 [ 206.693066][ T7097] tipc: Failed to remove unknown binding: 66,1,1/0:479942002/479942004 [ 206.768810][ T6631] veth0_macvtap: entered promiscuous mode [ 206.811301][ T6631] veth1_macvtap: entered promiscuous mode [ 206.942945][ T6631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 207.002583][ T6631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 207.111081][ T6689] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.167624][ T7113] capability: warning: `syz.3.325' uses 32-bit capabilities (legacy support in use) [ 207.215437][ T6689] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.338700][ T6689] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.391620][ T6680] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.533430][ T7121] syz.5.326 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 208.796245][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 208.906772][ T7124] loop3: detected capacity change from 0 to 131072 [ 208.914376][ T6686] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.917032][ T7124] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0) [ 208.932311][ T7124] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 208.943422][ T7124] F2FS-fs (loop3): invalid crc value [ 208.963019][ T6686] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.056586][ T7124] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 209.077381][ T7124] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 209.084520][ T7124] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 209.259165][ T7135] tipc: Failed to remove unknown binding: 66,1,1/0:3644963133/3644963135 [ 209.280769][ T7135] tipc: Failed to remove unknown binding: 66,1,1/0:3644963133/3644963135 [ 209.290014][ T7135] tipc: Failed to remove unknown binding: 66,1,1/0:3644963133/3644963135 [ 209.306103][ T7139] IPVS: stopping master sync thread 7140 ... [ 209.312396][ T7140] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 209.363043][ T6671] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.421906][ T6671] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.909981][ T7147] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 210.397337][ T7156] loop5: detected capacity change from 0 to 512 [ 210.505677][ T7156] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 211.212629][ T7160] tipc: Started in network mode [ 211.229985][ T7160] tipc: Node identity a623edef58ff, cluster identity 4711 [ 211.287697][ T7156] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #17: comm syz.5.339: inode has both inline data and extents flags [ 211.304507][ T7160] tipc: Enabled bearer , priority 0 [ 211.366095][ T7163] syzkaller0: entered promiscuous mode [ 211.371632][ T7163] syzkaller0: entered allmulticast mode [ 211.436238][ T7156] EXT4-fs error (device loop5): ext4_orphan_get:1395: comm syz.5.339: couldn't read orphan inode 17 (err -117) [ 211.523465][ T7156] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.543990][ T7163] tipc: Resetting bearer [ 211.576693][ T7158] tipc: Resetting bearer [ 211.627462][ T7156] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.339: bg 0: block 65: padding at end of block bitmap is not set [ 211.675959][ T7158] tipc: Disabling bearer [ 211.684449][ T7156] __quota_error: 2 callbacks suppressed [ 211.684471][ T7156] Quota error (device loop5): write_blk: dquota write failed [ 211.730383][ T7156] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 211.817370][ T7180] Quota error (device loop5): do_check_range: Getting block 144 out of range 0-5 [ 211.846856][ T7156] EXT4-fs error (device loop5): ext4_acquire_dquot:6943: comm syz.5.339: Failed to acquire dquot type 0 [ 214.755762][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.785619][ T7188] netlink: 4 bytes leftover after parsing attributes in process `syz.6.343'. [ 215.258637][ T7206] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 216.362051][ T7212] loop6: detected capacity change from 0 to 512 [ 216.455219][ T7212] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.352: inode has both inline data and extents flags [ 216.535859][ T7212] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.352: couldn't read orphan inode 15 (err -117) [ 216.662792][ T7212] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.700072][ T7240] loop0: detected capacity change from 0 to 512 [ 219.742634][ T7240] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 219.804736][ T7245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.361'. [ 220.985304][ T6631] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.906548][ T7269] IPVS: stopping master sync thread 7270 ... [ 222.912799][ T7270] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 223.316612][ T7265] loop1: detected capacity change from 0 to 8192 [ 223.439916][ T30] audit: type=1800 audit(1763609442.476:14): pid=7265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.369" name="file2" dev="loop1" ino=1048618 res=0 errno=0 [ 223.614124][ T5896] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 223.689440][ T7289] netlink: 148 bytes leftover after parsing attributes in process `syz.6.375'. [ 223.782808][ T7289] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 223.823942][ T5896] usb 1-1: Using ep0 maxpacket: 16 [ 223.833493][ T5896] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 223.852923][ T7290] tipc: Enabled bearer , priority 10 [ 223.868972][ T5896] usb 1-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 223.907638][ T5896] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 223.979004][ T5896] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 224.019753][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 224.044450][ T5896] usb 1-1: SerialNumber: syz [ 224.516192][ T5896] usb 1-1: USB disconnect, device number 3 [ 225.185611][ T5896] tipc: Node number set to 2272303587 [ 226.258314][ T7321] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 226.271454][ T7321] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 227.329538][ T7328] netlink: 24 bytes leftover after parsing attributes in process `syz.5.386'. [ 227.364564][ T7332] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 227.374538][ T7329] IPVS: stopping master sync thread 7332 ... [ 228.403180][ T7344] veth1_macvtap: left promiscuous mode [ 228.616663][ T7344] macsec0: entered promiscuous mode [ 231.433133][ T7390] loop6: detected capacity change from 0 to 1024 [ 231.479314][ T7390] EXT4-fs: Ignoring removed orlov option [ 231.576350][ T7390] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.796584][ T30] audit: type=1804 audit(1763609450.836:15): pid=7390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.405" name="/newroot/13/bus/bus" dev="loop6" ino=18 res=1 errno=0 [ 231.975613][ T7404] netlink: 7076 bytes leftover after parsing attributes in process `syz.5.409'. [ 232.485145][ T1206] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 232.557577][ T6631] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.687740][ T1206] usb 4-1: config 0 has an invalid interface number: 231 but max is 0 [ 232.727873][ T1206] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 232.778884][ T1206] usb 4-1: config 0 has no interface number 0 [ 232.807673][ T1206] usb 4-1: config 0 interface 231 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 232.859945][ T1206] usb 4-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b [ 232.897424][ T1206] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.926975][ T1206] usb 4-1: Product: syz [ 233.095540][ T1206] usb 4-1: Manufacturer: syz [ 233.100201][ T1206] usb 4-1: SerialNumber: syz [ 233.109124][ T1206] usb 4-1: config 0 descriptor?? [ 233.123982][ T1206] plusb 4-1:0.231: probe with driver plusb failed with error -22 [ 233.199491][ T30] audit: type=1326 audit(1763609452.236:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.6.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad5b8f749 code=0x7ffc0000 [ 233.271161][ T30] audit: type=1326 audit(1763609452.236:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.6.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad5b8f749 code=0x7ffc0000 [ 233.570944][ T1206] usb 4-1: USB disconnect, device number 3 [ 233.616434][ T30] audit: type=1326 audit(1763609452.276:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.6.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f9ad5b8f749 code=0x7ffc0000 [ 233.639861][ T30] audit: type=1326 audit(1763609452.276:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.6.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad5b8f749 code=0x7ffc0000 [ 233.663528][ T30] audit: type=1326 audit(1763609452.276:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.6.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad5b8f749 code=0x7ffc0000 [ 238.919844][ T7450] netlink: 7076 bytes leftover after parsing attributes in process `syz.5.423'. [ 239.847780][ T7463] loop1: detected capacity change from 0 to 512 [ 240.237116][ T7463] EXT4-fs (loop1): Test dummy encryption mode enabled [ 240.479369][ T7452] loop3: detected capacity change from 0 to 40427 [ 240.492116][ T7452] F2FS-fs (loop3): build fault injection rate: 14 [ 240.518193][ T7463] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.539344][ T7452] F2FS-fs (loop3): invalid crc value [ 240.641216][ T7463] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2" [ 240.714655][ T7463] EXT4-fs error (device loop1): ext4_add_entry:2417: inode #2: comm syz.1.429: Directory hole found for htree leaf block 0 [ 240.846418][ T7463] EXT4-fs (loop1): Remounting filesystem read-only [ 240.946291][ T7452] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 240.993139][ T7452] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 241.033000][ T5827] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 241.672887][ T52] Bluetooth: hci3: command 0x0406 tx timeout [ 241.679868][ T5142] Bluetooth: hci5: command 0x0406 tx timeout [ 241.687495][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 241.695569][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 241.703292][ T5845] Bluetooth: hci4: command 0x0406 tx timeout [ 243.282702][ T7494] netlink: 7076 bytes leftover after parsing attributes in process `syz.1.438'. [ 243.407681][ T7497] af_packet: tpacket_rcv: packet too big, clamped from 40 to 4294967272. macoff=96 [ 243.695003][ T7506] netlink: 12 bytes leftover after parsing attributes in process `syz.1.443'. [ 243.740873][ T7503] loop3: detected capacity change from 0 to 1024 [ 244.095917][ T7510] loop0: detected capacity change from 0 to 1024 [ 244.142836][ T7503] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 244.227464][ T7510] EXT4-fs: Ignoring removed nobh option [ 244.652891][ T7510] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 244.751186][ T7510] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.444: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 245.774881][ T7510] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.444: couldn't read orphan inode 11 (err -117) [ 245.926513][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.068157][ T7510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.268817][ T7518] netlink: 'syz.5.442': attribute type 4 has an invalid length. [ 246.456697][ T7510] block device autoloading is deprecated and will be removed. [ 246.528495][ T7533] netlink: 'syz.5.442': attribute type 4 has an invalid length. [ 247.910972][ T5837] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.316822][ T7588] loop2: detected capacity change from 0 to 40427 [ 251.341214][ T7588] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 251.381568][ T7588] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 251.437787][ T7588] F2FS-fs (loop2): invalid crc value [ 251.649911][ T7619] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.471'. [ 251.699598][ T7588] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 251.733319][ T7588] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 251.760128][ T7588] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 253.951181][ T7615] loop6: detected capacity change from 0 to 40427 [ 254.010394][ T7615] F2FS-fs (loop6): build fault injection rate: 174 [ 254.036737][ T7615] F2FS-fs (loop6): build fault injection type: 0x3bfe8c [ 254.097995][ T7615] F2FS-fs (loop6): invalid crc value [ 254.555365][ T7615] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 256.112070][ T7649] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'. [ 256.173411][ T7650] netlink: 12 bytes leftover after parsing attributes in process `syz.2.474'. [ 256.313519][ T7652] netlink: 'syz.2.474': attribute type 16 has an invalid length. [ 256.321426][ T7652] netlink: 'syz.2.474': attribute type 17 has an invalid length. [ 257.104001][ T7652] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 262.824238][ T804] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 262.926244][ T5924] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 263.083935][ T5924] usb 4-1: Using ep0 maxpacket: 32 [ 263.096586][ T804] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 263.106870][ T5924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 263.137402][ T804] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.149408][ T5924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1152, setting to 1024 [ 263.206541][ T804] usb 3-1: config 0 descriptor?? [ 263.212383][ T5924] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 263.265336][ T5924] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.329840][ T5924] usb 4-1: config 0 descriptor?? [ 263.350301][ T7693] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 263.401935][ T5924] hub 4-1:0.0: USB hub found [ 264.678015][ T5958] usb 3-1: USB disconnect, device number 2 [ 265.119460][ T7690] loop3: detected capacity change from 0 to 1024 [ 265.347922][ T7722] netlink: 4 bytes leftover after parsing attributes in process `syz.6.494'. [ 265.370272][ T7722] netlink: 4 bytes leftover after parsing attributes in process `syz.6.494'. [ 266.089288][ T7726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.495'. [ 266.110632][ T7690] EXT4-fs warning (device loop3): ext4_multi_mount_protect:397: Unable to create kmmpd thread for loop3. [ 266.216705][ T7729] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 266.324623][ T7730] netlink: 'syz.1.491': attribute type 4 has an invalid length. [ 268.198497][ T5924] hub 4-1:0.0: config failed, can't read hub descriptor (err -22) [ 268.279382][ T5924] usbhid 4-1:0.0: can't add hid device: -71 [ 268.301059][ T5924] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 268.485900][ T5924] usb 4-1: USB disconnect, device number 4 [ 269.600489][ T7759] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 270.071753][ T7765] loop0: detected capacity change from 0 to 1024 [ 270.204017][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 270.256429][ T7765] EXT4-fs: Mount option(s) incompatible with ext2 [ 271.524457][ T7765] 9p: Unknown Cache mode or invalid value EԁJ?dTw@3;[ U3:7&M:2io͆'-_͟{tc[;jOƟ2 wΝMou ~nb1~㧏=♮IiDc[yvǢ{dãKcǮ1:vps_3ݶ]}.oݶxk[ݹkfree [ 273.683617][ T7804] netlink: 'syz.6.517': attribute type 5 has an invalid length. [ 273.704623][ T7804] netlink: 45 bytes leftover after parsing attributes in process `syz.6.517'. [ 274.442104][ T7796] loop0: detected capacity change from 0 to 40427 [ 274.482592][ T7796] F2FS-fs (loop0): build fault injection rate: 694 [ 274.502370][ T7796] F2FS-fs (loop0): invalid crc value [ 274.723265][ T7796] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 274.782713][ T7796] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 274.811690][ T7796] syz.0.514: attempt to access beyond end of device [ 274.811690][ T7796] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 274.827508][ T7796] syz.0.514: attempt to access beyond end of device [ 274.827508][ T7796] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 274.847872][ T7796] syz.0.514: attempt to access beyond end of device [ 274.847872][ T7796] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 274.910847][ T5837] syz-executor: attempt to access beyond end of device [ 274.910847][ T5837] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 274.934642][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 274.934690][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 274.934712][ T5837] Call Trace: [ 274.934724][ T5837] [ 274.934737][ T5837] dump_stack_lvl+0x16c/0x1f0 [ 274.934805][ T5837] f2fs_handle_critical_error+0x624/0x9f0 [ 274.934853][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.934900][ T5837] ? f2fs_build_fault_attr+0x53/0x1f0 [ 274.934973][ T5837] f2fs_write_end_io+0x958/0xcf0 [ 274.935023][ T5837] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 274.935073][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.935128][ T5837] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 274.935171][ T5837] bio_endio+0x713/0x860 [ 274.935240][ T5837] submit_bio_noacct+0x306/0x1f60 [ 274.935292][ T5837] __submit_merged_bio+0x33c/0x770 [ 274.935343][ T5837] __submit_merged_write_cond+0x319/0x3f0 [ 274.935401][ T5837] f2fs_write_cache_pages+0x2067/0x2570 [ 274.935483][ T5837] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 274.935554][ T5837] ? __lock_acquire+0x622/0x1c90 [ 274.935626][ T5837] ? lock_acquire+0x179/0x350 [ 274.935667][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.935712][ T5837] ? __lock_acquire+0x622/0x1c90 [ 274.935817][ T5837] ? check_irq_usage+0xcb/0x920 [ 274.935916][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.935960][ T5837] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 274.936020][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.936073][ T5837] f2fs_write_data_pages+0x4ad/0xd90 [ 274.936135][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 274.936184][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.936240][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.936290][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 274.936346][ T5837] do_writepages+0x27a/0x600 [ 274.936392][ T5837] ? __pfx_do_writepages+0x10/0x10 [ 274.936427][ T5837] ? do_raw_spin_unlock+0x172/0x230 [ 274.936470][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.936514][ T5837] ? _raw_spin_unlock+0x28/0x50 [ 274.936563][ T5837] filemap_fdatawrite_wbc+0x104/0x160 [ 274.936607][ T5837] __filemap_fdatawrite_range+0xb9/0x100 [ 274.936667][ T5837] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 274.936779][ T5837] ? find_held_lock+0x2b/0x80 [ 274.936834][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.936879][ T5837] ? do_raw_spin_unlock+0x172/0x230 [ 274.936923][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.936974][ T5837] f2fs_sync_dirty_inodes+0x2a2/0x980 [ 274.937050][ T5837] block_operations+0x2b0/0xfe0 [ 274.937103][ T5837] ? __pfx_stack_trace_save+0x10/0x10 [ 274.937169][ T5837] ? __pfx_block_operations+0x10/0x10 [ 274.937222][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.937319][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.937368][ T5837] ? ktime_get+0x200/0x310 [ 274.937422][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.937466][ T5837] ? lockdep_hardirqs_on+0x7c/0x110 [ 274.937515][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.937558][ T5837] ? rcu_is_watching+0x12/0xc0 [ 274.937618][ T5837] f2fs_write_checkpoint+0x32b/0x5300 [ 274.937677][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.937729][ T5837] ? kfree+0x2b8/0x6d0 [ 274.937774][ T5837] ? f2fs_stop_gc_thread+0x79/0xd0 [ 274.937842][ T5837] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 274.937904][ T5837] kill_f2fs_super+0x3d6/0x490 [ 274.937962][ T5837] ? __pfx_kill_f2fs_super+0x10/0x10 [ 274.938035][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.938097][ T5837] deactivate_locked_super+0xc1/0x1a0 [ 274.938153][ T5837] deactivate_super+0xde/0x100 [ 274.938207][ T5837] cleanup_mnt+0x225/0x450 [ 274.938268][ T5837] task_work_run+0x150/0x240 [ 274.938312][ T5837] ? __pfx_task_work_run+0x10/0x10 [ 274.938351][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 274.938398][ T5837] ? __pfx___x64_sys_umount+0x10/0x10 [ 274.938468][ T5837] exit_to_user_mode_loop+0xec/0x130 [ 274.938511][ T5837] do_syscall_64+0x426/0xfa0 [ 274.938605][ T5837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.938642][ T5837] RIP: 0033:0x7f6905790a77 [ 274.938671][ T5837] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 274.938707][ T5837] RSP: 002b:00007fff21021bc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 274.938741][ T5837] RAX: 0000000000000000 RBX: 00007f6905813d7d RCX: 00007f6905790a77 [ 274.938765][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff21021c80 [ 274.938801][ T5837] RBP: 00007fff21021c80 R08: 0000000000000000 R09: 0000000000000000 [ 274.938823][ T5837] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff21022d10 [ 274.938846][ T5837] R13: 00007f6905813d7d R14: 000000000004318a R15: 00007fff21022d50 [ 274.938899][ T5837] [ 274.939394][ T5837] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 276.670093][ T7820] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 277.203387][ T7829] sch_fq: defrate 4294967295 ignored. [ 277.395603][ T7837] netlink: 'syz.0.523': attribute type 4 has an invalid length. [ 278.764765][ T7854] loop5: detected capacity change from 0 to 2048 [ 278.791476][ T7854] EXT4-fs: inline encryption not supported [ 280.063438][ T7871] xt_CT: No such helper "snmp_trap" [ 280.644539][ T7854] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.814489][ T7879] loop1: detected capacity change from 0 to 512 [ 281.046679][ T7879] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=2 [ 281.074404][ T7879] EXT4-fs warning (device loop1): ext4_enable_quotas:7176: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 281.082527][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.695276][ T7886] loop0: detected capacity change from 0 to 256 [ 281.732082][ T7879] EXT4-fs (loop1): mount failed [ 281.825839][ T7886] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 281.894655][ T7886] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 281.924058][ T7886] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 281.990478][ T7886] exFAT-fs (loop0): failed to load alloc-bitmap [ 281.998725][ T7886] exFAT-fs (loop0): failed to recognize exfat type [ 282.517098][ T7903] loop5: detected capacity change from 0 to 1024 [ 284.279392][ T7933] xt_CT: No such helper "snmp_trap" [ 284.706618][ T7937] tipc: Started in network mode [ 284.711562][ T7937] tipc: Node identity 0a2972cb6895, cluster identity 4711 [ 284.795966][ T7937] tipc: Enabled bearer , priority 0 [ 284.867143][ T7944] syzkaller0: entered promiscuous mode [ 284.872695][ T7944] syzkaller0: entered allmulticast mode [ 285.121838][ T7950] netlink: 4 bytes leftover after parsing attributes in process `syz.6.558'. [ 285.140634][ T7936] tipc: Resetting bearer [ 286.053473][ T7936] tipc: Disabling bearer [ 286.149234][ T5909] tipc: Node number set to 1656517323 [ 289.838670][ T7992] loop6: detected capacity change from 0 to 256 [ 289.887914][ T7992] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 289.915896][ T7992] exFAT-fs (loop6): Medium has reported failures. Some data may be lost. [ 289.966135][ T7992] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 290.001634][ T7992] exFAT-fs (loop6): failed to load alloc-bitmap [ 290.034041][ T7992] exFAT-fs (loop6): failed to recognize exfat type [ 290.544603][ T7994] loop6: detected capacity change from 0 to 128 [ 290.567939][ T7994] ext4: Unknown parameter 'seclabel' [ 293.939066][ T8013] netlink: 96 bytes leftover after parsing attributes in process `syz.6.573'. [ 296.615550][ T8027] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.624435][ T8027] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.204479][ T5924] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 297.352504][ T8027] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 297.367524][ T5924] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 297.402695][ T5924] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 297.420848][ T8027] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 297.435585][ T5924] usb 7-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 297.475911][ T5924] usb 7-1: config 0 interface 0 has no altsetting 0 [ 297.492338][ T5924] usb 7-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 297.508416][ T5924] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.523158][ T5924] usb 7-1: config 0 descriptor?? [ 297.539727][ T8057] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 298.067159][ T5924] elecom 0003:056E:010D.0002: item fetching failed at offset 0/3 [ 298.094248][ T5924] elecom 0003:056E:010D.0002: probe with driver elecom failed with error -22 [ 298.251289][ T5924] usb 7-1: USB disconnect, device number 2 [ 298.445185][ T5835] Bluetooth: hci6: command 0x0406 tx timeout [ 298.609415][ T8036] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 301.131963][ T6689] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.388877][ T6689] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.398884][ T6689] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.407930][ T6689] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.646385][ T8080] syzkaller0: entered promiscuous mode [ 302.652281][ T8080] syzkaller0: entered allmulticast mode [ 304.215211][ T8088] loop3: detected capacity change from 0 to 512 [ 304.291450][ T8088] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 304.353829][ T8088] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #16: comm syz.3.599: invalid indirect mapped block 4294967295 (level 0) [ 304.406897][ T8088] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #16: comm syz.3.599: invalid indirect mapped block 4294967295 (level 1) [ 304.529402][ T8088] EXT4-fs (loop3): 1 orphan inode deleted [ 304.551176][ T8088] EXT4-fs (loop3): 1 truncate cleaned up [ 304.606228][ T8088] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.883493][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.451330][ T8109] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 311.820919][ T8145] netem: change failed [ 313.036908][ T8150] syzkaller0: entered promiscuous mode [ 313.042438][ T8150] syzkaller0: entered allmulticast mode [ 313.873015][ T8174] netlink: 272 bytes leftover after parsing attributes in process `syz.3.628'. [ 314.288895][ T8182] loop3: detected capacity change from 0 to 512 [ 314.479514][ T8182] EXT4-fs: Ignoring removed oldalloc option [ 314.506058][ T8191] tipc: Enabled bearer , priority 0 [ 314.531123][ T8191] tipc: Resetting bearer [ 315.854840][ T8188] tipc: Disabling bearer [ 315.930976][ T8182] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.632: Parent and EA inode have the same ino 15 [ 316.643568][ T8182] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.632: Parent and EA inode have the same ino 15 [ 317.176611][ T8182] EXT4-fs (loop3): 1 orphan inode deleted [ 319.406256][ T8182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 319.413407][ T5933] tipc: Node number set to 4275891695 [ 320.865085][ T5923] kernel write not supported for file bpf-prog (pid: 5923 comm: kworker/1:4) [ 320.945685][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.851844][ T8221] IPv6: sit1: Disabled Multicast RS [ 322.908202][ T8221] sit1: entered allmulticast mode [ 324.388380][ T8241] loop3: detected capacity change from 0 to 512 [ 324.416195][ T8241] EXT4-fs: Ignoring removed mblk_io_submit option [ 324.526439][ T8241] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 324.608530][ T8241] EXT4-fs error (device loop3): ext4_clear_blocks:874: inode #13: comm syz.3.652: attempt to clear invalid blocks 2 len 1 [ 325.197183][ T8241] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 325.366472][ T8241] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #13: comm syz.3.652: invalid indirect mapped block 1819239214 (level 0) [ 325.412108][ T8241] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #13: comm syz.3.652: invalid indirect mapped block 1819239214 (level 1) [ 325.566426][ T8241] EXT4-fs (loop3): 1 truncate cleaned up [ 325.603361][ T8241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.904236][ T8256] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 326.905225][ T8261] EXT4-fs (loop3): Quota file not on filesystem root. Journaled quota will not work [ 327.454938][ T8258] netlink: 'syz.0.657': attribute type 27 has an invalid length. [ 327.781805][ T8266] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 327.789690][ T8266] IPv6: NLM_F_CREATE should be set when creating new route [ 328.660304][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.660975][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 334.566879][ T8330] 9pnet_fd: Insufficient options for proto=fd [ 340.892784][ T8373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.694'. [ 342.624584][ T8316] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 342.914462][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 342.950216][ T5835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 342.969015][ T5835] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 343.003881][ T5835] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 343.014506][ T5835] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 343.053388][ T8390] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.080339][ T30] audit: type=1326 audit(1763609562.116:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439738f749 code=0x7ffc0000 [ 343.102901][ T30] audit: type=1326 audit(1763609562.116:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439738f749 code=0x7ffc0000 [ 343.174211][ T30] audit: type=1326 audit(1763609562.196:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f439738df90 code=0x7ffc0000 [ 343.469588][ T30] audit: type=1326 audit(1763609562.196:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f439738df90 code=0x7ffc0000 [ 343.494781][ T30] audit: type=1326 audit(1763609562.196:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439738f749 code=0x7ffc0000 [ 343.542035][ T30] audit: type=1326 audit(1763609562.196:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439738f749 code=0x7ffc0000 [ 448.603663][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 448.610758][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5192/1:b..l P8387/1:b..l P6691/1:b..l [ 448.621575][ C0] rcu: (detected by 0, t=10502 jiffies, g=28069, q=285 ncpus=2) [ 448.629482][ C0] task:kworker/u8:27 state:R running task stack:25480 pid:6691 tgid:6691 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 448.644110][ C0] Workqueue: events_unbound cfg80211_wiphy_work [ 448.650399][ C0] Call Trace: [ 448.653682][ C0] [ 448.656632][ C0] __schedule+0x1190/0x5de0 [ 448.661194][ C0] ? __pfx___schedule+0x10/0x10 [ 448.666083][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.671821][ C0] ? mark_held_locks+0x49/0x80 [ 448.676662][ C0] preempt_schedule_irq+0x51/0x90 [ 448.681724][ C0] irqentry_exit+0x36/0x90 [ 448.686185][ C0] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 448.691781][ C0] RIP: 0010:unwind_next_frame+0x1f6/0x20a0 [ 448.697614][ C0] Code: 89 c3 39 d0 0f 83 fb 15 00 00 48 ba 00 00 00 00 00 fc ff df 89 c1 48 8d 3c 8d 48 a4 d0 91 49 89 f8 49 c1 e8 03 45 0f b6 04 10 <48> 89 fa 83 e2 07 83 c2 03 44 38 c2 7c 2f 45 84 c0 74 2a 48 89 4c [ 448.717253][ C0] RSP: 0018:ffffc9000aa16df8 EFLAGS: 00000213 [ 448.723351][ C0] RAX: 000000000009cfb1 RBX: 0000000000000001 RCX: 000000000009cfb1 [ 448.731418][ C0] RDX: dffffc0000000000 RSI: 00000000000a62c9 RDI: ffffffff91f7e30c [ 448.739579][ C0] RBP: ffffc9000aa16eb0 R08: 0000000000000000 R09: 0000000000000000 [ 448.747570][ C0] R10: 0000000000000000 R11: 000000000009cfb1 R12: ffffc9000aa16eb8 [ 448.755641][ C0] R13: ffffc9000aa16e68 R14: ffffc9000aa16e9d R15: ffffffff8acfb17f [ 448.763710][ C0] ? ieee80211_bss_info_update+0x30f/0xab0 [ 448.769652][ C0] ? unwind_next_frame+0xa3b/0x20a0 [ 448.774879][ C0] ? ieee80211_bss_info_update+0x310/0xab0 [ 448.780750][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 448.787023][ C0] arch_stack_walk+0x94/0x100 [ 448.791731][ C0] ? ieee80211_bss_info_update+0x310/0xab0 [ 448.797563][ C0] stack_trace_save+0x8e/0xc0 [ 448.802267][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 448.807672][ C0] ? mark_held_locks+0x49/0x80 [ 448.812502][ C0] ? finish_task_switch.isra.0+0x221/0xc10 [ 448.818362][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.824115][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 448.829342][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.835176][ C0] kasan_save_stack+0x33/0x60 [ 448.839896][ C0] ? kasan_save_stack+0x33/0x60 [ 448.844783][ C0] ? kasan_save_track+0x14/0x30 [ 448.849661][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 448.854918][ C0] ? __kmalloc_noprof+0x32f/0x880 [ 448.859968][ C0] ? cfg80211_inform_single_bss_data+0x53e/0x1df0 [ 448.866493][ C0] ? cfg80211_inform_bss_data+0x22b/0x3be0 [ 448.872413][ C0] ? cfg80211_inform_bss_frame_data+0x26f/0x750 [ 448.878686][ C0] ? ieee80211_bss_info_update+0x310/0xab0 [ 448.884679][ C0] kasan_save_track+0x14/0x30 [ 448.889395][ C0] __kasan_kmalloc+0xaa/0xb0 [ 448.894202][ C0] __kmalloc_noprof+0x32f/0x880 [ 448.899079][ C0] ? cfg80211_inform_single_bss_data+0x53e/0x1df0 [ 448.905616][ C0] ? cfg80211_inform_single_bss_data+0x53e/0x1df0 [ 448.912235][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.917973][ C0] cfg80211_inform_single_bss_data+0x53e/0x1df0 [ 448.924432][ C0] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 448.931133][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.936794][ C0] ? find_held_lock+0x2b/0x80 [ 448.941704][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.947357][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 448.952345][ C0] ? cfg80211_inform_bss_data+0x22b/0x3be0 [ 448.958173][ C0] cfg80211_inform_bss_data+0x22b/0x3be0 [ 448.963839][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.969500][ C0] ? lock_acquire+0x179/0x350 [ 448.974279][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.979959][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 448.985620][ C0] ? mark_held_locks+0x49/0x80 [ 448.990428][ C0] ? finish_task_switch.isra.0+0x221/0xc10 [ 448.996523][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.002418][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 449.007649][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.013387][ C0] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 449.019606][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.025263][ C0] ? rcu_is_watching+0x12/0xc0 [ 449.030058][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.035716][ C0] ? trace_sched_exit_tp+0xd1/0x120 [ 449.040944][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.046595][ C0] ? __schedule+0x11a3/0x5de0 [ 449.051384][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.057058][ C0] ? mark_held_locks+0x49/0x80 [ 449.061895][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.067907][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.073568][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.079227][ C0] ? rcu_is_watching+0x12/0xc0 [ 449.084090][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.089742][ C0] ? __lock_acquire+0x622/0x1c90 [ 449.094726][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.100386][ C0] ? irqentry_exit+0x3b/0x90 [ 449.105012][ C0] cfg80211_inform_bss_frame_data+0x26f/0x750 [ 449.111122][ C0] ieee80211_bss_info_update+0x310/0xab0 [ 449.116780][ C0] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 449.123007][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 449.128230][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 449.134157][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.139836][ C0] ieee80211_ibss_rx_queued_mgmt+0x191b/0x2fe0 [ 449.146109][ C0] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 449.152653][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 449.157640][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.163294][ C0] ? irqentry_exit+0x3b/0x90 [ 449.167906][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.173646][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 449.179160][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.184854][ C0] ieee80211_iface_work+0xe2e/0x1360 [ 449.190249][ C0] ? rcu_is_watching+0x12/0xc0 [ 449.195132][ C0] cfg80211_wiphy_work+0x2c7/0x580 [ 449.200284][ C0] process_one_work+0x9cf/0x1b70 [ 449.205258][ C0] ? __pfx_cfg80211_wiphy_work+0x10/0x10 [ 449.210934][ C0] ? __pfx_process_one_work+0x10/0x10 [ 449.216355][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.222031][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.227693][ C0] ? assign_work+0x1a0/0x250 [ 449.232303][ C0] worker_thread+0x6c8/0xf10 [ 449.236939][ C0] ? __pfx_worker_thread+0x10/0x10 [ 449.242074][ C0] kthread+0x3c5/0x780 [ 449.246160][ C0] ? __pfx_kthread+0x10/0x10 [ 449.250850][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.256516][ C0] ? rcu_is_watching+0x12/0xc0 [ 449.261486][ C0] ? __pfx_kthread+0x10/0x10 [ 449.266099][ C0] ret_from_fork+0x675/0x7d0 [ 449.270712][ C0] ? __pfx_kthread+0x10/0x10 [ 449.275320][ C0] ret_from_fork_asm+0x1a/0x30 [ 449.280144][ C0] [ 449.283348][ C0] task:syz-executor state:R running task stack:24792 pid:8387 tgid:8387 ppid:8381 task_flags:0x400140 flags:0x00080001 [ 449.296918][ C0] Call Trace: [ 449.300201][ C0] [ 449.303254][ C0] __schedule+0x1190/0x5de0 [ 449.307794][ C0] ? trace_sched_exit_tp+0xd1/0x120 [ 449.313107][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.318764][ C0] ? __schedule+0x11a3/0x5de0 [ 449.323682][ C0] ? __pfx___schedule+0x10/0x10 [ 449.328598][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.334271][ C0] ? mark_held_locks+0x49/0x80 [ 449.339174][ C0] preempt_schedule_irq+0x51/0x90 [ 449.344324][ C0] irqentry_exit+0x36/0x90 [ 449.348851][ C0] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 449.354328][ C0] RIP: 0010:lock_release+0x183/0x2f0 [ 449.359796][ C0] Code: 0f c1 05 b8 0d 09 12 83 f8 01 0f 85 1d 01 00 00 9c 58 f6 c4 02 0f 85 08 01 00 00 41 f7 c5 00 02 00 00 74 01 fb 48 8b 44 24 10 <65> 48 2b 05 cd cb 08 12 0f 85 58 01 00 00 48 83 c4 18 5b 41 5c 41 [ 449.379616][ C0] RSP: 0018:ffffc900113c70f0 EFLAGS: 00000206 [ 449.385807][ C0] RAX: 2a87305db7e2e100 RBX: ffffffff8e3c4760 RCX: ffffc900113c70fc [ 449.394005][ C0] RDX: 0000000000000002 RSI: ffffffff8da052b3 RDI: ffffffff8bf079c0 [ 449.401990][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 449.410054][ C0] R10: 0000000000000000 R11: 000000000001647b R12: ffffffff816bf704 [ 449.418125][ C0] R13: 0000000000000206 R14: ffff8880267cbc80 R15: 0000000000000003 [ 449.426120][ C0] ? unwind_next_frame+0x3f4/0x20a0 [ 449.431375][ C0] unwind_next_frame+0x3f9/0x20a0 [ 449.436417][ C0] ? kernfs_new_node+0x13c/0x1e0 [ 449.441392][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 449.447678][ C0] arch_stack_walk+0x94/0x100 [ 449.452505][ C0] ? __kernfs_create_file+0x53/0x350 [ 449.457859][ C0] stack_trace_save+0x8e/0xc0 [ 449.462575][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 449.467981][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.473768][ C0] ? trace_sched_exit_tp+0xd1/0x120 [ 449.478998][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.484744][ C0] ? __schedule+0x11a3/0x5de0 [ 449.489454][ C0] kasan_save_stack+0x33/0x60 [ 449.494164][ C0] ? kasan_save_stack+0x33/0x60 [ 449.499215][ C0] ? kasan_save_track+0x14/0x30 [ 449.504097][ C0] ? __kasan_slab_alloc+0x89/0x90 [ 449.509154][ C0] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 449.514815][ C0] ? __kernfs_new_node+0xd2/0x8e0 [ 449.519860][ C0] ? kernfs_new_node+0x13c/0x1e0 [ 449.524986][ C0] kasan_save_track+0x14/0x30 [ 449.529698][ C0] __kasan_slab_alloc+0x89/0x90 [ 449.534590][ C0] kmem_cache_alloc_noprof+0x250/0x6e0 [ 449.540261][ C0] ? __kernfs_new_node+0xd2/0x8e0 [ 449.545320][ C0] ? __kernfs_new_node+0xd2/0x8e0 [ 449.550887][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.556538][ C0] __kernfs_new_node+0xd2/0x8e0 [ 449.561424][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.567163][ C0] ? mark_held_locks+0x49/0x80 [ 449.572054][ C0] ? __pfx___kernfs_new_node+0x10/0x10 [ 449.577534][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.583187][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 449.588432][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 449.594353][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.600095][ C0] ? rcu_preempt_deferred_qs_irqrestore+0x500/0xbc0 [ 449.606789][ C0] ? preempt_schedule+0x11/0x30 [ 449.611674][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.617435][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.623101][ C0] ? __rcu_read_unlock+0x2bc/0x550 [ 449.628234][ C0] kernfs_new_node+0x13c/0x1e0 [ 449.633133][ C0] __kernfs_create_file+0x53/0x350 [ 449.638375][ C0] sysfs_add_file_mode_ns+0x207/0x3c0 [ 449.643800][ C0] internal_create_group+0x578/0xf30 [ 449.649227][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.654980][ C0] ? kobject_init_and_add+0x123/0x190 [ 449.660392][ C0] ? __pfx_internal_create_group+0x10/0x10 [ 449.666312][ C0] ? __pfx_kobject_init_and_add+0x10/0x10 [ 449.672174][ C0] ? ops_init+0x1e2/0x5f0 [ 449.676536][ C0] ? ksys_unshare+0x45b/0xa40 [ 449.681348][ C0] ? __x64_sys_unshare+0x31/0x40 [ 449.686373][ C0] ? do_syscall_64+0xcd/0xfa0 [ 449.691072][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.697433][ C0] internal_create_groups+0x9d/0x150 [ 449.702758][ C0] netdev_queue_update_kobjects+0x115/0x720 [ 449.708734][ C0] netdev_register_kobject+0x2b3/0x3d0 [ 449.714237][ C0] register_netdevice+0x13dc/0x2270 [ 449.719467][ C0] ? __pfx_register_netdevice+0x10/0x10 [ 449.725063][ C0] __ip_tunnel_create+0x540/0x6e0 [ 449.730161][ C0] ? __pfx___ip_tunnel_create+0x10/0x10 [ 449.735793][ C0] ip_tunnel_init_net+0x22f/0x7d0 [ 449.740853][ C0] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 449.746427][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.752099][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.757845][ C0] ? ops_init+0x77/0x5f0 [ 449.762190][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.767944][ C0] ? __pfx_ipgre_init_net+0x10/0x10 [ 449.773260][ C0] ops_init+0x1e2/0x5f0 [ 449.777442][ C0] setup_net+0x100/0x390 [ 449.781708][ C0] ? __pfx_setup_net+0x10/0x10 [ 449.786493][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.792157][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.797904][ C0] ? debug_mutex_init+0x37/0x70 [ 449.802876][ C0] copy_net_ns+0x2f8/0x690 [ 449.807332][ C0] create_new_namespaces+0x3ea/0xa90 [ 449.812665][ C0] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 449.818331][ C0] ksys_unshare+0x45b/0xa40 [ 449.822957][ C0] ? __pfx_ksys_unshare+0x10/0x10 [ 449.828015][ C0] ? __pfx_fput_close_sync+0x10/0x10 [ 449.833401][ C0] ? dnotify_flush+0x79/0x4c0 [ 449.838109][ C0] __x64_sys_unshare+0x31/0x40 [ 449.842987][ C0] do_syscall_64+0xcd/0xfa0 [ 449.847521][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.853430][ C0] RIP: 0033:0x7f295ad90f47 [ 449.857854][ C0] RSP: 002b:00007ffe17317f68 EFLAGS: 00000202 ORIG_RAX: 0000000000000110 [ 449.866280][ C0] RAX: ffffffffffffffda RBX: 00007f295afe5f40 RCX: 00007f295ad90f47 [ 449.874274][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 449.882250][ C0] RBP: 00007f295afe67b8 R08: 0000000000000000 R09: 0000000000000000 [ 449.890317][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008 [ 449.898295][ C0] R13: 0000000000000003 R14: 00007ffe17318238 R15: 0000000000000000 [ 449.906314][ C0] [ 449.909382][ C0] task:udevd state:R running task stack:25496 pid:5192 tgid:5192 ppid:1 task_flags:0x400140 flags:0x00080001 [ 449.923075][ C0] Call Trace: [ 449.926499][ C0] [ 449.929474][ C0] __schedule+0x1190/0x5de0 [ 449.934096][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.939962][ C0] ? __pfx___schedule+0x10/0x10 [ 449.944860][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.950535][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 449.956367][ C0] ? mark_held_locks+0x49/0x80 [ 449.961184][ C0] preempt_schedule_irq+0x51/0x90 [ 449.966412][ C0] irqentry_exit+0x36/0x90 [ 449.970852][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 449.976908][ C0] RIP: 0010:unwind_next_frame+0xd9/0x20a0 [ 449.982664][ C0] Code: d2 45 31 c9 45 31 c0 48 8d 05 00 00 00 00 50 b9 02 00 00 00 31 f6 48 c7 c7 60 47 3c 8e e8 7f d5 2c 00 e8 5a f3 f2 09 5a 85 c0 <0f> 85 57 09 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8d 65 50 4c 89 [ 450.002304][ C0] RSP: 0018:ffffc90003dcf2d8 EFLAGS: 00000202 [ 450.008486][ C0] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 00000000f9d4a135 [ 450.016507][ C0] RDX: ffffffff816bf3cd RSI: ffffffff8da052b3 RDI: ffffffff8bf079c0 [ 450.024496][ C0] RBP: ffffc90003dcf390 R08: b8cac8e21e7d84fd R09: 0000000000000000 [ 450.032650][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff81a7e2a0 [ 450.040643][ C0] R13: ffffc90003dcf348 R14: 0000000000000000 R15: ffff88807d98dac0 [ 450.048644][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 450.054853][ C0] ? unwind_next_frame+0xbd/0x20a0 [ 450.060086][ C0] ? unwind_next_frame+0xbd/0x20a0 [ 450.065391][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 450.070286][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 450.076623][ C0] arch_stack_walk+0x94/0x100 [ 450.081343][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 450.086157][ C0] stack_trace_save+0x8e/0xc0 [ 450.090869][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 450.096285][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.101952][ C0] ? __lock_acquire+0x622/0x1c90 [ 450.106935][ C0] kasan_save_stack+0x33/0x60 [ 450.111733][ C0] ? kasan_save_stack+0x33/0x60 [ 450.116622][ C0] ? kasan_save_track+0x14/0x30 [ 450.121705][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 450.126573][ C0] kasan_save_track+0x14/0x30 [ 450.131382][ C0] __kasan_kmalloc+0xaa/0xb0 [ 450.136009][ C0] __kmalloc_noprof+0x32f/0x880 [ 450.140897][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.146725][ C0] ? kfree+0x252/0x6d0 [ 450.150816][ C0] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 450.156580][ C0] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 450.162337][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.168008][ C0] tomoyo_realpath_from_path+0xc2/0x6e0 [ 450.173592][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.179349][ C0] tomoyo_check_open_permission+0x2ab/0x3c0 [ 450.185287][ C0] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 450.191739][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 450.196795][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.202471][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 450.207537][ C0] tomoyo_file_open+0x6b/0x90 [ 450.212341][ C0] security_file_open+0x84/0x1e0 [ 450.217370][ C0] do_dentry_open+0x596/0x1530 [ 450.222265][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.227934][ C0] vfs_open+0x82/0x3f0 [ 450.232021][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.237682][ C0] path_openat+0x1de4/0x2cb0 [ 450.242324][ C0] ? __pfx_path_openat+0x10/0x10 [ 450.247302][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 450.252288][ C0] do_filp_open+0x20b/0x470 [ 450.256832][ C0] ? __pfx_do_filp_open+0x10/0x10 [ 450.261931][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.267587][ C0] ? alloc_fd+0x471/0x7d0 [ 450.271977][ C0] do_sys_openat2+0x11b/0x1d0 [ 450.276687][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 450.281938][ C0] __x64_sys_openat+0x174/0x210 [ 450.286827][ C0] ? __pfx___x64_sys_openat+0x10/0x10 [ 450.292249][ C0] do_syscall_64+0xcd/0xfa0 [ 450.296798][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.302787][ C0] RIP: 0033:0x7fd7e3915c3a [ 450.307208][ C0] RSP: 002b:00007ffdebe78ce8 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 450.315640][ C0] RAX: ffffffffffffffda RBX: 000055afa59a0810 RCX: 00007fd7e3915c3a [ 450.323626][ C0] RDX: 0000000000090800 RSI: 000055afa5984d30 RDI: 00000000ffffff9c [ 450.331613][ C0] RBP: 000055afa5984d30 R08: 0000000000000000 R09: 0000000000000001 [ 450.339682][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 000055afa597e370 [ 450.347661][ C0] R13: 00000000000000fd R14: 000055af6f47cbe0 R15: 00007ffdebe78ff0 [ 450.355777][ C0] [ 450.358798][ C0] rcu: rcu_preempt kthread starved for 10449 jiffies! g28069 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 450.370105][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 450.380171][ C0] rcu: RCU grace-period kthread stack dump: [ 450.386058][ C0] task:rcu_preempt state:R running task stack:28472 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 450.399830][ C0] Call Trace: [ 450.403112][ C0] [ 450.406064][ C0] __schedule+0x1190/0x5de0 [ 450.410613][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.416364][ C0] ? __lock_acquire+0x622/0x1c90 [ 450.421344][ C0] ? __pfx___schedule+0x10/0x10 [ 450.426226][ C0] ? find_held_lock+0x2b/0x80 [ 450.431016][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.436697][ C0] schedule+0xe7/0x3a0 [ 450.440797][ C0] schedule_timeout+0x123/0x290 [ 450.445788][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 450.451183][ C0] ? __pfx_process_timeout+0x10/0x10 [ 450.456677][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.462338][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 450.468341][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.474004][ C0] ? prepare_to_swait_event+0xf5/0x480 [ 450.479696][ C0] rcu_gp_fqs_loop+0x1ea/0xaf0 [ 450.484478][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.490135][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 450.495455][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 450.500766][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 450.505712][ C0] ? rcu_gp_cleanup+0x7c1/0xd90 [ 450.510581][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 450.516421][ C0] rcu_gp_kthread+0x26d/0x380 [ 450.521113][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 450.526320][ C0] ? rcu_is_watching+0x12/0xc0 [ 450.531202][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 450.536425][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.542169][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.547820][ C0] ? __kthread_parkme+0x19e/0x250 [ 450.552995][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 450.558228][ C0] kthread+0x3c5/0x780 [ 450.562330][ C0] ? __pfx_kthread+0x10/0x10 [ 450.566937][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.572594][ C0] ? rcu_is_watching+0x12/0xc0 [ 450.577565][ C0] ? __pfx_kthread+0x10/0x10 [ 450.582180][ C0] ret_from_fork+0x675/0x7d0 [ 450.586782][ C0] ? __pfx_kthread+0x10/0x10 [ 450.591386][ C0] ret_from_fork_asm+0x1a/0x30 [ 450.596201][ C0] [ 450.599215][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 450.605566][ C0] CPU: 0 UID: 0 PID: 7017 Comm: kworker/u8:43 Not tainted syzkaller #0 PREEMPT(full) [ 450.615146][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 450.625227][ C0] Workqueue: events_unbound toggle_allocation_gate [ 450.631878][ C0] RIP: 0010:smp_call_function_many_cond+0xe02/0x1600 [ 450.638605][ C0] Code: 10 4c 89 74 24 10 49 89 d5 48 89 d5 48 89 54 24 18 49 c1 ed 03 83 e5 07 4d 01 e5 83 c5 03 e8 75 0d 0c 00 f3 90 41 0f b6 45 00 <40> 38 c5 7c 08 84 c0 0f 85 e0 05 00 00 8b 43 08 31 ff 83 e0 01 41 [ 450.658325][ C0] RSP: 0018:ffffc900035ef878 EFLAGS: 00000293 [ 450.664415][ C0] RAX: 0000000000000000 RBX: ffff8880b8540460 RCX: ffffffff81b0da31 [ 450.672416][ C0] RDX: ffff88802b2e5ac0 RSI: ffffffff81b0da0b RDI: 0000000000000005 [ 450.680836][ C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000 [ 450.688836][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 450.696927][ C0] R13: ffffed10170a808d R14: 0000000000000001 R15: 0000000000000001 [ 450.704923][ C0] FS: 0000000000000000(0000) GS:ffff888124a07000(0000) knlGS:0000000000000000 [ 450.713875][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 450.720560][ C0] CR2: 00007f9ad69156c0 CR3: 000000000e182000 CR4: 0000000000350ef0 [ 450.728635][ C0] Call Trace: [ 450.731940][ C0] [ 450.734906][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 450.739977][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 450.746354][ C0] ? __pfx___text_poke+0x10/0x10 [ 450.751317][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 450.756886][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 450.762091][ C0] ? __kmalloc_node_track_caller_noprof+0xf4/0x8a0 [ 450.768902][ C0] smp_text_poke_batch_finish+0x27b/0xdb0 [ 450.774765][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 450.780119][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 450.786595][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.792259][ C0] ? arch_jump_label_transform_queue+0xc0/0x120 [ 450.798889][ C0] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 450.805006][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 450.811112][ C0] jump_label_update+0x376/0x550 [ 450.816251][ C0] static_key_enable_cpuslocked+0x1b7/0x270 [ 450.822258][ C0] static_key_enable+0x1a/0x20 [ 450.827485][ C0] toggle_allocation_gate+0xfa/0x280 [ 450.832902][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 450.839026][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.844868][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 450.850289][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.855946][ C0] process_one_work+0x9cf/0x1b70 [ 450.861042][ C0] ? __pfx_process_one_work+0x10/0x10 [ 450.866439][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.872190][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.877939][ C0] ? assign_work+0x1a0/0x250 [ 450.882745][ C0] worker_thread+0x6c8/0xf10 [ 450.887475][ C0] ? __pfx_worker_thread+0x10/0x10 [ 450.892703][ C0] kthread+0x3c5/0x780 [ 450.896797][ C0] ? __pfx_kthread+0x10/0x10 [ 450.901499][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.907155][ C0] ? rcu_is_watching+0x12/0xc0 [ 450.911939][ C0] ? __pfx_kthread+0x10/0x10 [ 450.916550][ C0] ret_from_fork+0x675/0x7d0 [ 450.921164][ C0] ? __pfx_kthread+0x10/0x10 [ 450.925781][ C0] ret_from_fork_asm+0x1a/0x30 [ 450.930607][ C0] [ 577.394626][ C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 233s! [ 577.404730][ C0] Showing busy workqueues and worker pools: [ 577.411111][ C0] workqueue events: flags=0x100 [ 577.416084][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=18 refcnt=19 [ 577.416163][ C0] in-flight: 5909:bpf_prog_free_deferred [ 577.416240][ C0] pending: 2*nsim_dev_hwstats_traffic_work, 3*ovs_dp_masks_rebalance, 3*psi_avgs_work, vmstat_shepherd, ovs_dp_masks_rebalance, ima_keys_handler, switchdev_deferred_process_work, 5*rht_deferred_worker [ 577.416571][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=5 refcnt=6 [ 577.416639][ C0] pending: 5*nsim_dev_hwstats_traffic_work [ 577.416723][ C0] workqueue events_highpri: flags=0x110 [ 577.469305][ C0] pwq 3: cpus=0 node=0 flags=0x0 nice=-20 active=1 refcnt=2 [ 577.469382][ C0] pending: fill_page_cache_func [ 577.469438][ C0] workqueue events_long: flags=0x100 [ 577.487770][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=14 refcnt=15 [ 577.487846][ C0] pending: 5*defense_work_handler, 4*br_multicast_gc_work, br_fdb_cleanup, br_multicast_gc_work, br_fdb_cleanup, br_multicast_gc_work, br_fdb_cleanup [ 577.488106][ C0] workqueue events_unbound: flags=0x2 [ 577.517326][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=12 refcnt=13 [ 577.517406][ C0] in-flight: 6691:cfg80211_wiphy_work cfg80211_wiphy_work ,7017:toggle_allocation_gate [ 577.517589][ C0] pending: 9*cfg80211_wiphy_work [ 577.517662][ C0] workqueue events_unbound: flags=0x2 [ 577.545463][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=16 refcnt=17 [ 577.545528][ C0] in-flight: 6668:linkwatch_event [ 577.545604][ C0] pending: 7*nsim_dev_trap_report_work, 5*macvlan_process_broadcast, 3*idle_cull_fn [ 577.545755][ C0] workqueue events_power_efficient: flags=0x180 [ 577.574415][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=5 refcnt=6 [ 577.574500][ C0] pending: neigh_managed_work, gc_worker, neigh_periodic_work, 2*check_lifetime [ 577.574676][ C0] workqueue kvfree_rcu_reclaim: flags=0xa [ 577.597367][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2 [ 577.597444][ C0] pending: kfree_rcu_monitor [ 577.597509][ C0] workqueue mm_percpu_wq: flags=0x8 [ 577.614516][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.614599][ C0] pending: vmstat_update [ 577.614667][ C0] workqueue writeback: flags=0x4a [ 577.631935][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2 [ 577.632008][ C0] pending: wb_workfn [ 577.632544][ C0] workqueue mld: flags=0x40108 [ 577.648568][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.648649][ C0] pending: mld_ifc_work [ 577.648725][ C0] workqueue ipv6_addrconf: flags=0x6000a [ 577.666314][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=10 [ 577.666393][ C0] pending: addrconf_verify_work [ 577.666459][ C0] inactive: 6*addrconf_verify_work [ 577.666521][ C0] workqueue krxrpcd: flags=0x2001a [ 577.689802][ C0] pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4 [ 577.689880][ C0] pending: rxrpc_peer_keepalive_worker [ 577.689983][ C0] workqueue bat_events: flags=0x6000a [ 577.709096][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=37 [ 577.709170][ C0] pending: batadv_iv_send_outstanding_bat_ogm_packet [ 577.709238][ C0] inactive: 4*batadv_purge_orig, 2*batadv_iv_send_outstanding_bat_ogm_packet, 2*batadv_purge_orig, 15*batadv_iv_send_outstanding_bat_ogm_packet, 6*batadv_mcast_mla_update, batadv_tt_purge, 2*batadv_bla_periodic_work, batadv_dat_purge [ 577.709690][ C0] workqueue wg-kex-wg0: flags=0x6 [ 577.752212][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3 [ 577.752293][ C0] pending: 2*wg_packet_handshake_send_worker [ 577.752379][ C0] workqueue wg-kex-wg1: flags=0x6 [ 577.770867][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3 [ 577.770948][ C0] pending: 2*wg_packet_handshake_send_worker [ 577.771035][ C0] workqueue wg-kex-wg2: flags=0x6 [ 577.789384][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3 [ 577.789458][ C0] pending: 2*wg_packet_handshake_send_worker [ 577.789572][ C0] workqueue wg-kex-wg0: flags=0x6 [ 577.807840][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2 [ 577.807917][ C0] pending: wg_packet_handshake_send_worker [ 577.807986][ C0] workqueue wg-crypt-wg0: flags=0x128 [ 577.827147][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.827233][ C0] pending: wg_packet_encrypt_worker [ 577.827299][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.827371][ C0] pending: wg_packet_encrypt_worker [ 577.827422][ C0] workqueue wg-kex-wg1: flags=0x6 [ 577.858451][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2 [ 577.858533][ C0] pending: wg_packet_handshake_send_worker [ 577.858596][ C0] workqueue wg-crypt-wg1: flags=0x128 [ 577.877000][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.877086][ C0] pending: wg_packet_encrypt_worker [ 577.877148][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.877219][ C0] pending: wg_packet_encrypt_worker [ 577.877271][ C0] workqueue wg-kex-wg2: flags=0x6 [ 577.908288][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2 [ 577.908364][ C0] pending: wg_packet_handshake_send_worker [ 577.908430][ C0] workqueue wg-crypt-wg2: flags=0x128 [ 577.926957][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.927046][ C0] pending: wg_packet_encrypt_worker [ 577.927110][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.927266][ C0] pending: wg_packet_encrypt_worker [ 577.927319][ C0] workqueue wg-crypt-wg0: flags=0x128 [ 577.958874][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.958964][ C0] pending: wg_packet_encrypt_worker [ 577.959029][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.959100][ C0] pending: wg_packet_encrypt_worker [ 577.959152][ C0] workqueue wg-crypt-wg1: flags=0x128 [ 577.990338][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.990426][ C0] pending: wg_packet_encrypt_worker [ 577.990490][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 577.990558][ C0] pending: wg_packet_encrypt_worker [ 577.990611][ C0] workqueue wg-crypt-wg2: flags=0x128 [ 578.021768][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.021854][ C0] pending: wg_packet_encrypt_worker [ 578.021914][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.021988][ C0] pending: wg_packet_encrypt_worker [ 578.022054][ C0] workqueue wg-kex-wg0: flags=0x6 [ 578.053192][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3 [ 578.053269][ C0] pending: 2*wg_packet_handshake_send_worker [ 578.053355][ C0] workqueue wg-kex-wg1: flags=0x6 [ 578.071636][ C0] pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3 [ 578.071709][ C0] pending: 2*wg_packet_handshake_send_worker [ 578.071779][ C0] workqueue wg-crypt-wg1: flags=0x128 [ 578.090403][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.090490][ C0] pending: wg_packet_encrypt_worker [ 578.090553][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.090623][ C0] pending: wg_packet_encrypt_worker [ 578.090689][ C0] workqueue wg-crypt-wg2: flags=0x128 [ 578.122049][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.122130][ C0] pending: wg_packet_encrypt_worker [ 578.122275][ C0] workqueue wg-crypt-wg0: flags=0x128 [ 578.140868][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.140954][ C0] pending: wg_packet_encrypt_worker [ 578.141030][ C0] workqueue wg-crypt-wg1: flags=0x128 [ 578.159458][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.159542][ C0] pending: wg_packet_encrypt_worker [ 578.159603][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.159673][ C0] pending: wg_packet_encrypt_worker [ 578.159741][ C0] workqueue wg-crypt-wg2: flags=0x128 [ 578.191063][ C0] pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2 [ 578.191150][ C0] pending: wg_packet_encrypt_worker [ 578.191211][ C0] pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3 [ 578.191280][ C0] pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker [ 578.191392][ C0] pool 2: cpus=0 node=0 flags=0x0 nice=0 hung=234s workers=8 idle: 5922 10 5924 1206 5843 9 5995 [ 578.191616][ C0] pool 8: cpus=0-1 flags=0x4 nice=0 hung=234s workers=67 idle: 7015 13 7007 7039 6026 7025 7026 7001 6671 7042 7005 6685 1161 7037 6672 6689 6686 7044 6688 6680 7024 6684 7000 7029 57 7036 12 7023 7027 7014 6683 6682 6693 7035 7016 7033 7010 50 6667 7003 7019 6025 7022 7028 6677 75 6681 36 1149 7031 7034 7040 7041 7008 5974 6669 6024 6692 7030 7006 7009 7038 7002 7020 [ 578.192947][ C0] Showing backtraces of running workers in stalled CPU-bound worker pools: