last executing test programs: 11.680694752s ago: executing program 4 (id=1981): r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x7c, 0x5, 0x6, 0xdd5, 0x1, 0x4}) close(0xffffffffffffffff) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x1200008, &(0x7f0000000400)=ANY=[]) read$FUSE(r1, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000002c0)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x102080}}, 0x50) syz_fuse_handle_req(r1, &(0x7f00000061c0)="c0f61a5fb77193bea0c6599de09cf570067192ff7d5bf191681878eb121895cd4c4052feb0a5196b61ab6e28d35aec54bb2aee6802a27f50c4e8f36a2b1bb12d93dbcd320ed338fd1a8ed43a2dcb2bf11c773ae982800321c7dcd67fa8930472eee2990090cc2a92f3373d898573a2cd1712c18ea624e82422c96f0d8895bfc4541911ff3662cd28fd55d795d1a5f31c92defbed88d48db688f899fe88997b057ce3e898eaf9eb2e76a59c1d2c10610768b3296595221c2b063ca2aa664fa0a5456c4e2bcddc7f856e2e29ce1b8852997a4d24f918408bfa9969074de495dd4cc9591e48287d78a2b3e0de09b48eb5b6bf78c6afd134b09770c164000d1f300c92877afe8be5d381c38da3b5fb9bd540c2f43c7dd2ec8dcff2af3517ba839c827866d10608964445bdead091df1264f5591e91d2f31b2015dff1b3b7ff0a5dc8b15748278849ddf4389ca7112ec1ca45957e2809b3d763e336f7051ac4e832ec61d1b95b9266565293806933dd8e3b65eaa1b4fe7946056703426674379ccec7abff1c459b91248f3a1d9e8103ae395aa86dd4235a5c16d9bd12dcb1ea9565a7c3d58d247a51db6d9077ecf47152d0733d79a5c449480c40b1cf8e115df4de3404b73ad06ac4c0d03f3b51d1b89b05ded082a5db1f5fbd8d351015b93862b2cc0995fb318609237e404e8d78d8982af761c27ad1fbc8f4693194c5e6b99edcb7a6e9dd261a386d8ed4420a7c12cbdcc86ab19f4e7a6c0c9b80fa3f0549ae57b38a93f669a87584b81e56211b34263db87c2d244e422878aa93e2c24260c71d06f75da33079b48b7072859669c128ba03d1487336a4a04167f2a3fa928d002c8b3cafdedf7a479604aa8f94e6b7ba58395df3d136b783f7be6b0b6b7b4b735c88a53da064a493b16713726b39ce23f08af19a671fe81be1e9772d87ca9cb5dccc35759fe3f7935a3167924d0a7d1586821ffebe0fa57e72a24967f7958875c4bf56d779369074db0077ee58138400c2f646c645e0f453e9e39aaf48da67775f59f8e282db3dec88bbe20ca6e65e2c7e44ab0583840513bfab76d94d1512549ea6db4a5a64cbe6f76b0ecdb2f1f71aa6446bcf4f7249366474cb77ed70ccb2702134b9dc6c2bfaf27ac9a9c85b8d9c48d100ae8c0eaa34701d2125a405b1117307119b754ccbbbcb2c8b71eb76d1157ddc7fbe0c75652a4cfc31d785a489f2344d8b4c47ff1b772104f49658f62d6241ef7f782db0cc071788b3dfa74e69533cd0a02ffadacdfbc8b5a83b9d4b8db068b5a7370f947fc4a99158c6296a442beba2e23ac1ef68c50f19851f3fb68b67fb714a5e7e53bb5a7690286cac12f2b002e854d8595075fbd00622b29bd423c3dbaf600ad6f37c96dcde43de6290b053c76df5620ce17118e2230039304c88a0d207c7cd05dd3854c545cdbebe907cc4d3411a382afed5e080502363cebe68e2c8dc1f800ea4add827a83a9cdf0fe6d54eabfca5a0ba370a06a4af1c49a60cd19141a4d994fbcce888278ade6300bd40685267fcdf1317cdb3b06cae9e7d9edb08d5c98b6d7115c025fcc05058a515adcc23c65ce526aed3b8203f3c54986f65ba9ffe2a9bc26b2813a1fe339ba2a58515cb8375e2d62550bf35dfd4fbdb75a70bb9fdc47d3d0346a65b986b7efd12aab760124b6888480b341b16ef2fea93fe2fbdeb55706690aa2c02bd80b1ccb7b8f23720283df89b515e2020bc5364cc4aea5fdc250f10d46db93c128e2de7477f4c80ec016f7a872efdef50ae1730b3a1deb8085d82f4fd53015a518803cd02646c087d67b0fd7092852dd81ac93ca60346f23fd847cf7c4883cab81af956342da21fb399b69e1988d89f9693b0630fa8cc95714285940d20eda153f8f7b01e6b2b892327b5d1e754a36a3430c5c22c3b841357eb80e526d7792a8ab9c4b1d23d82e31f23ef38580c2b33ca72424fbfbbf237f315cf2e5d134783982cad204be087ef58da96c6bc5da2dc4bc78f293eed56157a10848c0a956de15b83daacede9ae1c54731149f9ce7231cd84e14f128f87361e1fc0cdb2940766f39c93b9ddc74bba0a32548cddb1ae20981576de2ef8a772b04ed90900b2da11ffc70bbdb7091b8b8ed600dc0c9d236277afd9bb97b035f3b8fc95ef3f30c056b67a195c5c9f44c0f2ca4debba0d6d8779903e8e34fdd6b766fbba6b57e722ad9a852dbbeca8eb9acb9929bdcb4d4fa57d54ef1c1a0fdc032a898d3334f5671c7df82361b7d616c1f87e23f7adf043edda83458051f073f2562904ed25ad9a7129f3c14286007c9e4c81ea56c6a7289d8e58782d949a19a2642dc89d107fb465d0a98128250e66eedd93cf063963b7f7a0e1d3b9f1dd212cc9edd662af45852dbbaec84c69a640be115a239b5abd46d990fa007988f6be78a8c1e426091ecb33822529f7fddfb34d9304466ea06bb546a34735021e98674ae4a5f5c0b4f153ad5434b81c6343c42ae79224fe5abfe8b9e6fba38164c3c318500c130323b2f9bbcdf6aceb664e10483e2084defa744cd745e565ac5a8b5c30166330dd95e70f2a072a5cf5462635f7e0a4f455bcb607426aede9fa06d708c7c0daaafe2b84896134ab3b379c6690c9049903156232e5b7ca9529d602968f1e1f7a73214aaf4a9575dd5147e5bef8f05907267580abdb728cf32f6845cdf3bc779451669e4972e0b787afac5a36bacc3c1bcce125e91e4bf9810d91d1f1a3d8316328dd2626040af09892f1241c6645537ebfbeb752afba5e8171f487edba97aa92404973d4e8d09254abd2b70bdadd9b98fa3c33355295a5c474e9b2f017a6636233a382e8ef4e73506880e2a588bf257b6bb11e57cd9e75e45ef609ba583f3a6b1f2f94c7a0443dc0a8906a13e0188b61550cd296e4c63faf45bf7aed852f68ffed377302da3f73d89e4274a64667636bf00e8e4408a8407e098aeeed98e545b9aef40896c8070a76aaa0042162979ec0b7b69b4ee701100d66d3e7d25a48c59989424522889b32e4f18676475782e86d652d2eb836c326b46b8544bb755eeb14727e5ca25875f7b9ae1c113068be55a1521cb4edefef34a7a4cabc3639e456c94f01d78c059c441ce2c468e7b39b56555ad5cd6a14df8e3518e4e1970fbd6f586ce46c51c4d9ad20c3f7f5048c071994e807f19b7176290a82406dd0ad3f0b64350bbce79b223f27ed99f819def43a33696c0739e09030460a5a5d04d251adfbde1af7a485894d3d30c79d49796a9a5e077aeddba1303f3e3a3187298c88da70885e2a9dc966eb69a6439e2d3b1934ae6e8ea328497d87a9dbbddbdbf12b0c582ca4ffe1f25cdcf89a6ccdb31880776ab808b4f050ae02adf70f64c73ab2a3b1c4da69950ab4f7bcf9cc22f81b99694a7783b792facd8197904c12d3776de5184afa143ee23eee82aab2ac79b25503e0692f3463e5c363e0b4b5f31af82898009f7da13d4f249a70de40314c003e7e59dfb233bc44d0316df3e45af806d216ca76a58417ff8abcdf7cfea2da8868c496cdec8f47c451ccdc8908c5e8c1039b6bfa8751637c29fdd9b7dc76279dea5ad7455af4db3394a34cb9be8b9bf1105862108f920c44d029c3372e77c44a25d06cba956da65ee40abe32b8b557e123fddaa87b4ed5ab3485eb11f13c61072720d4adbb937c336f2b60525933b6d49e7c6751f0769377bdcef02abe63639b17a6780a4afccc8067403aeea42726f253ec97994dcf55358e6faa3e622344dfc613f8be96714d5c49633d7b74b9a72883985782ea8691d26da620d905f3583adbd9d527d93f1ce623bcf70d98a0455ff80fb1d472c6fc6bf0390e81b8d755b196e94fb73bcc883f5f310043c5138c95c5d7079c24d5bc5876b422f46a2bb17aee407bf7a55dbbdb253e2865c1b91839737c37142a8fe8bdbc0a7bf89a392da717a5ed87af754052b1d0a1a37313b00cf3b4aad91ce7fa7777b1851121a63e374865b238ddf9a7ebd20641a719c68682b97e3c5126e732800c04cdb627bd415efbb7e5e19917bf4bd53f072b7ec2eaa0128b56e069a32e9f729718fa4a7212ab0fd1e5d3582a5723a704d84a88c235b44812849301ee8155cea471028beea1918cb1f4118728718674cca9dcc58bafcdb9379c57e9333ab348b30a801aa2f5c05c3107e52613cf0f591781ddb5e1e4844633057a26bb3179c31b5664db4bb8c6d762c7b9886317ab6e9e301de67f12085547ad2a20d1d63d361c2bcd66be2e25fe104f8b53b7cf89d90d456f063da31f60078b760ce340f9c9a8e8da113b6c6e3c53e666488d75ab209dbe31ecb531553f17446a29edc465ed22aee2d4c013ee8a4d935c0cd92bcba9e5a56a6c19ac114d12db58bcf5f931a7b282404af34fee464f4c28e16dab834de98dd57b107e45fa66b26c32fd94e848aef6e4a2a65fd4fbead1b1d445d6c343bf50d785e664220371e27566646e284c6a3b07c14c0c5b84b5cd1a01a84d655f8dd72ab8e3d0c48e67596f605cd4a50b5fde9b182792d7ee8ee457eb6666aadea80563b4d176933cc482f75cb98a8dde4a414041187cfb2abe3e5077f23c98bafd0afb8b023e0cb26efc1488dd98a51a19dc93412b5fd91c4e06439b6d2d20a174989f860de6b1be55923a11e5893d30fae74a625f777ef9362e64b529c964b5c0b5817a579a647ded28582c45f965e52e1f76084267c73f8fce8037b22c2496ee6674f56056d9c691eab831c831a27fccd90f961e949a51c90a80b677d11e70d01744f9632cc26b7e6476b8c92a688ec8e1280ea8b795eae7ee61e2735045b9ea516af752b35388a6c3ed98cfbc4e74c8d0717dc31eac87b6a9c06f0d4f412e8e1155ce48cec6d9c106f3013329596a2d43ffe7f942cb7b7449f38620a8a9e5138b5d5d03c8a563446e4dfb1905d841f7a350d6c67d85652297db21b3dd3291b795c90276ccc50eaf513f3ff9480b3d2c0096e92c93cbbea680833cfa630d72c4f5a21ef0f81910b8a5ef77d62175d3abf5b3417cce43e3c53bb84ee1f5e354b2d79c2b46e3bdb2ffb15420e7a28c800c2591cd331d71c645a6b1bc43f06703164c05f61b4abc0fecbaee510def6340c2bbcc32248655e9161c3e6f01520bb0c53be04c3a3ef4a2dc401663f6719ac758aa297f65d1681652e4ad042d754b054df9cede3ffef7ad2f52184ea6d93d6867cc262b0a413da11c02d0c7c49a663319333d8b29d56cbf630e66b6683ff7f3b1ce5c481d37151626eae761adb77642f802bf0f663f3c322ee17cf01a09f058dbf82d04bdd7c48f34f54392d1dd489891ce28373ae980f74897fe3f90db2a9ccdbe56160fd2517adbc953e88c5fa8981456b87ab9f122321816e0df119f6f6c505f0dcab1c8e6a7f4109055dd80001dd90ea984b80f0b0766bd9772d96ed42d95f219b4a8420d7cf04f28475d7f5d8a8a07b0930c40d0dfc2592f8f54e90a80e0a98d3055f4660b1530565c7f2d91d7d96142da19d644aa7c512e24f83e8305970f9d3fc3b9382ad141f63f2d5b265b7cda258119ca4f553fab11f2fd925a7a24c4021045073d867bb089ca7bcb702bcedbc28781e408cf8bd43498f8661a320d28c95c1fc42635c9e4c4de8787afc70bf5c8bf75e0a2937a9ca2b08c15453f24211168c7fb2a24218fc3f04160c2daaa46ef7fb710606a53228e134f20511169034cec55e77037a108060b8fd10ab9ae228d9ee4d5ab1380cfcb8611e6c9d5dc143db2bc856d967b0b9d0187ba8483f7adbd1092562b2b16420baa5ab6c1f7c02ae56f013e752d9f41df4b4f0b008bc25ff58f816e50bdce308e219068bc898a21f1dd26d7fe7760459629f3615bcf7582c87d296f041fb005a72c7ef4013ccd8ca3bea85db90ae6349f101adb9235dd343be423816b37db2661dde2b9db33800da7599e8a9194fcf06755e2659670c62aba1d5a01172a416a0296bade0b32e69b0ee60dd6cd1eecca4335eb0416df6ded75049a14660276df47bb4f224e087235742e90ddf6f57827a0cf26d71b9338f2ff5166bea85a7639de6ac97ec829a7d071fac1f4b27c6c23e952adb5536b45a68e75c1c1a6d44508be6f4b87c5bb880a6baad5faecd1fd6730783d8729c2d89b23a3f2f9b79b78f7fcb70a7812607b25b17ae857e65f205ad5dd87a34e52c6e9611f588236bdc59d816f277aa8cd4a19750461d3e82c8621181b803900d1df439babcf4909168d4125a7c962ceac2f834d79460f17f92f415a85ad7e12da4b76105bceb4641fc87da7797fee092828f6e9e42631fd5c87046ebe5c4044663a31a1b39a6f6a53ee2b7fbc3eede57619535b1011c10d2d5a97c781c44bb6e493287528bc5281496f1aee3c746e09aeef0b2d38bdd33e37446c1f7516767ecbe298b78ef8e03336a08a1a9e62805140573b034459a445240aff04593539aa97056957f3dec9c43e50a1bce1b9c8e860940e03ae39e8f76fb80ae746f7fa4ed0b050c9e08a788e666e9f18bc8e83c64ee3ea04eb9f1c1dd92b3be73d18cc53bca76ba4688b48c13982ae6d25fdd9b5b85612d5b706c9b9d7c6cca91141313356f0d7b859da0de669fb52a829014a0fdde51df658303ce085222a42ad624ee6c659ec94e0d0713b2d3c3becb53c6f76d30530e6129943e20361a7c9f7847f79cb871d866b5277eecc8c1626fe2719c9cf872c0fc78a98e6ca998555721e9abd5bf9e2d1848016e0bd3202c44575c688837136e71e85765d677e0f2b081707a4e7e22bef50b9280a1a5ea549022ef2a9fed989f156198975302608dffd03f8f1186a12585d4670ce868f0c96be37416b9132144f65c9abe8b00894d7a7e6d0a8554e09139ec2a0eb6d4f00c637684602c106257f5abe816e068e0f6f3e94a916ff41e23b6baa4876931209a6b0bce1f6fa8d1965665d3dc42e5c6b011bdb5144fa5fe4879779ac9dffe0843cf49806ecbb615b818e54c6dfe4d12ccae5b12b0ce87909c1e852e8d7587d1ee24c2575af61eb0b667c37b6d15b88121974598ac23cbc66503f95cf01a7a1e217f0712c4cc4e5fc22e83e3aa375eda531a73828eba91223d7de1194af730bbf2c1ed5ec47ecdf465b1794971010ff8c8771c488a1d3f98292b5d2ea9625e52589aaf7212fcdddcc0f1681b785911fcc64a6427358e4307a3d8bc583dd635ba5c41eeae96e0b6bc5236a1f539d291e568d5a0aee25ffbaa73d0cb84bf558cbf6d04b16ef7e97617b42d07100d82fda6f75dcade611e459bdb4773bf2b70e90a8add2bfe6ea6d3a4427940fef6c81931762dbea6678fc63e50c4430227b15cf184dbae4c3b2d8096292c17f701c560ac7cb33efe7d79d0c2a3c0c06e22d4e84e9e959697879f0d27df460046fc20394655cfa19793256cd9074f1c5f8ef530af537164e0e43184f921d56094fa7c7744af35821a5833c9b9d56fcf525a39fc795cf33f14705d0c7087c081bf11ad29e4d6c8f6cbbb3a0d873262b89cfc54d4cec42c3e13a5ba604df942bf8b4eef7cdae1c0e2970edb7ea6437618e6f8312a745ca8bbf0c42df103f42c824ab4e77e8b118e2b9a84568ed3d4aa3800011d02be29c032192719635a1c6c28315b27368f6ffe852bbd661c351cbfbf97b1b36d52371a4ce57e5eb6e4b13cd01b022de1770a5b1cab0fe548092a16e04de76fb8d29d69a1c55f8aa11b34bd6f018d283a9a7c0338b8c1900e21c0054616ade6b56d0fe3379f1a8dec38b85fa8e74e9bb5df4287d037f77bad30de89ea87b03d40c3a1618db1073c07032f6d22f8a264cbf0c1113689308a2fcd7299603a64f884cb03f8c5f0e61e4981d2baac3d50975cb917b815efe2f7eda88f1cef1f34997f0819a92051c1d9eac3ef05de25a2b4d5f65619b4ea377180c541f2afbfa5c8fdae59f8e3a7635d2b30c4c759c32e570b8d9ec03b4aab65503e81e545dd41f593615cfedcf009424ae4854de3a9111115cb254608bc2666b18c85698ac193a9799f1a1f6098288b42dd2684db37e0d3b023ac9b417263b1566acd6d951df147e83db8e909b39bb6a1aa3fcc1c1a20795521b84e0884254b2524ebf0321e5709e7a79f2d62309247b7b24ec71553a9ab9daccacac1a8bd6019b7703c0ed468379640ac6e764ededb2fefaa2f88e15fc97ec6f16007f540cd7a57c7726f4aa9ff6640cc7f5d71a6c12048f98a9071ffd594f17e42e7336ab6d0fd429328df1238e5eb4ebe4f9d8ef01fbcfe8f53eb3f6defd4c7cb40b3772ea2f2130b655d2ad3643977cafa991bbc6aa2aaa2879a3c2d1dace3ec034beb3d06f0a09429b3fd1ac06870dde4ab97b7d5d7ff1394577a6bea7a3a53ca883a16c98d574ddad00de5dfe9f75369be7686a4badf44f4d9b110846b6ffca67f63973186433f6bc3691b580cdc689c159064c55a974fb849f56fd2f9cbe4738e0a1a8a764467dc1d3723278ee1ea573fad98a5318104218d359d89579614592fa6ae7cc4720e6ed71706fdc4c707b03ff77454daf4505700f249aea0abc909763416d44a069a6d605118ac0c20a325577fe1d8af053673fc72e489d24405281f01b4e2e05e4fa14e68a53294e4b5d201c146ff994cfb7a776ad80828732ee647092c20fe46d917142880318136557c47ff7e31d26f35f407c1e6d4254aae442b233b89dd4c0adcfc92b0f821a5a9dce95a24bed9bb5cd17a5b59d3e82086cdd7a3755064e4de22d8f0f973f4235aa58c6214dab89325638d94d3dc25f3ac4d912ff74be6ad8ef49aa2becede5453a409cc8ed8065dacf28a1a7498f6dd07a3478af093574fdd2d0a4f98d12fe898e47cd0550f1fc42810ed2e4cfe5cc4faa67d965f252aab1bd5c536bf2c936706bc71aae98b93494d364faac72a9a60188a23f15ddf1238896e4848da876789b57ca53cd5b1041612a49de9a64a545a39375aa2a516c4af4744daf65a9c28ffb635ba56b96731b763934afa0651fd6fb65e9f71eb0e6fd54bcfd2bf0118b486e97db512290bdb1dcfca76ed974722e13e5acd0569d5f944de70adf728379094981ffaec43848367ec8cdcc227b266649ced47a03b22016ce42be3a33135229670244cc7b3325ee448c95236d0de4bbf641e1cbb0516edb3f8829e60f91d43f0fe45595d8a99e699252930c7b05ba2ba679f8f46c38f789a7750ffa4eaed19c4c1a33aff60c8926ae42497662a130b83b3211e9399e2565d9f082ec30e26e5b02ea91cf43b0a046f9fe596e5bb2a9c800d761008dc7fced2a510af6b02d3f702fc3e1a98c6a87661f0d353b81bc4435c0d4376cfc74c057bf23febb101252c4eb168d4e347e697c8d0c48a687fb2224d58e5dc68c38de930164aba51e7cb19051fe64603c6b602c02c5cc22c6da1c47d906fa1cbf67312658b201b8f89a377d61695daaeee18eb2fb8caf38280fa8b95cca721afdf33d2c3092af57204bca72c46aeae9e9fc46f0ce76b96bbbb59a8517cb72d68f8b189280b6ce1e2686204913bac1d9aecd77623b7f05475352e57f245197894d767e5f17611bbf1bfe2015c9750e9b3f5ad4ad57be1ac4988c30d90829946b05fc5bd709dbd2590da2e3666294f83336e52758bc12c9d02af342a91fdcfc9144021a783643a9845a4898ee03417329ee0e2dd7bd53f3b23f3f9a10ea643b91b3c2df8438efb22fc894bbcdc408a13dbded7002d9cef6e38bf6dfa16f52f0f24087281a3ae95fb4995131938f9ca80c5f466c7367665e5717c823b318f43e7a3e2e8fe9c2e74959ca3d53b79fa45ac778d0a99351a1919b1c9ddfda10d61487fc5a2b8227493b14e2ea9fa41db870deb1700eb46665424fbc3f21c5d7ad61089ad0f99aadcca2a97d46fd091cf21d95674c3cf48f2724a89299b5342ebf8b18770e61c449455f77cacc5b2e0123005cc296acfc28e42e3d3b426469e39def114d6071a3f015f94dd8eab597dc4cf6109f2aeba0639ffe3f66f15ddaa74460a884a5c067e1e6f8d961ff32518e7571d53ae36badcaca50258a15743e67fb35e062e697d44ccd4e416010dbe62a1d13319d3ce88dc7826514d0f84cf7ffd5f1dbdbe3534af35bba26c5f951e18b012234a3e1cd22199358ba66421a326af09d36d45c3497c4725c0e8557395376fa9dcbe4c595aef7f822cb160e72138cd610563c382769b64f5da2ae6f62cbf09d24490565d7b88f6fefc30f050e74327b7efc168f040f18110a61cc6ecf73c43c0e9e73fafcfc6079ee68839a8ed710160fdcfd987394a790e01c42c916169e8c6a7af905c15d51f87e88877386b8f8743efe4fffc2dc8fd73b4e8905b428d4cd87d90e93513f19a981b5037370cd634f23859cb7bd6b5632bd25c6873b7195691e0f76fb07fce6e72d4b2b467e57a325febf4bb842820fe6896b23aa2a3eb37697753a3693ee936692e6cd91eae410bf89192df913f2689adc73b7b35eaf8bf80928c0023b105cbd2be51a08a371be88926636bd590466c218b203fe311d73dd1a8b440133f1ebb8249b4e1f6723b7b18b508dc34acd9da927ea60d2dc361c2d14cd43ad3b0137ac32e8988d11d11de19065d02e8012a2ee24891541989d11da87de4383036b757769222af022e86803b64ccd03e4bfe3a9d3b8a5d6522d7b6ade88aca72bc436382cfcba22a426ecb21366d42588e9a68c0d61722617a4706852ef6e5eb42842d127f88dabcb8cd635d621a9082efe0cbb52fffb017c8cbf80e48ad1d8ac4c927bda50be7bbb6a302081951dd7c05142465ef8188774807ba482c155f7b56b663d24c4ad88140ddba388e4d6abda83048db46ad18328c63006d02844189a769167d94265148e06f3eca08dcd81691df655968de44c5931e62f5dcc4aa16b24ceb6e7a2c8783d9918a9be7c72dcd57fbf39f985ac29069241cbe3298d7651124f03bef8e2adcadb0c0e08efb096f72e5df2d3f8e2ea6f9cd2401533469e5099a6faa98acc2f73028eae115b3a771bc7ddd186ee7a634398e206ce9b1262b1dbb80575eac718eade048bc01ac1d410e21393dada6c1ced94c411fc19ccacdd175996501d66819b491fef65697f736ecc3a4c32f3675d1f90c8e4d44a1ba6048e77fa24d6998ad88da3cf5de223446d53dd72981c19d5915af69b9a7b9bdf35114ac1cee66b9f3f6df4b9a2d2c017d44443a28badca61b1e8db627d967827ebf32c8642b7de41508c15538b6cdf0284f1a94e8d9fcaa086236f11fb1689d57d500423a0c1d362a4fd57e5efa8858c237a0b58210b4df2b6f10fb01ff8b305cb69e65120c716970e1752cae51022a068b9ac2b7775ac415c56d31536c9f1eca654ec89d7ed00855b2d2564a74bf1a0a3b75cbeadad89fd4ce7e0a83a565c6d69077f026dd40ee186fb496d575c5f5d2f4f84e0efd6bca34f070b185903c7fcd6478f467b73687dee0b765477cc474cbe7f067d1f655efe1fac24a6cda9ed82dee343a36f5ce3894587937f31a14dff66e8384bb3c9adebb753f782570a894e09a38c096f523fbdfb7e0c09026fa023c8dc9e5822410d8343afd647a91130744017166a9b195996ee871eb284279fa725f7af7f853eb85bce100cfade5d458c4e166c839e4c1a86", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) pivot_root(0x0, &(0x7f00000000c0)='./file0\x00') r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x20000023896) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$TCSETSF(r5, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "7a58beca39ed2d5a99bbc4bff0ebd3e9bd5a8e"}) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='devices.list\x00', 0x0, 0x0) r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r8, 0xc0045520, &(0x7f0000000040)=""/112) fchdir(r0) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 11.114970756s ago: executing program 4 (id=1987): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0}) syz_io_uring_setup(0x6d0c, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000000c0), &(0x7f0000000140)) syz_io_uring_setup(0x1866, &(0x7f00000003c0), &(0x7f0000000040), &(0x7f0000000100)) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="02c8002d0029000100040d1300000000000409000000000000000000020200000a060300"], 0x32) capset(&(0x7f00000002c0)={0x19980330}, &(0x7f0000000300)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x5f, 0x0, 0x419}}}, 0x7) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfffffffb}) bind$alg(0xffffffffffffffff, 0x0, 0x0) eventfd(0xee) socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvlan0\x00'}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r2, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000900)={'filter\x00', 0x104, 0x4, 0x3f0, 0x1f8, 0x110, 0x1f8, 0x308, 0x308, 0x308, 0x7fffffe, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @broadcast, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'rose0\x00', 'ipvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @mac=@dev, @multicast1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x1, @time}) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0xc0a85320, &(0x7f0000000900)={{0x80}}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0xc08c5335, &(0x7f0000000180)) tkill(r1, 0x7) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f00003e4000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r3, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_buf(r4, 0x0, 0x10, &(0x7f0000000140)="170000000200020000ffbe8c5ee17688a2003c000202000afdff02a257fc5ad90a00bb6a880000d6c9db0000db00000200df0180060000ebfc0607bd0200100ac45761547a681f009cee4a5acba400001f02ec194a29efec199ee9b700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000003315d3bab0840024f0298e9e905390603000000007f71174ab498a30b3e5a0b47b63a6323ded2aa084cd36276a3afff00000000000000", 0xb8) 10.55808056s ago: executing program 2 (id=1990): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f00000006c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xbc}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 9.751881907s ago: executing program 3 (id=1992): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000a40)='i', 0x1}, {&(0x7f0000001200)="a68d4a0af973f288cfd1d0a139c2e9b3ae7bc4aba493b7d6c9ba81b97b3e00"/46, 0x2e}], 0x2}, 0x0) 9.533949827s ago: executing program 2 (id=1993): unshare(0x600) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000210c0), 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x4008af25, &(0x7f0000000140)) 9.351872519s ago: executing program 3 (id=1995): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_SEND_PRIO(r1, 0x6b, 0x3, &(0x7f0000000640), 0x4) 9.319615563s ago: executing program 4 (id=1997): syz_mount_image$jfs(&(0x7f0000005d00), &(0x7f0000005d40)='./file0\x00', 0x0, &(0x7f0000005d80), 0x1, 0x5ce8, &(0x7f0000005dc0)="$eJzs3U1vHVcZB/Dnvvj6pbSNKlSFiEWaQmkpzXsC5a0pCxawAAllTSLXrQIpoMQgWlnElReIFV8BNt2w6FfgA/QzID4AkWxWXVAGjX1OMh5f5zokvnPt8/tJzswz547vmfw9nns9M/cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/+uHPLvQi4sbv0oITEV+IQUQ/YrGuT0c9cy0/fhgRJ2O7OV6MiMF8RL3+9j/PR1yOiE+fi9jcWluuF188YD+unF+98/mPf/CPP/554+Qv3vn5x+32n37x0id/uhdx4idvfvL5vaez7QAAAFCKqqqqXnqbfyq9v+933SkAYCry8b9K8nK1Wq1Wq9XHr26qxrvXLCJivblO/ZrB6XgAOGLW47Ouu0CH5F+0YUQ803UngJnW67oDHIrNrbXlXsq31zwenN5pz9eC7Mp/vffg/o79ppO0rzGZ1s/XRgzihX36szilPsySnH+/nf+NnfZRetxh5z8t++U/2rn1qTg5/0E7/5bjk39/bP6lyvkPHyv/gfwBAAAAAGCG5b//n+j4/O/8k2/KgTzq/O/pKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/7y3MNl+30WW738ei/i2dbjgcKkm2WWuu4HAAAAAAAAAAAAAJRkuHMN7/VexFxEPLu0VFVV/dXUrh/Xk65/1JW+/VCyrn/JAwDAjk+fa93L34tYiIjr6bP+5paWlqpqYXGpWqoW5/Pr2dH8QrXYeF+bp/Wy+dEBXhAPR1X9zRYa6zVNer88qb39/ernGlWDA3RsOjoMHAAiYudotOmIdMxU1fPR9ascjgb7//Fj/+cguv45BQAAAA5fVVVVL32c96l0zr/fdacAgKnIx//2eQG1Wq1Wq9XHr26qxrvXLCJivblO/ZrBcPwAcMSsx2ddd4EOyb9ow4g42XUngJnW67oDHIrNrbXlXsq31zwepPHd87Ugu/Jf722vl9cfN52kfY3JtH6+NmIQL+zTnxen1IdZkvPvt/O/sdM+So877PynZb/86+080UF/upbzH7Tzbzk++ffH5l+qnP/wsfIfyB8AAAAAAGZY/vv/Ced/8yYDAAAAAAAAwJGzubW2nO97zef/vzzmce7/PJ5y/j35Fynn32/n37ogZ9CYv//2w/z/vbW2/PHqv76UpzOf/9xgVD/3XK8/GKZrfqq5d+NW3I6VOL/n8cNd7Rf2tM/tar84of3SnvZR3b6Y28/Gcvw6bsc7D9rnJ1wYtTChvZrQnvMf2P+LlPMfNr7q/JdSe681rd3/qL9nv29Oxz3Ptb/955W9e9f0bcTgwbY11dt3poP+bP+fPDOK395duXP29zdXV+9ciDTZtfRipMlTlvOfS185/1df3mnPv/eb++v9j0aPnf+s2Ijhvvm/3Jivt/e1KfetCzn/UfrK+ecj0Pj9/yjnv//+/3oH/QEAAAAAAAAAAAAAAIBHqapq+xbRaxFxNd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49f3VSN91aziIi/N9epXzP8Ydw3AwBm2X8j4p9dd4LOyL9g+fP+6ulXuu4MMFV3P/jwlzdv3165c7frngAAAAAAAAAA/688/ufpxvjP29cBtcaN3jX+69tx+siO/9kfDbbHOk8b9FI8evzvM/Ho8b+HE55vbkL7aEL7/IT2hQntY2/0aMj5v5QyzvmfShtW0vivr3bQn67l/M+ksZ5z/l9rPa6Zf/XXo5x/f1f+51bf/825ux98+Mat92++t/Leyq8unL96+dKVy5euXDn37q3bK+d3/u2wx4cr55/HvnYdaFly/jlz+Zcl5//VVMu/LDn/V1It/7Lk/PPrPfmXJeef3/vIvyw5/9dSLf+y5Py/nmr5lyXn/3qq5V+WnP83Ui3/suT830i1/MuS8z+bavmXJed/LtXyL0vOP5/hkn9Zcv75ygb5lyXnfzHV8i9Lzv9SquVflpz/5VTLvyw5/yupln9Zcv5XUy3/suT8v5lq+Zcl5/+tVMu/LDn/N1Mt/7Lk/L+davmXJef/nVTLvyw5/++mWv5lyfl/L9XyL0vO//upln9Zcv5vpVr+ZXn4+f9mzJgxk2e6/s0EAAAAAAAAAAAAALRN43LirrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO/cWI2d53w/83ZO9NgT8D2figG1OBhZ21ydwiMEkIX9KeqAkpE1Lahx7bZz4VO8up6KyKbQlClKR2gt60TSJ0ihSW4GqSE0lGiE1UnvXXDXiJmqlXPgCKgcllVIFtnpnnufxzOx63jVmYOZ9Pp8I/+ydd2aeeeeZ2f1u9B0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAVhs/PvOnQ0VRlP81/lhXFOeXf19T7C7/ubDj/V4hAAAAcK7eavz5dxemL+xewZVajvnXq/79u4uLi4vFF948+fafLy6mCzYUxcjqomhcFv3bL36+2HpM8EwxPjTc8u/hirsfqbh8tOLysYrLV1Vcvrri8vGKy5ecgCXWNH8f07ixaxt/Xdc8pcXFxVjjsmuXudYzQ6uHh+PvchqGGtdZHDtQHCoOFzPF1JLrDDX+VxSvbCzv694i3tdwy32tL4ri1E+f2hfXMBTO8bVF2501tD53b9xdbHjzp0/t+/bc61csNytPw5KVFsXmTeU6ny2K07+uKoaK1emcxHUOt6xz/TLrHGlb51DjeuXfO9d5aoXrjI97PKzzh13WuT587fFriqJYKM54TKdniuFibce9pvM93twR5W2UT+UHi9Gz2icbV7BPyuv85Jr2fdK5J+P53xjOyegZ1tD6dLzx5VVLzvs73Sflo+6HvVre9v3lnY6Pt/5qtW2vlsc8dd2Z98Cyz90yeyDt5ZY9sKlqDwyvGmnsgeHTa97Utgeml1xnuBhq3NfJ67rvgcm5I8cnZ5948pZDR/YenDk4c3R6ase2rdu3bd2+ffLAocMzU80/z+6UDpC1xXDag5vCe03cgzd0HNu6JRe/8e69Dsb75HVQPvbPXF8u6Pzh4gx7vDzm2c3n/jpI3/dbXgejLa+DZd9Tl3kdjK7gdVAec2rzyr5njrb8t9waevVeuK5lD7yf3w/L+3zoxjO/F64P63ruprP9fjiyZA/EhzUUXnvlV9LPe+O3h/OydF9cWV5w3qpifnbmxK2P752bOzFdhPGeuKjluercL2tbHlOxZL8Mn/V+2f23v7z+ymW+vi6cq/Gbuz9X5THbJro/V4139+XPZ9tXtxRhvMve6/O53Hez8nymLNHlfJbHPHvLuf8smHJJy/vfWNX738jYaPP9bySdjbG297+lT81IY2VFceqWlb3/jYX/3uv3v4v75P2vPFcP3dp9D5THPDd5tntgtOv73zVhDoX13BgSw3hL7n+7cflCc5u2PJeV+2Z0dCzsm9F4j+37ZuuS65S3Vt735ql3tm82X9P+XLX93FLDfVOeq7+Y6r5vymNenT7394418a8t7x2rqvbA2Miqcr1jaRM03+8W18Q9cGuxrzhWHC72p+uUz3J5XxNbVrYHVoX/3uv3jsv7ZA+U5+rFLd33QHnMD7a+uz87bQ5fSce0/OzU+fuFM2X+K0dP317naXu3M3+5zk9s6/67ofKY17edbc7ofp5uDl85b5nz1Pn6OdOe3l+8N+fp8rDOw9u7/26qPObiHSvcT7uLonht+rXG77vC73f/Yf4/vtv2e9/lfqf82vRr900+8KOzWT8AAO/c240/F1Y1f9Zs+X+sV/L//wMAAAADIeb+4TAT+R8AAABqI+b+kTAT+R8AAABqI+b+0TCTTPL/I7fvfOmtp4v0aYCLQbw8nob772weFzveC+HfGxZPK7/+sW+NvfSVp1d238NFUfzyvg8te/wjd8Z1NR2P6/xI+9eXuPzqFd3/ww+ePq718xNO7Wzefnw8K90Gsav8yuSWxu1ueGK6MV+9r2jMBxaee6Z5+81/x+NPbm0e/1fhQ0t2Hxhqu/7msJ5rw9wQPlPm/t2nz0M54/VeWn/Vv1z02dP3F683tOmCxsN88Q+btxs/I+qFi5rHx8d9pvX/81e/81J5/OPXLb/+p4eXX//JcLs/CfMXu5rHt57zr7Ss/4/D+uP9xevd+s3vL7v+ly9rHv9y2BdfD7Nz/Xf/2YffWu75ivez+47m9eL9T/3Ptsb14u3F2+9c//jT023no/P2X32zeTu7Hv3ZSOvx8evxfqKH72jf30Ph+W3rkRdF8Z0/KdrOc/HR5vX+qWP98faO37H8+m/uWOfxoasb1z/9eNa1Pa6v/c2WZR9vXM/uv1/X9nheuCecvzcnf1De7skHwn4Ml//vD5u31/lZpi/f0/5+E4//+rrm6zbe3mTH+l/oWP/C1eW5q17/vW821//yXavb1r/7k2E/3ducVes/+NcXtl3/G99uPh8nHps4emx2/tD+lrPa+jpePb5m7Xnnf+CCC8N7aee/9xybe2TmxIapDVNFsWEAPzKw1+v/Zpj/3RwL7/49NP3oZ8199/ynmt+3bvh5898vhK8/HJ7P+P3xa3851rZfO5/3hbua81zXf1NYx0pd9tX/unpFB578/Cvz//hHr3f+XBAfz/FLxhuP78WNlzYuG3q1eXnn+1WV/7yk/XX949GpxvxeOK+L4ZOZN13avL/O24+fTfL8p5uv3/iTXLx+0fF5IutG2h/Hua7/x+HnmO9f3v7+F/fH957u+DTndcVQuYSF8P5QLDQvj0fF8/38qUuXvb/4OTzFwhVns8wzmn1idvLwoaPzj0/OzczOTc4+8eSeI8fmj87taXx26Z4vVl3/9Ot7beP1vX9mx7ai8Wo/1hw99n6v//iD+/bfNnX9/pkDe+cPzD14fObEwX2zs/tm9s9ev/fAgZnHqq5/aP+u6S07t962ZeLgof27bt+5c+vOiUNHj5XLaC6qwo6pL00cPbGncZXZXdt2Tm/fvm1q4six/TO7bpuampivun7je9NEee1HJ07MHN47d+jIzMTsoSdndk3v3LFjS+WnPx45fmB2w+SJ+aOT87MzJyabj2XDXOPL5fe+quuTh9lj4f2uw1D46fxzN+9In49b+taXz3hTzUPafzwt3gifBRW/v1X9O+b+sTCTTPI/AAAA5CDm/vDB/6cvkP8BAACgNmLuXx1mIv8DAABAbcTcPx5mkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/WuKIsv8DwAAADmIuX9tmIn8DwAAALURc/95YSbyPwAAANRGzP3nh5lkkv/1//X/9f/1//X/9f97Sf9f/78b/X/9/0Fev/6//j/V+q3/H3P/B8JMMsn/AAAAkIOY+y8IM5H/AQAAoDZi7r8wzET+BwAAgNqIuX9dmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/Mff/vzCTTPI/AAAA5CDm/g+Gmcj/AAAAUBsx918UZiL/AwAAQG3E3H9xmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/MfdfEmaSSf4HAACAHMTcf2mYifwPAAAAtRFz/2VhJvI/AAAA1EbM/ZeHmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc/8VYSaZ5H8AAADIQcz9V4aZyP8AAABQGzH3fyjMRP4HAACA2oi5f32YSSb5X/9f/1//X/9f/1//v5f0//X/u9H/1/8f5PXr/+v/U63f+v8x9384zCST/A8AAAA5iLn/qjAT+R8AAABqI+b+q8NM5H8AAACojZj7N4SZZJL/9f/1//X/9f/1//X/e0n/X/+/G/1//f9BXr/+v/4/1fqt/x9z/8Ywk0zyPwAAAOQg5v5NYSbyPwAAANRGzP3XhJnI/wAAAFAbMfdfG2aSSf7X/9f/1//X/9f/1//vJf1//f9u9P/1/wd5/fr/+v9U67f+f8z914WZZJL/AQAAIAcx918fZiL/AwAAQG3E3H9DmIn8DwAAALURc//mMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+6/Mcwkk/wPAAAAOYi5/6YwE/kfAAAAaiPm/pvDTOR/AAAAqI2Y+yfCTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf+WMJNM8j8AAADkIOb+W8NM5H8AAACojZj7J8NM5H8AAACojZj7p8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5fzrMJJP8DwAAADmIuX9LmIn8DwAAALURc//WMBP5HwAAAGoj5v5tYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9G/1//f5DXr/+v/0+1fuv/x9y/Pcwkk/wPAAAAOYi5f0eYifwPAAAAtRFz/21hJvI/AAAA1EbM/beHmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc//OMJNM8j8AAADkIOb+j4SZyP8AAABQGzH33xFmIv8DAABAbcTc/9Ewk0zyv/6//r/+v/6//r/+fy/p/+v/d6P/r/8/yOvX/9f/p1q/9f9j7t8VZpJJ/gcAAIAcxNx/Z5iJ/A8AAAC1EXP/XWEm8j8AAADURsz9u8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/+4wk0zyPwAAAOQg5v6PhZnI/wAAAFAbMfd/PMxE/gcAAIDaiLn/E2EmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fcf0+YSSb5HwAAAHIQc/8nw0zkfwAAAKiNmPv/f5iJ/A8AAAC1EXP/vWEmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/ythJpnkfwAAAMhBzP33hZnI/wAAAFAbMfd/KsxE/gcAAIDaiLn/V8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/9fCTDLJ/wAAAJCDmPt/PcxE/gcAAIDaiLn/N8JM5H8AAACojZj77w8zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t8MM8kk/wMAAEAOYu5/IMxE/gcAAIDaiLn/02Em8j8AAADURsz9nwkzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/gfDTDLJ/wAAAJCDmPs/G2Yi/wMAAEBtxNz/W2Em8j8AAADURsz9vx1mkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/Z8LM8kk/wMAAEAOYu7/nTAT+R8AAABqI+b+3w0zkf8BAACgNmLufyjMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+z8fZpJJ/gcAAIAcxNz/e2Em8j8AAADURsz9e8JM5H8AAACojZj7Hw4zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/r1hJpnkfwAAAMhBzP1fCDOR/wEAAKA2Yu7fF2Yi/wMAAEBtxNy/P8wkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7Z8JMMsn/AAAAkIOY+w+Emcj/AAAAUBsx9x8MM5H/AQAAoDZi7n8kzCST/K//r/+v/6//r/+v/99L+v/6/93o/+v/D/L69f/1/6nWb/3/mPsPhZlkkv8BAAAgBzH3fzHMRP4HAACA2oi5/0thJvI/AAAA1EbM/YfDTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf9ImEkm+R8AAAByEHP/0TAT+R8AAABqI+b+Y2Em8j8AAADURsz9x8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5//fDTDLJ/wAAAJCDmPtPhJnI/wAAAFAbMffPhpnI/wAAAFAbMffPhZlkkv/1//X/9f/1//X/9f97Sf9f/78b/X/9/0Fev/6//j/V+q3/H3P/fJhJJvkfAAAAchBz/6NhJvI/AAAA1EbM/Y+Fmcj/AAAAUBsx9z8eZpJJ/tf/1//X/9f/1//X/+8l/X/9/270//X/B3n9+v/6/1Trt/5/zP1PhJlkkv8BAAAgBzH3PxlmIv8DAABAbcTc/wdh/h/79qwF4NKDYfTGf9u2bdu2bRzbVnGaJOU31aw1M9m7SZv2LZ5i/wMAAMAxcvc/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+58YtTfY/AAAAdJC7/3lxi/0PAAAAx8jd//y4xf4HAACAY+Tuf0Hc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/S+MW5rsfwAAAOggd/+L4hb7HwAAAI6Ru//FcYv9DwAAAMfI3f+SuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/uftfGrc02f8AAADQQe7+l8Ut9j8AAAAcI3f/y+MW+x8AAACOkbv/FXFLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3vzJuabL/AQAAoIPc/a+KW+x/AAAAOEbu/lfHLfY/AAAAHCN3/2vilib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7n9t3NJk/wMAAEAHuftfF7fY/wAAAHCM3P2vj1vsfwAAADhG7v43xC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/xrilyf4HAACADnL3vylusf8BAADgGLn73xy32P8AAABwjNz9b4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/61xS5P9DwAAAB3k7n9b3GL/AwAAwDFy9789brH/AQAA4Bi5+98RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8745Ym+x8AAAA6yN3/rrjF/gcAAIBj5O5/d9xi/wMAAMAxcve/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+98YtTfY/AAAAdJC7/31xi/0PAAAAx8jd//64xf4HAACAY+Tu/0Dc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/R+MW5rsfwAAAOggd/+H4hb7HwAAAI6Ru//DcYv9DwAAAMfI3f+RuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/ufs/Grc02f8AAADQQe7+j8Ut9j8AAAAcI3f/x+MW+x8AAACOkbv/E3FLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3fzJuabL/AQAAoIPc/Z+KW+x/AAAAOEbu/k/HLfY/AAAAHCN3/2filib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7v9s3NJk/wMAAEAHufs/F7fY/wAAAHCM3P2fj1vsfwAAADhG7v4vxC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/xbilyf4HAACADnL3fylusf8BAADgGLn7vxy32P8AAABwjNz9X4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/6txS5P9DwAAAB3k7v9a3GL/AwAAwDFy9389brH/AQAA4Bi5+78RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBj5O7/dtxi/wMAAMAxcvd/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+78YtTfY/AAAAdJC7/3txi/0PAAAAx8jd//24xf4HAACAY+Tu/0Hc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/T+MW5rsfwAAAOggd/+P4hb7HwAAAI6Ru//HcYv9DwAAAMfI3f+TuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/uft/Grc02f8AAADQQe7+n8Ut9j8AAAAcI3f/z+MW+x8AAACOkbv/F3FLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3/zJuabL/AQAAoIPc/b+KW+x/AAAAOEbu/l/HLfY/AAAAHCN3/2/ilib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7v9t3NJk/wMAAEAHuft/F7fY/wAAAHCM3P2/j1vsfwAAADhG7v4/xC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/x7ilyf4HAACADnL3/ylusf8BAADgGLn7/xy32P8AAABwjNz9f4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/69xS5P9DwAAAB3k7v9b3GL/AwAAwDFy9/89brH/AQAA4Bi5+/8RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8/45Ym+x8AAAA6yN3/r7jF/gcAAIBj5O7/d9xi/wMAAMAxcvf/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+/8YtTfY/AAAAdJC7/39xi/0PAAAAx8jd//+4xf4HAACAY+TuvyFuabL/9f/6f/2//l//r/+fSf+v/7+i/9f/7/y//l//z9hq/X/u/hvjlib7HwAAADrI3X9T3GL/AwAAwDFy998ct9j/AAAAcIzc/bfELU32v/5f/6//1//r//X/M+n/9f9X9P/6/53/1//r/xlbrf/P3X9r3NJk/wMAAEAHuftvi1vsfwAAADhG7v7b4xb7HwAAAI6Ru/+OuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/ufvvjFua7H8AAADoIHf/XXGL/Q8AAADHyN1/d9xi/wMAAMAxcvffE7c02f/6f/2//l//r//X/8+k/9f/X9H/6/93/l//r/9nbLX+P3f/vXFLk/0PAAAAHeTuvy9usf8BAADgGLn7749b7H8AAAA4Ru7+B+KWJvtf/6//1//r//X/+v+Z9P/6/yv6f/3/zv/r//X/jK3W/+fufzBuabL/AQAAoIPc/Q/FLfY/AAAAHCN3/8Nxi/0PAAAAx8jd/0jc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/Y/GLU32PwAAAHSQu/+xuMX+BwAAgGPk7n88brH/AQAA4Bi5+5+IW5rsf/2//l//r//X/+v/Z9L/6/+v6P/1/zv/r//X/zO2Wv+fu//JuKXJ/gcAAIAOcvc/FbfY/wAAAHCM3P1Pxy32PwAAABwjd/8zcUuT/a//1//r//X/+n/9/0z6f/3/Ff2//n/n//X/+n/GVuv/c/c/GwAA//9/h0Q1") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) fchown(r0, 0x0, 0x0) 9.255344865s ago: executing program 2 (id=1998): r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000, 0x400003c1}, 0xc1030040}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x0) sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x23, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d2eaebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838079f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_ttl={{0x14}}, @ip_tos_u8={{0x11, 0x29, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x50}, 0x0) 9.167974371s ago: executing program 3 (id=2000): syz_emit_ethernet(0x9e, &(0x7f0000000280)={@local, @local, @val, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x60, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa1d3", 0x0, 0x0, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @loopback}, [@routing={0x2b}, @srh={0x0, 0x3, 0x4, 0x1, 0x0, 0x0, 0x0, [@ipv4={'\x00', '\xff\xff', @remote}]}, @srh={0x0, 0x20000000000000a1}, @dstopts]}}}}}}}, 0x0) 9.042809138s ago: executing program 2 (id=2001): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$packet(0x11, 0x0, 0x300) preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='sched_switch\x00', r4}, 0x10) unshare(0x42000000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000ecff0000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='file_check_and_advance_wb_err\x00', r6}, 0x10) syz_emit_ethernet(0xae, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x78, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @loopback, @local, [@srh={0x0, 0x8, 0x4, 0x4, 0x0, 0x0, 0x0, [@empty, @rand_addr=' \x01\x00', @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}]}}}}}}}, 0x0) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) ptrace$peeksig(0x4209, 0x0, &(0x7f0000000040)={0x8, 0x0, 0x1}, &(0x7f0000000740)=[{}]) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 9.012825961s ago: executing program 3 (id=2003): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r1) socket(0x10, 0x803, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) 8.229996124s ago: executing program 0 (id=2004): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x30004001) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) setsockopt$sock_attach_bpf(r3, 0x6, 0x4, &(0x7f0000000000)=r4, 0x4) 6.925233807s ago: executing program 0 (id=2007): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mq_open(&(0x7f00000002c0)='\x00', 0x40, 0x68, &(0x7f0000000300)={0x8e, 0x4, 0x7, 0x400000}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='host1x_channel_submit\x00', r0}, 0xfffffffffffffdc6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0) syz_emit_vhci(0x0, 0xff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x20}}, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, 0x0, 0x0) r5 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002d80)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x60, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x20008010}, 0x0) 6.80021007s ago: executing program 4 (id=2009): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) r0 = socket$rds(0x15, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000040)={'bond0\x00', 0x0}) 5.8983329s ago: executing program 2 (id=2012): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x80, 0x0, 0x0, 0x8}}, 0x1c}}, 0x0) 5.509799434s ago: executing program 1 (id=2016): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000a40)='i', 0x1}, {&(0x7f0000001200)="a68d4a0af973f288cfd1d0a139c2e9b3ae7bc4aba493b7d6c9ba81b97b3e00"/46, 0x2e}], 0x2}, 0x0) 5.400762389s ago: executing program 1 (id=2017): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x30004001) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) setsockopt$sock_attach_bpf(r3, 0x6, 0x4, &(0x7f0000000000)=r4, 0x4) 4.286245913s ago: executing program 1 (id=2018): sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x50, 0x0, 0x0, 0x0, 0x0, {}, [{{@pci={{0x8}, {0x4}}, {0x8}}, {0x8}, {0x6}, {0x5}}]}, 0x50}}, 0x0) r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000c00", 0x33fe0}], 0x1}, 0x0) 4.161747404s ago: executing program 1 (id=2019): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_lsm={0x1d, 0xa, &(0x7f0000001ac0)=ANY=[@ANYBLOB="15"], 0x0}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') getdents(r1, &(0x7f0000001040)=""/4096, 0x1000) 3.947394292s ago: executing program 1 (id=2020): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) r2 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000000)=0x5b2, 0x4) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0) bind$can_raw(r2, &(0x7f00000000c0), 0x10) close_range(r1, 0xffffffffffffffff, 0x0) 710.792635ms ago: executing program 2 (id=2021): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_io_uring_submit(r0, 0x0, 0x0) syz_io_uring_submit(r0, 0x0, 0x0) read(r1, &(0x7f0000001600)=""/233, 0xe9) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') preadv(r2, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/147, 0x93}], 0x1, 0x0, 0x0) 710.427326ms ago: executing program 4 (id=2022): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000d00850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) 657.485525ms ago: executing program 0 (id=2023): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x8000, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x438, 0x240, 0x240, 0x0, 0x350, 0x370, 0x350, 0x4, 0x0, {[{{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_batadv\x00', 'batadv0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "bc2e329885ea3654891fbae8c6c66e07212432bde429bcda7deb48d85c6f5e269c2021c8f8dc09af0b3f2e10e8ac79cc67e264613c4be6838ee2daacf7926a6e"}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @broadcast}}}, {{@arp={@private, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'veth0_to_bond\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x488) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 598.447199ms ago: executing program 1 (id=2024): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010921"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000002c0)={0x18, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, &(0x7f0000000640)={0x0, 0x3, 0x2, @string}, 0x0, 0x0}, 0x0) 502.080287ms ago: executing program 3 (id=2025): r0 = openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0) ioctl$SNDCTL_SEQ_GETOUTCOUNT(r0, 0x4004510d, 0x0) 461.231348ms ago: executing program 0 (id=2026): syz_emit_ethernet(0x9e, &(0x7f0000000280)={@local, @local, @val, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x60, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa1d3", 0x0, 0x0, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @loopback}, [@routing={0x2b}, @srh={0x0, 0x3, 0x4, 0x1, 0x0, 0x0, 0x0, [@ipv4={'\x00', '\xff\xff', @remote}]}, @srh={0x0, 0x20000000000000a1}, @dstopts]}}}}}}}, 0x0) 459.961568ms ago: executing program 4 (id=2027): ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800, &(0x7f0000000500)=ANY=[@ANYRES16], 0x5, 0x152e, &(0x7f00000037c0)="$eJzs3AuYTlX7MPD7XmvtMSQ9TXIY1lr35kkOiyTJIakckiRJkpwSkiZ5JSEx5JQ0JCE5DMlhCMlhYtI4n8/HJEmaJMkpp2R914RPvdX31vu9X/7fO/fvuvb1rPtZe6197+fez/PsvR/m206DqzescVd9IoJfO+0vgD8HLzwkAkAsAPQHgGsAIACAsnFl4zL7s0tM/JOzsb/FwylXOgN2JXH9szauf9bG9c/auP5ZG9c/a+P6Z21c/6yN689YVrZxav5recm6yx/f///zsgPf////E3///xfJKDn6y9Ulr+/8F4Zw/bM2rv9/reDPrMT1z9q4/lkb1z9r4/pnBdn+sIfrn7Vx/RnLyq70/ed/WmLgyueQpZYrffwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMsaTvvLFABcal/pvBhjjDHGGGOMMfaf47Nd6QwYY4wxxhhjjDH2/x6CAAkKAoiBbBAL2SEHCAC4GnLBNRCBayEOroPccD3kgbyQD/JDPBSAgqDBgAWCEApBYYjCDVAEboSiUAyKQwlwUBJKwU1QGm6GMnALlIVboRzcBuWhAlSESnA7VIY7oArcCXfB3VAVqkF1qAH3QE24F2rBfVAb7oc68ADUhQehHjwE9eFhaACPQEN4FBrBY9AYmkBTaAbN/63xL0I3eAm6Qw9IhJ7QC16G3tAH+kI/6A+vwAB4FQbCa5AEg2AwvA5D4A0YCm/CMBgOI+AtGAlvwygYDWNgLCTDOBgP78AEeBcmwiSYDFMgBabCNHgPpsMMmAnvwyz4AGbDHJgL8yAVPoT5sADS4CNYCB9DOiyCxbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAW2wjbYDjtgJ3wCu+BT2A2fwR74/C+OP/VP4zsjIKBAgQoVxmAMxmIs5sAcmBNzYi7MhRGMYBzGYW7MjXkwD+bDfBiP8VgQC6JBg4SEhbAQRjGKRbAIFsWiWByLo0OHpbAUlsabsQyWwbJYFsthOSyPFbACVsJKWBkrYxWsgnfhXVgVq2J1rI734D3YE2thLayNtbEO1rl0ewrrY31sgA2wITbERtgIG2NjbIpNsTk2xxbYAltiS2yNrbENtsG22BYTMAHbYTtsj+2xA3bAjtgRO2En7IxdsAu+mA3wJXwJe2BV0RN7YS/sjUnZ+mI/7Iev4AB8FV/F1zAJB+FgfB1fxzdwKJ7EYTgcR+AIrCzexlE4GkmMxWRMxvE4HifgBJyIk3ASTsEUnIrTcBpOxxk4A9/HWfgBfoBzcA7Ow1RMxfm4ANMwDRfiKUzHRbgYl+BSXIZLcQWuxBW4GtfgalyH63ADbsBNuAm34BbchttwByoA/AQ/xU8xCffgHtyLe3Ef7sP9uB8zMAMP4AE8iAfxEB7Cw3gYj+BRPIZH8QSewJN4Ck/jaTyLZ/EcPh//dYMdxVYlgcikhBIxIkbEiliRQ+QQOUVOkUvkEhEREXEiTuQWuUUekUfkE/lEvIgXBUVBYYQRJMIYABBRERVFRBFRVBQVxUVx4YQTpUQpUVqUFmVEGVFW3CrKidtEeVFBtHKVRCVRWbR2VcSd4i5xl6gqqonqooaoIWqKmqKWqCVqi9qijqgj6ooHRT3RE/viwyKzMg3FIGwkBmNj0UTIi59gLcRQbClaidbiSTEch2Fb0cIliGdEOzEK24t/iNH4nOgoxmIn8YLoLLqIruJF0U20dN1FDzERe4peYgr2Fn1EX9FPTMdq4n2clb26eE0kiUFisHhdzMM3xFDxphgmhosR4i0xUrwtRonRYowYK5LFODFevCMmiHfFRDFJTBZTRIqYKqaJ98R0MUPMFO+LWeIDMVvMEXPFPJEqPhTzxQKRJj4SC8XHIl0sEovFErFULBPLxQqxUqwSq8UasVasE+vFBrFRbBKbxRaxVWwT28UOsVN8InaJT8Vu8ZnYIz4Xe8UXYp/4UuwXX4kM8bU4IL4RB8W34pD4ThwW34sj4qg4Jo6LE+IHcVKcEqfFGXFW/CjOiZ/EeeEFSJRCSqlkIGNkNhkrs8sc8iqZUwYXX91rZZy8TuaW18s8Mq/MJ/PLeFlAFpRaGmklyVAWkoVlVN4gi8gbZVFZTBaXJaSTJWUpeZMsLW+WZeQtsqy8VZaTt8nysoKsKCvJ22VleYeEyIVtVJXVZHVZQ94ja8p7ZS15n6wt75d15AOyrnxQ1pMPyfryYdlAPiIbykdlI/mYbCybyKaymWwuH5ct5BOypWwlW8snZRv5lGwrn5YJ8hnZTvqLh8hzsqN8XnaSL8jOsovsKn+S56WX3WUPCdBT9pIvy96yj+wr+8n+8hU5QL4qB8rXZJIcJAfL1+UQ+YYcKt+Uw+RwOUK+JUfKt+UoOVqOkWNlshwnx8t35AT5rpwoJ8nJcopMkVNl34szzZTyX45/53fGD/x56xvkRrlJbpZb5Fa5TW6XO+ROuVPukrvkbrlb7pF75F65V+6T++R+uV9myAx5QB6QB+VBeUgekoflYXlEHpVn5HF5Qv4gT8pT8pQ8I8/Ks/LcxdcAFCqhpFIqUDEqm4pV2VUOdZXKqa5WudQ1KqKuVXHqOpVbXa/yqLwqn8qv4lUBVVBpZZRVpEJVSBVWUXUDXjxgVHFVQjlVUpVSN/2V8aqIulEVVcV+Nf5Sfol/kF9z1Vy1UC1US9VStVatVRvVRrVVbVWCSlDtVDvVXrVXHVQH1VF1VJ1UJ9VZdVZdVVfVTXVT3VV3lagSVS/1suqt+qi+qp/qr15RA9QANVANVEkqSQ1Wg9UQNUQNVUPVMDVMjVAj1Eg1Uo1So9QYNUYlq2Q1Xo1XE9QENVFNVJPVZJWiUtQ0NU1NV9PVTDVTzVKz1Gw1W81Vc1WqSlXz1XyVptLUQrVQpatFapFaopaoZWqZWqFWqFVqlVqj1qh1ap1KVxvVRrVZbVZb1Va1XW1XO9VOtUvtUrvVbrVH7VF71V61T+1T+9V+laEy1AF1QB1UB9UhdUgdVofVEXVEHVPH1Al1Qp1UJ9VpdVqdVWfVOXVOnVfnM0/7AhGIQAUqiAligtggNsgR5AhyBjmDXEGuIBJEgrggLsgdXB/kCfIG+YL8QXxQICgY6MAENhAXix4NbgiKBDcGRYNiQfGgROCCkkGp4KagdHBzUCa4JSgb3Bpc+qmpYlApuD2oHNwRVAnuDO4K7g6qBtWC6kGN4J6gZnBvUCu4L6gd3B/UCR4I6gYPBvWCh4L6wcNBg+CRoGHwaNAoeCxoHDQJmgbNgua/mL9ccFtQPqgQ/Pvze38y7xOuu+6hE3VP3Uu/rHvrPrqv7qf761f0AP2qHqhf00l6kB6sX9dD9Bt6qH5TD9PD9Qj9lh6p39aj9Gg9Ro/VyXqcHq/f0RP0u3qinqQn6yk6RU/V0/R7erqeoWfq9/Us/YGerefouXqeTtUf6vl6gU7TH+mF+mOdrhfpxXqJXqqX6eV6hV6pV+nVeo1eq9fp9XqD3qg36c16i96qt+nteofeqT/Ru/Snerf+TO/Rn+u9+gu9T3+p9+uvdIb+Wh/Q3+iD+lt9SH+nD+vv9RF9VB/Tx/UJ/YM+qU/p0/qMPqt/1Of0T/q89pkn95lf70YZZWJMjIk1sSaHyWFympwml8llIiZi4kycyW1ymzwmj8ln8pl4E28KmoImExkyhUwhEzVRU8QUMUVNUVPcFDfOOFPKlDKlTWlTxpQxZU1ZU86UM+VNeVPRVDS3m9vNHeYOc6e509xt7jbVTDVTw9QwNU1NU8vUMrVNbVPH1DF1TV1Tz9Qz9U1908A0MA1NQ9PINDKNTWPT1DQ1zU1z08K0MC1NS9PatDZtTBvT1rQ1CSbBtDPtTHvT3nQwHUxH09F0Mp1MZ9PZdDVdTTfTzXQ33U2iSTS9TC/T2/Q2fU1f09/0NwPMADPQDDRJJskMNoPNEDPEDDVDzTAz3IzIPLjN22aUGW3GmLEm2SSb8Wa8mWAmmIlmoplsJpsUk2KmmWlmupluZpqZZpaZZWab2WaumWtSTaqZb+abNJNmFpqFJt2km8VmsVlqlprlZrlZaVaa1Wa1WQtrzXqz3mw0G81ms9lsNVvNdrPd7DQ7zS6zy+w2u80es8fsNXvNPrPP7Df7TYbJMAfMAXPQHDSHzCFz2Bw2R8wRc8wcMyfMCXPSnDSnzWlz1uS9+H3pTazNbnPYq2xOe7XNZa+x/xzns/ltvPe2oNU2j817IbYFfo6NtbaoLWaL2xLW2ZK2lL3pN3F5W8FWtJXs7bayvcNW+U1c095ra9n7bG17v61h7/lVXMc+YOvaR209RADbxDawzWxD+6htZB+zjW0T29Q2s23sU7atfdom2GdsO/vsb+L5doFdaVfZ1XaN3WU/taftGXvQfmvP2h9td9vD9rev2AH2VTvQvmaT7KDfxCPsW3akfduOsqPtGDv2N/FkO8Wm2Kl2mn3PTrczfhOn2g/tLJtmZ9s5dq6d93OcmVOa/cgutB/bdLvILrZL7FK7zC63K/53rkvsOrvebrA77Sd2s91it9ptdrvd8XOcuR+77Wd2j/3cHrDf2H32S7vfHrIZ9uuf48z9O2S/s4ft9/aIPWqP2eP2hP3BnrSnft7/zH0/bn+y5623QEhAkhQFFEPZKJayUw66inLS1ZSLrqEIXUtxdB3lpuspD+WlfJSf4qkAFSRNhiwRhVSIClOUbqBL5+nFqQQ5Kkml6CYqTTdTGbqFytKtVI5uo/JUgSpSJbqdKtMdVIXupLvobqpK1ag61aB7qCbdS7XoPqpN91MdeoDq0oNUjx6i+vQwNaBHqCE9So3oMWpMTagpNaPm9Di1oCeoJbWi1vQktaGnqC09TQn0DLWjZ6k9/YM60HPUkZ6nTvQCdaYu1JVepG70EnWnHpRIPakXvUy9qQ/1pX7Un16hAfQqDaTXKIkG0WB6nYbQGzSU3qRhNJxG0Fs0kt6mUTSaxtBYSqZxNJ7eoQn0Lk2kSTSZplAKTaVp9B5Npxk0k96nWfQBzaY5NJfmUSp9SPNpAaXRR7SQPqZ0WkSLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+oR20ae0mz6jPfQ57aUvaB99SfvpK8qgr+kAfUMH6Vs6RN/5HvQ9HaGjdIyO0wn6gU7SKTpNZ+gs/Ujn6Cc6T54gxFCEMlRhEMaE2cLYMHuYI7wqzBleHeYKrwkj4bVhXHhdmDu8PswT5g3zhfnD+LBAWDDUoQltSGEYFgoLh9HwhrBIeGNYNCwWFg9LhC4sGZYKbwpLhzeHZcJbwrLhrWG58LawfFghfPT+SuHtYeXwjrBKeGfYOrw7rBpWC6uHNcJ7wprhvWGt8L6wdnh/WCZ8IKwbPhjWCx8K64cPhw3CR8KG4aNho/CxsHHYJGwaNgubh4+HLcInwpZhq7B1+GTYJnwqbBs+HSaEz4Ttwmd/7n9gwR/3J4Y9w17hy+HLoff3ybnRedHU6IfR+dEF0bToR9GF0Y+j6dFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRDVHva2QDh0446ZQLXIzL5mJddpfDXeVyuqtdLneNi7hrXZy7zuV217s8Lq/L5/K7eFfAFXTaGWcdudAVcoVd1N3girgbXVFXzBV3JZxzJV0p18w1d81dC/eEa+laudbuSfeke8o95Z52T7tnXDv3rGvv/uE6uOdcR/e8e9694Dq7Lq6re9F1c+NyXXhPJrperpfr7Xq7vq6v6+/6uwFugBvoBrokl+QGu8FuiBvihrqhbpgb5ka4EW6kG+lGuVFujBvjkl2yG+/GuwlugpvoJrrJbrJLcSlumpvmprvprvKMC1uZ7Wa7uW6uS3Wpbr7LPGdMcwvdQpfu0t1it9gtdUvdcrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e10O90uf82FzAFgr9vr9rl9br/7ymW4r90B94076L51h9x37rD73h1xR90xd9ydcD+4k+6UO+3OuLPuR3fO/eTOO++SI+Mi4yPvRCZE3o1MjEyKTI5MiaREpkamRd6LTI/MiMyMvB+ZFfkgMjsyJzI3Mi+SGvkwMj+yIJIW+SiyMPJxJD2yKLI4siSyNLIs4n2BzaEv5Av7qL/BF/E3+qK+mC/uS3jnS/pS/iZf2t/sy/hbfFl/qy/nb/PlfQVf0T/mG/smvqlv5pv7x30L/4Rv6Vv51v5J38Y/5dv6p32Cf8a388/69v4fvoN/znf0z/tO/gXf2XfxXf2Lvpt/yXf3PXyi7+l7+Zd9b9/H9/X9fH//ih/gX/UD/Ws+yQ/yg/3rfoh/ww/1b/phfrgfEfOWH3npEhnG+mQ/zo/37/gJ/l0/0U/yk/0Un+Kn+mn+PT/dz/Az/ft+lv/Az/Zz/Fw/z6f6D/18v8Cn+Y/8Qv+xT/eLLt1U9sv9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Q6/03/id/lP/W7/md/jP/d7/Rd+n//S7/df+Qz/tT/gv/EH/bf+kP/OH/bf+yP+qD/mj/sT/gd/0p/yp/0Zf9b/6M/5n/x5/j9rjDHGGGN/yrjLTfF7/T1/5znxi5V7AcDVW/Jn/LI/84xybZ4L7T4ivk0EAJ7p0enhS0vVqomJiRfXTZcQFJ4DcOmXoEwxcDleBK3hKUiAVlD6d/PvI7qcpX8xf/RWgBy/GBMLl+PL83/xB/M//uSI+eXC03H/h/nnABQtfHlMdrgcL4LWKvOxFZT5g/nztvgX+Wf/Mhmg5S/G5ITL8eX8S8ET8Cwk/GpNxhhjjDHGGGPsgj6iYodL15+X/sXn712fx6vLY7LB5fhfXZ8zxhhjjDHGGGPsynuuS9enH09IaNXhrzeq/FujuPE/teE9wKVnFAD8X04I8Lfvxaa/ZVtJF986/9y19IwP4H9GKf8Tjd/7tMC/98OJMcYYY4wx9h91+aT/18+rK5UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWBf0df07sSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9rwAAAP//h3AVmQ==") unlink(&(0x7f0000000640)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000140)=[@in={0x2, 0x4e1c, @remote}, @in={0x2, 0x4e02, @private=0x8a010102}, @in={0x2, 0x4e22, @private=0xa010102}, @in6={0xa, 0x0, 0x4, @mcast2, 0xfff}], 0x4c) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @loopback}]}, &(0x7f00000002c0)=0x10) getpeername$inet6(r0, 0x0, &(0x7f0000000040)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = dup2(r1, 0xffffffffffffffff) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000009a850000002d00000018110000", @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r4, &(0x7f0000000200), 0x43400) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, 0x0, &(0x7f0000000100)) 348.719634ms ago: executing program 3 (id=2028): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r2, 0x0, &(0x7f0000000200)) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc00000000100070000", @ANYRES32=r3, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000940)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x2, r3}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6}]}}}]}, 0x40}}, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x34, 0x0, 0x800, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000001}, 0xc000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000004000000000000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000800"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xffffffffffffffff}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x6) sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1c, 0x1}, 0x1c}}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getpid() bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0) 317.473992ms ago: executing program 0 (id=2029): r0 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) r2 = syz_pidfd_open(r0, 0x0) setns(r2, 0x10000000) 0s ago: executing program 0 (id=2030): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc1ffb}]}) openat$full(0xffffffffffffff9c, 0x0, 0x408701, 0x0) syz_open_dev$vim2m(0x0, 0x8000000000000000, 0x2) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000040)=@newpolicy={0xc4, 0x13, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@sec_ctx={0xc, 0x10, {0x8}}]}, 0xc4}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r4 = memfd_create(&(0x7f0000000b40)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b \x00\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\xfe\xe6\xd2SLR\xa1\x00\x00\x17\x1f$^\xe1\x00\x00\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\x00\x00\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\x9b\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x14M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x1b1\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\xe7\xf6\t\x9dJ\xa4^m\xf3\xb5Y\f\x8f\r\xd5)>A\xe9\xf59\'G[\xf0`\xf3\'\xe4\xb2\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I?^\xf3,\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4u\xdaav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW', 0x6) fallocate(r4, 0x0, 0x0, 0x0) fcntl$addseals(r4, 0x409, 0xc) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000002c0)) vmsplice(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r6, &(0x7f0000000280)={&(0x7f0000000040)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14, &(0x7f0000000240)={&(0x7f0000000200)="fb8149d48c6596d63bea5e85b2111933a7b6c01b74ff57a776d30efe94379d", 0x1f}, 0x1, 0x0, 0x0, 0x80}, 0x4040000) r7 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 10269] netlink: 'syz.2.1546': attribute type 3 has an invalid length. [ 442.257522][T10269] netlink: 'syz.2.1546': attribute type 3 has an invalid length. [ 442.297668][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.310493][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.358653][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state [ 442.365825][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 442.463978][ T5152] bridge0: port 2(bridge_slave_1) entered blocking state [ 442.471250][ T5152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 442.533239][T10040] veth0_vlan: entered promiscuous mode [ 442.628213][T10040] veth1_vlan: entered promiscuous mode [ 442.655499][ T9986] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 442.737146][T10280] sg_write: data in/out 93/14 bytes for SCSI command 0x0-- guessing data in; [ 442.737146][T10280] program syz.3.1460 not setting count and/or reply_len properly [ 442.807842][T10040] veth0_macvtap: entered promiscuous mode [ 442.815280][T10284] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 442.852786][T10040] veth1_macvtap: entered promiscuous mode [ 442.925025][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 442.969836][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.986725][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 443.000982][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 443.016512][T10040] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 443.054760][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 443.080330][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 443.103390][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 443.132005][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 443.161499][T10040] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 443.197320][T10040] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.207228][T10040] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.226256][T10040] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.240871][T10040] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.288757][T10134] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 443.602036][ T2884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.615404][ T2884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.658970][T10134] veth0_vlan: entered promiscuous mode [ 443.728830][ T9986] veth0_vlan: entered promiscuous mode [ 443.744068][T10134] veth1_vlan: entered promiscuous mode [ 443.769704][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.792930][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.814635][ T9986] veth1_vlan: entered promiscuous mode [ 443.903081][T10134] veth0_macvtap: entered promiscuous mode [ 443.965617][T10134] veth1_macvtap: entered promiscuous mode [ 444.015557][ T9986] veth0_macvtap: entered promiscuous mode [ 444.057909][ T9986] veth1_macvtap: entered promiscuous mode [ 444.065497][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.065523][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.065536][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.065550][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.065563][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.065577][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.075021][T10134] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 444.097986][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.178488][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.178517][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.178534][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.178553][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.178567][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.178586][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.178599][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.181982][ T9986] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 444.281407][T10311] netlink: 'syz.2.1554': attribute type 29 has an invalid length. [ 444.285151][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.285176][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.285187][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.285200][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.285211][T10134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.285223][T10134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.286797][T10134] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 444.290644][T10314] netlink: 'syz.2.1554': attribute type 29 has an invalid length. [ 444.387625][T10134] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.410308][T10134] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.419071][T10134] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.436432][T10134] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.450552][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.479013][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.516623][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.549864][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.562110][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.572854][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.583319][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.594996][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.607124][ T9986] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 444.614862][T10315] netlink: 'syz.2.1554': attribute type 29 has an invalid length. [ 444.630265][T10311] netlink: 'syz.2.1554': attribute type 29 has an invalid length. [ 444.693430][ T9986] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.739800][ T9986] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.749074][ T9986] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.788947][ T9986] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 444.911500][T10329] loop1: detected capacity change from 0 to 16 [ 444.925465][T10329] erofs: (device loop1): mounted with root inode @ nid 36. [ 445.207766][T10332] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 445.219127][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 445.294493][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 445.309211][T10334] loop2: detected capacity change from 0 to 128 [ 445.328979][T10339] input: syz0 as /devices/virtual/input/input12 [ 445.416381][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 445.471509][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 445.562775][T10340] syz.1.1561: attempt to access beyond end of device [ 445.562775][T10340] loop1: rw=0, sector=14552337256, nr_sectors = 8 limit=16 [ 445.591339][ T1058] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 445.636966][ T1058] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 445.681033][T10340] syz.1.1561: attempt to access beyond end of device [ 445.681033][T10340] loop1: rw=0, sector=14546590680, nr_sectors = 8 limit=16 [ 445.773542][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 445.797373][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 447.052602][T10362] loop0: detected capacity change from 0 to 8 [ 447.144956][T10362] SQUASHFS error: lzo decompression failed, data probably corrupt [ 447.185853][T10362] SQUASHFS error: Failed to read block 0x91: -5 [ 447.223783][T10362] SQUASHFS error: Unable to read metadata cache entry [8f] [ 447.279717][T10362] SQUASHFS error: Unable to read inode 0x11f [ 447.691801][T10362] loop0: detected capacity change from 0 to 256 [ 447.962918][T10362] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 448.188021][T10376] loop2: detected capacity change from 0 to 2048 [ 448.276816][T10376] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 448.419132][T10376] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 448.529257][T10376] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28 [ 448.604697][T10382] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 448.650642][T10376] EXT4-fs (loop2): This should not happen!! Data will be lost [ 448.650642][T10376] [ 448.681765][T10386] input: syz0 as /devices/virtual/input/input13 [ 448.699728][T10382] EXT4-fs (loop2): This should not happen!! Data will be lost [ 448.699728][T10382] [ 448.739599][T10376] EXT4-fs (loop2): Total free blocks count 0 [ 448.752156][T10382] EXT4-fs (loop2): Total free blocks count 0 [ 448.784765][T10376] EXT4-fs (loop2): Free/Dirty block details [ 448.799719][T10382] EXT4-fs (loop2): Free/Dirty block details [ 448.819854][T10388] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1579'. [ 448.820751][T10382] EXT4-fs (loop2): free_blocks=2415919104 [ 450.669400][T10374] loop3: detected capacity change from 0 to 40427 [ 450.691081][T10374] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 450.735480][T10374] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 450.758837][T10420] loop4: detected capacity change from 0 to 2048 [ 450.822097][T10374] F2FS-fs (loop3): Found nat_bits in checkpoint [ 450.833712][T10420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 451.033254][T10420] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 451.072771][T10374] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 451.083127][T10420] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28 [ 451.096212][T10430] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 1, id = 0 [ 451.145868][T10374] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 451.174674][T10432] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 451.219861][T10420] EXT4-fs (loop4): This should not happen!! Data will be lost [ 451.219861][T10420] [ 451.262021][T10432] EXT4-fs (loop4): This should not happen!! Data will be lost [ 451.262021][T10432] [ 451.283837][T10420] EXT4-fs (loop4): Total free blocks count 0 [ 451.297690][T10432] EXT4-fs (loop4): Total free blocks count 0 [ 451.315212][T10420] EXT4-fs (loop4): Free/Dirty block details [ 451.357150][T10420] EXT4-fs (loop4): free_blocks=2415919104 [ 451.375448][T10432] EXT4-fs (loop4): Free/Dirty block details [ 451.409798][ T5152] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 451.659382][ T5152] usb 2-1: Using ep0 maxpacket: 8 [ 451.698909][ T5152] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 451.731470][ T5152] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 451.765455][T10438] IPv6: NLM_F_CREATE should be specified when creating new route [ 451.769579][ T5152] usb 2-1: config 1 has no interface number 1 [ 451.797204][ T5152] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 451.806591][ T5152] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.814999][T10438] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1595'. [ 451.825694][ T5152] usb 2-1: Product: syz [ 451.838044][ T5152] usb 2-1: Manufacturer: syz [ 451.847870][ T5152] usb 2-1: SerialNumber: syz [ 451.978195][T10440] sg_write: data in/out 93/14 bytes for SCSI command 0x0-- guessing data in; [ 451.978195][T10440] program syz.2.1596 not setting count and/or reply_len properly [ 453.145219][ T5152] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 453.194154][ T5152] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 453.236749][ T5152] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 453.247634][ T5152] usb 2-1: 2:1 : invalid channels 0 [ 453.292639][T10458] evm: overlay not supported [ 453.382216][ T5152] usb 2-1: USB disconnect, device number 10 [ 453.440014][T10455] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 453.684064][ T5284] udevd[5284]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 454.089159][T10479] io-wq is not configured for unbound workers [ 454.324494][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length. [ 454.364304][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length. [ 454.401055][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length. [ 454.419560][T10483] netlink: 'syz.1.1609': attribute type 29 has an invalid length. [ 454.430217][ T5158] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 454.588847][T10487] loop3: detected capacity change from 0 to 512 [ 454.608191][T10487] EXT4-fs: Ignoring removed nobh option [ 454.619912][ T5158] usb 5-1: Using ep0 maxpacket: 16 [ 454.659559][ T5158] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 454.685771][ T5158] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 454.695309][T10487] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 454.716211][ T5158] usb 5-1: Product: syz [ 454.720573][ T5158] usb 5-1: Manufacturer: syz [ 454.725300][ T5158] usb 5-1: SerialNumber: syz [ 454.725975][T10487] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.1611: attempt to clear invalid blocks 2 len 1 [ 454.735979][ T5158] r8152-cfgselector 5-1: Unknown version 0x0000 [ 454.759646][ T5158] r8152-cfgselector 5-1: config 0 descriptor?? [ 454.833081][T10493] loop1: detected capacity change from 0 to 1024 [ 454.855709][T10493] EXT4-fs: Ignoring removed oldalloc option [ 454.864135][T10487] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 454.892618][T10487] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1611: invalid indirect mapped block 1819239214 (level 0) [ 454.895811][T10493] ext4: Unknown parameter 'fsuuid' [ 454.924632][T10487] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1611: invalid indirect mapped block 1819239214 (level 1) [ 454.968397][T10487] EXT4-fs (loop3): 1 truncate cleaned up [ 454.976795][T10487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.039598][ T9352] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 455.058614][ T5158] r8152-cfgselector 5-1: Needed 2 retries to read version [ 455.077309][ T5158] r8152-cfgselector 5-1: Unknown version 0x0000 [ 455.094716][ T5158] r8152-cfgselector 5-1: bad CDC descriptors [ 455.239892][ T9352] usb 3-1: Using ep0 maxpacket: 32 [ 455.249367][ T9352] usb 3-1: New USB device found, idVendor=1630, idProduct=0042, bcdDevice=5b.13 [ 455.277455][ T9352] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 455.289712][ T9352] usb 3-1: Product: syz [ 455.294225][ T9352] usb 3-1: Manufacturer: syz [ 455.299046][ T9352] usb 3-1: SerialNumber: syz [ 455.318759][ T9352] usb 3-1: config 0 descriptor?? [ 455.328623][ T9352] usb 3-1: bad CDC descriptors [ 455.357861][ T929] r8152-cfgselector 5-1: USB disconnect, device number 15 [ 455.568937][ T9352] usb 3-1: USB disconnect, device number 11 [ 456.370713][T10512] loop4: detected capacity change from 0 to 1024 [ 456.502609][T10512] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 456.598144][T10512] JBD2: no valid journal superblock found [ 456.632821][T10512] EXT4-fs (loop4): Could not load journal inode [ 456.694294][T10512] netlink: 'syz.4.1620': attribute type 11 has an invalid length. [ 457.253705][T10519] netlink: 'syz.4.1620': attribute type 11 has an invalid length. [ 457.811299][ T9958] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.976859][ T54] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 457.999702][ T54] Bluetooth: hci1: Injecting HCI hardware error event [ 458.011306][ T54] Bluetooth: hci1: hardware error 0x00 [ 458.109778][T10524] netlink: 'syz.1.1623': attribute type 2 has an invalid length. [ 458.235876][T10537] loop0: detected capacity change from 0 to 2048 [ 458.275526][T10537] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 458.346284][T10537] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 458.389672][T10537] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 458.399358][T10539] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer. [ 458.861589][T10551] loop2: detected capacity change from 0 to 64 [ 459.270366][T10557] loop2: detected capacity change from 0 to 1024 [ 459.287370][T10557] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 459.346449][T10557] JBD2: no valid journal superblock found [ 459.366072][T10557] EXT4-fs (loop2): Could not load journal inode [ 459.416596][ T5116] Bluetooth: hci2: unexpected event for opcode 0x2002 [ 459.448286][T10557] netlink: 'syz.2.1635': attribute type 11 has an invalid length. [ 459.463472][T10557] netlink: 'syz.2.1635': attribute type 11 has an invalid length. [ 459.471979][T10557] debugfs: Directory 'netdev:' with parent 'phy48' already present! [ 459.576213][T10544] loop4: detected capacity change from 0 to 32768 [ 459.583328][T10562] netlink: 'syz.2.1638': attribute type 4 has an invalid length. [ 459.606561][T10562] netlink: 'syz.2.1638': attribute type 2 has an invalid length. [ 459.606556][T10544] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1631 (10544) [ 459.705554][T10562] loop2: detected capacity change from 0 to 4096 [ 459.727100][T10544] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 459.761956][T10544] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 459.780449][T10564] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 459.801213][T10544] BTRFS info (device loop4): using free-space-tree [ 460.059716][ T54] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 461.109424][T10597] sg_write: data in/out 93/14 bytes for SCSI command 0x0-- guessing data in; [ 461.109424][T10597] program syz.1.1645 not setting count and/or reply_len properly [ 461.306752][ T9986] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 461.871553][T10607] loop3: detected capacity change from 0 to 8 [ 461.967713][T10607] SQUASHFS error: lzo decompression failed, data probably corrupt [ 461.999318][T10607] SQUASHFS error: Failed to read block 0x4ec: -5 [ 462.016179][T10607] SQUASHFS error: Unable to read metadata cache entry [4ea] [ 462.062528][T10607] SQUASHFS error: Unable to read inode 0x20087 [ 462.178271][T10582] loop2: detected capacity change from 0 to 32768 [ 463.341209][T10631] loop4: detected capacity change from 0 to 2048 [ 463.441183][ T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 463.450945][ T54] Bluetooth: hci2: Injecting HCI hardware error event [ 463.456696][T10631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 463.484613][ T54] Bluetooth: hci2: hardware error 0x00 [ 463.518931][T10637] loop3: detected capacity change from 0 to 2048 [ 463.676266][T10637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 463.804888][T10637] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 463.883465][T10637] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28 [ 463.945263][T10654] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 463.959618][T10637] EXT4-fs (loop3): This should not happen!! Data will be lost [ 463.959618][T10637] [ 464.000085][T10637] EXT4-fs (loop3): Total free blocks count 0 [ 464.006138][T10637] EXT4-fs (loop3): Free/Dirty block details [ 464.015635][T10654] EXT4-fs (loop3): This should not happen!! Data will be lost [ 464.015635][T10654] [ 464.056167][T10637] EXT4-fs (loop3): free_blocks=2415919104 [ 464.078654][T10637] EXT4-fs (loop3): dirty_blocks=16 [ 464.089553][T10654] EXT4-fs (loop3): Total free blocks count 0 [ 465.508534][ T9986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 465.579830][ T54] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 465.824564][T10656] loop1: detected capacity change from 0 to 32768 [ 466.141638][ T54] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 466.152298][ T54] Bluetooth: hci4: Injecting HCI hardware error event [ 466.162655][ T5116] Bluetooth: hci4: hardware error 0x00 [ 467.163220][ T1058] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.273794][T10672] loop2: detected capacity change from 0 to 32768 [ 467.366835][T10671] loop3: detected capacity change from 0 to 32768 [ 467.380341][ T5154] usb 5-1: new full-speed USB device number 16 using dummy_hcd [ 467.408027][ T1058] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.446095][T10671] XFS (loop3): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 467.587887][T10671] XFS (loop3): Ending clean mount [ 467.610717][ T5154] usb 5-1: not running at top speed; connect to a high speed hub [ 467.659709][ T5154] usb 5-1: config 123 has an invalid interface number: 222 but max is 1 [ 467.681581][ T5154] usb 5-1: config 123 has an invalid interface number: 61 but max is 1 [ 467.684855][ T8] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 467.699177][ T1058] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.728520][ T5154] usb 5-1: config 123 has no interface number 0 [ 467.743875][ T5154] usb 5-1: config 123 has no interface number 1 [ 467.765344][ T5154] usb 5-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64 [ 467.785192][ T5154] usb 5-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping [ 467.823531][ T5154] usb 5-1: config 123 interface 222 has no altsetting 0 [ 467.842046][ T5154] usb 5-1: config 123 interface 61 has no altsetting 0 [ 467.849255][T10704] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 467.876069][T10704] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 467.881041][ T5154] usb 5-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c [ 467.886546][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.909790][T10704] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 467.913286][ T5154] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.924907][ T8] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 467.934601][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.945285][T10704] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 467.953122][T10704] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 467.957138][ T1058] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.974879][T10704] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 467.987179][ T8] usb 1-1: config 0 descriptor?? [ 467.989863][ T5154] usb 5-1: Product: 膅浣렴赚䵜îœç‡”㤶ç§å™«îš¥æ‡ˆï–‚奤겾༉似甠á‡ì¦¦ìŒ«á„‘⣎蓙ḸëŠá¸‰è´ˆî ˆå¶§æ“®í‡†ä„‚ꚇ홤懠햵蠵⧗á³ç¨•Û¡ê´–讓퓗軻ï…礸⫊ä›ì¤»çƒ”䜄쎽⯂駰轅瑠ꊉ宩줌㕺⚰ [ 468.021757][ T9958] XFS (loop3): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 468.031580][ T5154] usb 5-1: Manufacturer: à Œ [ 468.042787][ T5154] usb 5-1: SerialNumber: syz [ 468.380509][ T5116] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 468.433880][ T8] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor [ 468.437245][ T5154] usb 5-1: bad CDC descriptors [ 468.478660][ T5154] usb 5-1: USB disconnect, device number 16 [ 468.519157][ T8] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0006/input/input14 [ 468.605061][ T1058] bridge_slave_1: left allmulticast mode [ 468.631783][ T1058] bridge_slave_1: left promiscuous mode [ 468.682989][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state [ 468.750347][ T1058] bridge_slave_0: left allmulticast mode [ 468.768848][ T1058] bridge_slave_0: left promiscuous mode [ 468.779380][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state [ 468.828098][ T8] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 468.895332][ T8] usb 1-1: USB disconnect, device number 9 [ 470.365615][ T5116] Bluetooth: hci0: command tx timeout [ 470.925694][T10731] can: request_module (can-proto-0) failed. [ 470.986685][T10727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1682'. [ 470.999554][T10727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1682'. [ 471.392809][ T8] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 472.390401][ T5116] Bluetooth: hci0: command tx timeout [ 472.394029][ T8] usb 1-1: config 0 has an invalid interface number: 16 but max is 0 [ 472.423029][ T8] usb 1-1: config 0 has no interface number 0 [ 472.441670][ T8] usb 1-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee [ 472.487771][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.516288][ T8] usb 1-1: config 0 descriptor?? [ 472.539733][ T5158] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 472.655376][T10742] loop4: detected capacity change from 0 to 32768 [ 472.673892][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 472.695255][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 472.704456][T10742] XFS (loop4): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 472.718201][ T1058] bond0 (unregistering): Released all slaves [ 472.742172][ T5158] usb 4-1: not running at top speed; connect to a high speed hub [ 472.742601][ T929] usb 1-1: USB disconnect, device number 10 [ 472.752868][ T5158] usb 4-1: config 123 has an invalid interface number: 222 but max is 1 [ 472.769684][ T5158] usb 4-1: config 123 has an invalid interface number: 61 but max is 1 [ 472.777987][ T5158] usb 4-1: config 123 has no interface number 0 [ 472.799233][ T5158] usb 4-1: config 123 has no interface number 1 [ 472.818609][ T5158] usb 4-1: config 123 interface 61 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 64 [ 472.832836][ T5158] usb 4-1: config 123 interface 61 altsetting 2 has a duplicate endpoint with address 0xF, skipping [ 472.846662][ T5158] usb 4-1: config 123 interface 222 has no altsetting 0 [ 472.855130][ T5158] usb 4-1: config 123 interface 61 has no altsetting 0 [ 472.885904][ T5158] usb 4-1: New USB device found, idVendor=13d3, idProduct=3321, bcdDevice=8f.1c [ 472.917594][ T5158] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.945973][ T5158] usb 4-1: Product: 膅浣렴赚䵜îœç‡”㤶ç§å™«îš¥æ‡ˆï–‚奤겾༉似甠á‡ì¦¦ìŒ«á„‘⣎蓙ḸëŠá¸‰è´ˆî ˆå¶§æ“®í‡†ä„‚ꚇ홤懠햵蠵⧗á³ç¨•Û¡ê´–讓퓗軻ï…礸⫊ä›ì¤»çƒ”䜄쎽⯂駰轅瑠ꊉ宩줌㕺⚰ [ 472.980013][ T5158] usb 4-1: Manufacturer: à Œ [ 472.982854][T10742] XFS (loop4): Ending clean mount [ 473.003404][ T5158] usb 4-1: SerialNumber: syz [ 473.152154][ T5284] udevd[5284]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.16/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 473.248693][T10767] loop2: detected capacity change from 0 to 8192 [ 473.279829][T10767] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 473.322019][T10702] chnl_net:caif_netlink_parms(): no params data found [ 473.433114][ T9986] XFS (loop4): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 473.525197][ T1058] hsr_slave_0: left promiscuous mode [ 473.537050][ T5158] usb 4-1: bad CDC descriptors [ 473.546109][ T1058] hsr_slave_1: left promiscuous mode [ 473.551216][ T5158] usb 4-1: USB disconnect, device number 11 [ 473.594449][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 473.610637][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 473.636417][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 473.655225][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 473.784330][ T1058] veth1_macvtap: left promiscuous mode [ 473.805244][ T1058] veth0_macvtap: left promiscuous mode [ 473.839731][ T1058] veth1_vlan: left promiscuous mode [ 473.855365][ T1058] veth0_vlan: left promiscuous mode [ 474.162379][T10785] loop4: detected capacity change from 0 to 256 [ 474.459717][ T5116] Bluetooth: hci0: command tx timeout [ 475.000668][ T5158] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 475.178297][ T1058] team0 (unregistering): Port device team_slave_1 removed [ 475.236923][ T5158] usb 4-1: config 0 has an invalid interface number: 16 but max is 0 [ 475.246875][ T5158] usb 4-1: config 0 has no interface number 0 [ 475.256919][ T5158] usb 4-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee [ 475.284526][ T5158] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.298038][ T5158] usb 4-1: config 0 descriptor?? [ 475.350194][ T1058] team0 (unregistering): Port device team_slave_0 removed [ 475.365391][T10801] loop4: detected capacity change from 0 to 2048 [ 475.434959][T10801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 475.582187][ T5158] usb 4-1: USB disconnect, device number 12 [ 476.448370][ T9986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.539667][ T5116] Bluetooth: hci0: command tx timeout [ 476.588011][T10773] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 476.658699][T10817] loop4: detected capacity change from 0 to 164 [ 476.677919][T10817] Unable to read rock-ridge attributes [ 476.745153][T10817] netlink: 'syz.4.1714': attribute type 4 has an invalid length. [ 477.090696][T10702] bridge0: port 1(bridge_slave_0) entered blocking state [ 477.099281][T10702] bridge0: port 1(bridge_slave_0) entered disabled state [ 477.832263][T10702] bridge_slave_0: entered allmulticast mode [ 477.861943][T10702] bridge_slave_0: entered promiscuous mode [ 477.884951][T10702] bridge0: port 2(bridge_slave_1) entered blocking state [ 477.909852][T10702] bridge0: port 2(bridge_slave_1) entered disabled state [ 478.020474][T10841] loop4: detected capacity change from 0 to 1024 [ 478.046256][T10702] bridge_slave_1: entered allmulticast mode [ 478.067162][T10702] bridge_slave_1: entered promiscuous mode [ 478.203232][T10702] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 478.252355][T10702] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 478.365494][T10702] team0: Port device team_slave_0 added [ 478.384170][T10702] team0: Port device team_slave_1 added [ 478.434825][T10852] geneve2: entered promiscuous mode [ 478.451292][T10852] geneve2: entered allmulticast mode [ 478.514621][T10855] loop0: detected capacity change from 0 to 512 [ 478.523683][T10855] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 478.573376][T10702] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 478.580948][T10702] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 478.608374][T10702] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 478.634279][T10855] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.1727: iget: bad extended attribute block 19 [ 478.668724][T10702] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 478.676407][T10702] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 478.676672][T10855] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1727: couldn't read orphan inode 15 (err -117) [ 478.709640][T10702] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 478.735223][T10855] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 478.882264][T10865] loop3: detected capacity change from 0 to 164 [ 478.886983][ T9986] hfsplus: bad catalog entry type [ 478.895783][T10865] Unable to read rock-ridge attributes [ 478.928954][ T9986] hfsplus: bad catalog entry type [ 478.942073][T10702] hsr_slave_0: entered promiscuous mode [ 478.956206][T10134] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.040343][T10702] hsr_slave_1: entered promiscuous mode [ 479.062485][ T1058] hfsplus: b-tree write err: -5, ino 4 [ 479.397118][T10865] netlink: 'syz.3.1730': attribute type 4 has an invalid length. [ 480.234604][ T1058] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.531022][ T1058] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.596965][T10891] loop0: detected capacity change from 0 to 512 [ 480.631065][T10891] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 480.693294][ T1058] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.718997][T10891] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.1742: iget: bad extended attribute block 19 [ 480.744596][T10891] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1742: couldn't read orphan inode 15 (err -117) [ 480.800563][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 480.815660][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 480.823544][T10891] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 480.840428][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 480.851487][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 480.866798][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 480.875754][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 480.981579][ T1058] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 481.025272][T10134] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 481.621596][T10918] batadv0: entered promiscuous mode [ 481.645886][T10918] vlan2: entered promiscuous mode [ 481.656003][T10918] vlan2: entered allmulticast mode [ 481.676601][T10918] batadv0: entered allmulticast mode [ 481.693940][T10918] batadv0: left allmulticast mode [ 481.707086][T10918] batadv0: left promiscuous mode [ 481.747086][ T1058] bridge_slave_1: left allmulticast mode [ 481.753154][ T1058] bridge_slave_1: left promiscuous mode [ 481.759028][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.771086][ T1058] bridge_slave_0: left allmulticast mode [ 481.776841][ T1058] bridge_slave_0: left promiscuous mode [ 481.787395][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.036320][ T5116] Bluetooth: hci1: command tx timeout [ 483.345826][T10962] netlink: 'syz.0.1769': attribute type 11 has an invalid length. [ 483.367930][T10962] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1769'. [ 483.499091][T10970] loop2: detected capacity change from 0 to 1024 [ 483.515650][T10970] EXT4-fs: Ignoring removed nomblk_io_submit option [ 483.526574][T10970] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 483.553053][T10970] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 483.561544][T10970] System zones: 0-1, 3-36 [ 483.561954][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 483.576886][T10970] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 483.618531][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 483.644414][ T1058] bond0 (unregistering): Released all slaves [ 483.650129][T10970] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1767: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 483.714560][T10970] xt_CT: You must specify a L4 protocol and not use inversions on it [ 483.740145][T10976] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0 [ 483.830318][T10702] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 483.875138][T10702] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 484.659035][ T9730] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 484.733038][T10702] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 484.784514][T10702] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 484.911313][T10999] netlink: 'syz.3.1779': attribute type 11 has an invalid length. [ 484.921869][T10999] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1779'. [ 485.099776][ T5116] Bluetooth: hci1: command tx timeout [ 485.155925][T10900] chnl_net:caif_netlink_parms(): no params data found [ 485.871150][ T1058] hsr_slave_0: left promiscuous mode [ 485.893414][ T1058] hsr_slave_1: left promiscuous mode [ 485.899249][T11008] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0 [ 485.919061][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 485.927827][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 485.945186][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 485.970595][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 486.066849][ T1058] veth1_macvtap: left promiscuous mode [ 486.083358][ T1058] veth0_macvtap: left promiscuous mode [ 486.089134][ T1058] veth1_vlan: left promiscuous mode [ 486.114554][ T1058] veth0_vlan: left promiscuous mode [ 486.139900][ T929] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 486.342648][ T929] usb 4-1: Using ep0 maxpacket: 16 [ 486.351669][ T929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 486.387894][ T929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 486.398034][ T929] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 486.419207][ T929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.458092][ T929] usb 4-1: config 0 descriptor?? [ 487.193662][ T5116] Bluetooth: hci1: command tx timeout [ 487.884191][ T929] usbhid 4-1:0.0: can't add hid device: -71 [ 487.906400][ T929] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 487.951789][ T929] usb 4-1: USB disconnect, device number 13 [ 488.884345][T11038] loop2: detected capacity change from 0 to 512 [ 488.907821][ T1058] team0 (unregistering): Port device team_slave_1 removed [ 488.958455][T11038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 488.984739][T11038] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 489.008313][T11047] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0 [ 489.027134][T11038] EXT4-fs error (device loop2): ext4_get_verity_descriptor_location:335: inode #15: comm syz.2.1791: verity file corrupted; can't find descriptor [ 489.065759][T11038] fs-verity (loop2, inode 15): Error -117 getting verity descriptor size [ 489.080870][ T1058] team0 (unregistering): Port device team_slave_0 removed [ 489.138897][ T9730] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.230944][T11052] loop2: detected capacity change from 0 to 512 [ 489.251974][T11052] EXT4-fs: Ignoring removed bh option [ 489.269685][ T5116] Bluetooth: hci1: command tx timeout [ 489.326369][T11052] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 489.344512][ T9352] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 489.364321][T11052] EXT4-fs (loop2): 1 truncate cleaned up [ 489.384745][T11052] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 489.537772][ T9730] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.553899][ T9352] usb 4-1: Using ep0 maxpacket: 32 [ 489.592307][ T9352] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 489.601601][ T9352] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.626531][ T9352] usb 4-1: config 0 descriptor?? [ 489.649384][ T9352] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 490.327321][T11064] loop0: detected capacity change from 0 to 128 [ 490.392919][T11064] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 490.408768][T10900] bridge0: port 1(bridge_slave_0) entered blocking state [ 490.416536][T10900] bridge0: port 1(bridge_slave_0) entered disabled state [ 490.424598][T10900] bridge_slave_0: entered allmulticast mode [ 490.433205][T10900] bridge_slave_0: entered promiscuous mode [ 490.434348][T11064] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 490.451750][T10900] bridge0: port 2(bridge_slave_1) entered blocking state [ 490.459755][T10900] bridge0: port 2(bridge_slave_1) entered disabled state [ 490.468272][T10900] bridge_slave_1: entered allmulticast mode [ 490.476214][T10900] bridge_slave_1: entered promiscuous mode [ 490.497549][T11064] fscrypt (loop0, inode 12): Unsupported encryption flags (0x08) [ 490.545318][T10900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 490.593838][T10134] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 490.607227][T10900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 490.769381][T10900] team0: Port device team_slave_0 added [ 490.829378][T10702] 8021q: adding VLAN 0 to HW filter on device bond0 [ 490.871734][T10900] team0: Port device team_slave_1 added [ 491.047429][T10900] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 491.054731][T10900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.075119][T11077] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0 [ 491.097958][T10900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 491.121298][T10900] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 491.129333][T10900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.137109][ T9352] gspca_vc032x: reg_w err -71 [ 491.166254][T10900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 491.186476][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.210232][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.216309][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.221856][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.227275][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.233089][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.234505][T10702] 8021q: adding VLAN 0 to HW filter on device team0 [ 491.238477][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.250880][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.256186][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.268614][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.272007][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state [ 491.281574][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 491.289679][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.298775][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.311520][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.320367][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.321583][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state [ 491.325674][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.332836][ T5156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 491.338969][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.382221][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.395611][ T9352] gspca_vc032x: I2c Bus Busy Wait 00 [ 491.421929][ T9352] gspca_vc032x: Unknown sensor... [ 491.439632][ T9352] vc032x 4-1:0.0: probe with driver vc032x failed with error -22 [ 491.468625][ T9352] usb 4-1: USB disconnect, device number 14 [ 491.497628][T10900] hsr_slave_0: entered promiscuous mode [ 491.506324][T11085] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1804'. [ 491.517384][T10900] hsr_slave_1: entered promiscuous mode [ 491.525955][T10900] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 491.534631][T10900] Cannot create hsr debugfs directory [ 491.798491][T11092] Bluetooth: MGMT ver 1.23 [ 491.814197][T10702] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 491.969383][T11094] loop3: detected capacity change from 0 to 4096 [ 492.005032][T11094] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 492.029891][T10702] veth0_vlan: entered promiscuous mode [ 492.046384][T11094] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 492.055325][T10702] veth1_vlan: entered promiscuous mode [ 492.079456][T11094] ntfs3: loop3: Failed to load $MFT (-22). [ 492.134729][T10702] veth0_macvtap: entered promiscuous mode [ 492.167653][T10702] veth1_macvtap: entered promiscuous mode [ 492.195923][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.231550][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.249798][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.265027][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.275256][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.286769][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.299030][T10702] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 492.322965][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 492.338796][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.349108][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 492.359781][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.362966][T11101] loop3: detected capacity change from 0 to 4096 [ 492.369705][T10702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 492.369727][T10702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.371356][T10702] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 492.385698][T11101] ntfs3: loop3: Unsupported bytes per MFT record 32768. [ 492.413717][T11101] ntfs3: loop3: try to read out of volume at offset 0x1ffe00 [ 492.473883][T10702] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.483738][T10702] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.493424][T10702] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.502592][T10702] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.587075][T10900] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 492.600113][T10900] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 492.674597][T10900] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 492.704581][T10900] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 492.826031][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 492.855183][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 492.873882][T11111] loop3: detected capacity change from 0 to 128 [ 492.943542][T11113] loop0: detected capacity change from 0 to 2048 [ 492.965993][ T2445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 492.974945][T11113] EXT4-fs: Ignoring removed nobh option [ 493.001386][T11111] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 493.030969][ T2445] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.048296][T11113] ext4: Unknown parameter 'smackfshat' [ 493.100107][T11111] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 493.365951][T11111] syz.3.1813 (pid 11111) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 493.366347][T10900] 8021q: adding VLAN 0 to HW filter on device bond0 [ 493.461750][T10900] 8021q: adding VLAN 0 to HW filter on device team0 [ 493.546540][ T9352] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.553938][ T9352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 493.625150][ T9958] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 493.670441][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state [ 493.677800][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 493.910965][T11130] loop1: detected capacity change from 0 to 4096 [ 493.954551][T11130] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 494.087304][T11130] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 494.106122][T11130] ntfs3: loop1: Failed to load $MFT (-22). [ 494.394654][T11147] loop1: detected capacity change from 0 to 2048 [ 494.438574][T11147] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 494.452900][T11147] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 494.505086][T10702] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 494.515009][T11153] IPv6: addrconf: prefix option has invalid lifetime [ 494.644349][T11156] netlink: 'syz.0.1826': attribute type 21 has an invalid length. [ 494.673231][T11156] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1826'. [ 494.742734][T10900] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 494.826541][T11160] loop1: detected capacity change from 0 to 2048 [ 494.847071][T11160] EXT4-fs: Ignoring removed nobh option [ 494.883885][T11160] ext4: Unknown parameter 'smackfshat' [ 495.346002][ T54] Bluetooth: hci5: sending frame failed (-49) [ 495.356554][ T5116] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 495.501067][T11187] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 495.509944][T11187] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 496.277639][T10900] veth0_vlan: entered promiscuous mode [ 496.475400][T11196] loop0: detected capacity change from 0 to 2048 [ 496.481996][T10900] veth1_vlan: entered promiscuous mode [ 496.691418][T11196] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 496.744245][T10900] veth0_macvtap: entered promiscuous mode [ 496.750404][T11196] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 496.755498][T10900] veth1_macvtap: entered promiscuous mode [ 496.849408][T11200] loop1: detected capacity change from 0 to 164 [ 496.865632][T11200] Unable to read rock-ridge attributes [ 496.873891][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 496.929165][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 496.959839][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 496.980052][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.005835][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.029565][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.039815][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.051888][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.064676][T10900] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 497.078858][T11200] netlink: 'syz.1.1837': attribute type 4 has an invalid length. [ 497.088038][T10134] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.143247][T11202] loop3: detected capacity change from 0 to 1024 [ 497.157638][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.210669][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.238963][T11202] hfsplus: extend alloc file! (8192,65536,366) [ 497.242672][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.288034][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.304880][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.316615][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.358118][T10900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.376173][T10900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.426058][T10900] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 497.466445][T10900] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.485731][T10900] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.506284][T10900] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.534838][T10900] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.761696][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 497.800576][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 497.882512][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 497.906926][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 498.223458][T11218] loop2: detected capacity change from 0 to 256 [ 498.973469][T11216] pim6reg1: entered promiscuous mode [ 498.978812][T11216] pim6reg1: entered allmulticast mode [ 499.140951][T11222] loop4: detected capacity change from 0 to 256 [ 499.356902][T11232] loop1: detected capacity change from 0 to 4096 [ 499.396809][T11232] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 499.545722][T11232] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 499.695395][T11245] IPv6: addrconf: prefix option has invalid lifetime [ 499.874099][T11249] loop2: detected capacity change from 0 to 164 [ 499.936269][T11249] Unable to read rock-ridge attributes [ 500.120392][T11251] loop3: detected capacity change from 0 to 1764 [ 500.558161][T11249] netlink: 'syz.2.1854': attribute type 4 has an invalid length. [ 500.578812][ C1] eth0: bad gso: type: 1, size: 1408 [ 500.788774][T11256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1855'. [ 500.939842][ T54] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 500.952102][ T54] Bluetooth: hci0: Injecting HCI hardware error event [ 500.963518][ T5116] Bluetooth: hci0: hardware error 0x00 [ 500.972962][T11261] loop3: detected capacity change from 0 to 512 [ 501.003771][T11261] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 501.059324][T11261] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 not in group (block 2)! [ 501.115268][T11261] EXT4-fs (loop3): group descriptors corrupted! [ 501.910832][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.920106][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.516644][T11276] loop1: detected capacity change from 0 to 256 [ 502.533081][T11275] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 502.720033][T11282] loop0: detected capacity change from 0 to 512 [ 502.741495][T11282] EXT4-fs (loop0): failed to initialize system zone (-117) [ 502.765115][T11282] EXT4-fs (loop0): mount failed [ 502.945893][T11282] IPVS: Scheduler module ip_vs_sip not found [ 503.077295][T11296] tipc: Enabling of bearer rejected, failed to enable media [ 503.101721][ T5116] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 503.318711][T11307] loop1: detected capacity change from 0 to 256 [ 503.357390][T11307] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 504.287380][T11320] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 504.353349][T11321] loop2: detected capacity change from 0 to 512 [ 504.368507][T11321] EXT4-fs: Ignoring removed nomblk_io_submit option [ 504.380489][T11321] EXT4-fs: old and new quota format mixing [ 504.519791][ T29] audit: type=1326 audit(1721300408.327:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11329 comm="syz.3.1883" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfee175b59 code=0x0 [ 504.580715][T11331] block nbd4: shutting down sockets [ 504.632861][T11334] loop1: detected capacity change from 0 to 2048 [ 504.646306][T11334] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 504.661611][T11336] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 504.716858][T11331] block nbd4: NBD_DISCONNECT [ 504.726573][T11331] block nbd4: Send disconnect failed -32 [ 504.741111][T11331] block nbd4: Send disconnect failed -32 [ 505.043185][T11351] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 505.043185][T11351] The task syz.0.1888 (11351) triggered the difference, watch for misbehavior. [ 505.047459][T11350] loop1: detected capacity change from 0 to 164 [ 505.119407][T11350] Unable to read rock-ridge attributes [ 505.255071][T11350] netlink: 'syz.1.1890': attribute type 4 has an invalid length. [ 505.686732][T11360] syzkaller0: entered promiscuous mode [ 505.700436][T11360] syzkaller0: entered allmulticast mode [ 505.727216][ T2800] syzkaller0: tun_net_xmit 48 [ 505.780451][T11360] syzkaller0: tun_net_xmit 1280 [ 505.788813][T11360] syzkaller0: create flow: hash 2072909718 index 1 [ 505.796988][T11366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1895'. [ 505.967030][T11368] loop1: detected capacity change from 0 to 512 [ 505.984222][T11368] EXT4-fs: Ignoring removed nomblk_io_submit option [ 506.001728][T11368] EXT4-fs: old and new quota format mixing [ 506.106391][T11358] syzkaller0: delete flow: hash 2072909718 index 1 [ 506.608259][ T29] audit: type=1326 audit(1721300410.417:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11378 comm="syz.3.1902" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfee175b59 code=0x0 [ 507.746321][T11387] loop3: detected capacity change from 0 to 128 [ 507.765599][T11387] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 507.794872][T11387] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 510.149223][T11403] loop3: detected capacity change from 0 to 1024 [ 510.198403][T11403] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.374896][ T9958] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.269588][ C1] DEBUG: holding rtnl_mutex for 516 jiffies. [ 511.276174][ C1] task:syz.4.1893 state:R running task stack:24432 pid:11358 tgid:11358 ppid:10900 flags:0x00004006 [ 511.288075][ C1] Call Trace: [ 511.291405][ C1] [ 511.294425][ C1] __schedule+0x1800/0x4a60 [ 511.299410][ C1] ? __pfx___schedule+0x10/0x10 [ 511.304358][ C1] ? __pfx_lock_release+0x10/0x10 [ 511.309416][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 511.315355][ C1] ? schedule+0x90/0x320 [ 511.319622][ C1] schedule+0x14b/0x320 [ 511.323775][ C1] synchronize_rcu_expedited+0x684/0x830 [ 511.329441][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 511.335628][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 511.340959][ C1] ? __pfx___might_resched+0x10/0x10 [ 511.346272][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 511.352294][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 511.358396][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 511.364797][ C1] synchronize_rcu+0x11b/0x360 [ 511.369718][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 511.375036][ C1] lockdep_unregister_key+0x4b7/0x540 [ 511.380455][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 511.386344][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 511.391748][ C1] ? __qdisc_destroy+0x150/0x410 [ 511.396976][ C1] ? kfree+0x149/0x360 [ 511.401056][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 511.406653][ C1] __qdisc_destroy+0x165/0x410 [ 511.411567][ C1] dev_shutdown+0x9b/0x450 [ 511.415976][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 511.422344][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 511.429124][ C1] ? mark_lock+0x9a/0x360 [ 511.433467][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 511.439899][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 511.446252][ C1] ? trace_irq_enable+0x2c/0x120 [ 511.451218][ C1] ? queue_delayed_work_on+0x1eb/0x390 [ 511.456715][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 511.461967][ C1] unregister_netdevice_queue+0x303/0x370 [ 511.467691][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 511.473951][ C1] __tun_detach+0x6b9/0x1600 [ 511.478562][ C1] tun_chr_close+0x108/0x1b0 [ 511.483163][ C1] ? __pfx_tun_chr_close+0x10/0x10 [ 511.488261][ C1] __fput+0x24a/0x8a0 [ 511.492259][ C1] task_work_run+0x24f/0x310 [ 511.496877][ C1] ? __pfx_task_work_run+0x10/0x10 [ 511.502039][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 511.507869][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 511.513535][ C1] do_syscall_64+0x100/0x230 [ 511.518120][ C1] ? clear_bhb_loop+0x35/0x90 [ 511.522815][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.528724][ C1] RIP: 0033:0x7fbd5ad75b59 [ 511.533166][ C1] RSP: 002b:00007ffc86bba248 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 511.541802][ C1] RAX: 0000000000000000 RBX: 000000000007b670 RCX: 00007fbd5ad75b59 [ 511.550040][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 511.558137][ C1] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000001e86bba56f [ 511.566215][ C1] R10: 00007fbd5ac00000 R11: 0000000000000246 R12: 00007fbd5af03f6c [ 511.574261][ C1] R13: 0000000000000032 R14: 00007fbd5af05a60 R15: 00007fbd5af03f60 [ 511.582445][ C1] [ 511.585520][ C1] DEBUG: waiting rtnl_mutex for 545 jiffies. [ 511.591582][ C1] task:kworker/1:4 state:D stack:22072 pid:5154 tgid:5154 ppid:2 flags:0x00004000 [ 511.602260][ C1] Workqueue: events linkwatch_event [ 511.607507][ C1] Call Trace: [ 511.610865][ C1] [ 511.613828][ C1] __schedule+0x1800/0x4a60 [ 511.618397][ C1] ? __pfx___schedule+0x10/0x10 [ 511.623428][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 511.629585][ C1] ? __pfx_lock_release+0x10/0x10 [ 511.634693][ C1] ? kick_pool+0x1bd/0x620 [ 511.639294][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 511.644769][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 511.650128][ C1] ? schedule+0x90/0x320 [ 511.654790][ C1] schedule+0x14b/0x320 [ 511.658999][ C1] schedule_preempt_disabled+0x13/0x30 [ 511.664572][ C1] __mutex_lock+0x6a4/0xd70 [ 511.669143][ C1] ? __mutex_lock+0x527/0xd70 [ 511.673924][ C1] ? linkwatch_event+0xe/0x60 [ 511.678705][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 511.683947][ C1] ? get_rtnl_holder+0x144/0x190 [ 511.688952][ C1] ? process_scheduled_works+0x945/0x1830 [ 511.694768][ C1] linkwatch_event+0xe/0x60 [ 511.699309][ C1] process_scheduled_works+0xa2c/0x1830 [ 511.704967][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 511.708534][T11421] loop3: detected capacity change from 0 to 2048 [ 511.711033][ C1] ? assign_work+0x364/0x3d0 [ 511.722137][ C1] worker_thread+0x86d/0xd40 [ 511.726838][ C1] ? __kthread_parkme+0x169/0x1d0 [ 511.730958][T11421] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 511.731916][ C1] ? __pfx_worker_thread+0x10/0x10 [ 511.745822][ C1] kthread+0x2f0/0x390 [ 511.749958][ C1] ? __pfx_worker_thread+0x10/0x10 [ 511.755115][ C1] ? __pfx_kthread+0x10/0x10 [ 511.759777][ C1] ret_from_fork+0x4b/0x80 [ 511.764284][ C1] ? __pfx_kthread+0x10/0x10 [ 511.768933][ C1] ret_from_fork_asm+0x1a/0x30 [ 511.773802][ C1] [ 511.776913][ C1] [ 511.776913][ C1] Showing all locks held in the system: [ 511.784827][ C1] 2 locks held by getty/4856: [ 511.789557][ C1] #0: ffff88802f3090a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 511.799404][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 511.809580][ C1] 3 locks held by kworker/1:4/5154: [ 511.814784][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 511.825805][ C1] #1: ffffc9000445fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 511.836872][ C1] #2: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 511.845876][ C1] 2 locks held by syz.4.1893/11358: [ 511.851085][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 511.860065][ C1] #1: ffffffff8e33ce78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 511.870984][ C1] 2 locks held by syz.0.1903/11382: [ 511.876160][ C1] #0: ffffffff8ee58488 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0 [ 511.884889][ C1] #1: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x78b/0x1cd0 [ 511.893716][ C1] 1 lock held by syz.0.1903/11383: [ 511.898808][ C1] #0: ffffffff8ee58488 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0 [ 511.907553][ C1] 2 locks held by syz.3.1916/11420: [ 511.912775][ C1] #0: ffff88807eea5608 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 511.922972][ C1] #1: ffffffff8e33ce78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 511.933952][ C1] [ 511.936263][ C1] ============================================= [ 511.936263][ C1] [ 512.094922][T11423] netlink: 'syz.4.1918': attribute type 1 has an invalid length. [ 512.102950][T11423] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.1918'. [ 512.407888][T11435] mmap: syz.0.1924 (11435) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 513.405592][T11444] netlink: 'syz.3.1929': attribute type 1 has an invalid length. [ 513.412518][T11446] loop0: detected capacity change from 0 to 128 [ 513.417836][T11444] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.1929'. [ 513.532883][T11449] netlink: 'syz.3.1930': attribute type 3 has an invalid length. [ 513.638327][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 513.651230][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 513.663604][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 513.672175][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 513.681294][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 513.688684][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 513.923291][T11453] chnl_net:caif_netlink_parms(): no params data found [ 514.068069][T11453] bridge0: port 1(bridge_slave_0) entered blocking state [ 514.075771][T11453] bridge0: port 1(bridge_slave_0) entered disabled state [ 514.083059][T11453] bridge_slave_0: entered allmulticast mode [ 514.090307][T11453] bridge_slave_0: entered promiscuous mode [ 514.098154][T11453] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.106241][T11453] bridge0: port 2(bridge_slave_1) entered disabled state [ 514.113676][T11453] bridge_slave_1: entered allmulticast mode [ 514.122341][T11453] bridge_slave_1: entered promiscuous mode [ 514.150646][T11453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 514.163528][T11453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 514.198513][T11453] team0: Port device team_slave_0 added [ 514.211308][T11453] team0: Port device team_slave_1 added [ 514.255496][T11453] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 514.262844][T11453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 514.292910][T11453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 514.306491][T11453] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 514.313809][T11453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 514.345621][T11453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 514.493993][ T1058] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.430393][ T1058] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.573816][T11453] hsr_slave_0: entered promiscuous mode [ 515.620173][T11453] hsr_slave_1: entered promiscuous mode [ 515.633556][ T5116] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 515.651194][ T5116] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 515.662247][ T5116] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 515.677059][ T5116] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 515.687682][T11482] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 515.687856][ T5116] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 515.699743][T11453] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 515.706685][ T5116] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 515.729055][T11453] Cannot create hsr debugfs directory [ 515.734751][ T5116] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 515.736190][T11482] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 515.742903][ T5116] Bluetooth: hci1: command tx timeout [ 515.756614][ T5116] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 515.757044][ T5103] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 515.800699][T10704] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 515.888509][ T1058] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.904399][T11477] netlink: 'syz.0.1940': attribute type 3 has an invalid length. [ 516.036313][ T1058] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 516.268013][T11453] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 516.407580][T11453] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 516.495830][ T1058] bridge_slave_1: left allmulticast mode [ 516.501935][ T1058] bridge_slave_1: left promiscuous mode [ 516.507655][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state [ 516.517444][ T1058] bridge_slave_0: left allmulticast mode [ 516.524691][ T1058] bridge_slave_0: left promiscuous mode [ 516.532190][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.008272][ T5116] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 517.029299][ T5116] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 517.058524][ T5116] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 517.102171][ T5116] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 517.110631][ T5116] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 517.119979][ T5116] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 517.383653][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 517.397664][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 517.408425][ T1058] bond0 (unregistering): Released all slaves [ 517.419621][ T1058] bond1 (unregistering): Released all slaves [ 517.454889][T11453] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.694473][T11453] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.819800][ T54] Bluetooth: hci5: command tx timeout [ 517.820251][ T5116] Bluetooth: hci1: command tx timeout [ 517.872914][T11480] chnl_net:caif_netlink_parms(): no params data found [ 517.899717][ T5116] Bluetooth: hci4: command tx timeout [ 518.153522][T11478] chnl_net:caif_netlink_parms(): no params data found [ 518.184293][ T1058] hsr_slave_0: left promiscuous mode [ 518.190769][ T1058] hsr_slave_1: left promiscuous mode [ 518.209829][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 518.218767][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 518.237638][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 518.245413][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 518.271939][ T1058] veth1_macvtap: left promiscuous mode [ 518.277516][ T1058] veth0_macvtap: left promiscuous mode [ 518.285312][ T1058] veth1_vlan: left promiscuous mode [ 518.290840][ T1058] veth0_vlan: left promiscuous mode [ 518.333304][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 518.348937][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 518.361619][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 518.371488][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 518.385441][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 518.402555][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 519.043018][ T1058] team0 (unregistering): Port device team_slave_1 removed [ 519.111374][ T1058] team0 (unregistering): Port device team_slave_0 removed [ 519.267718][ T54] Bluetooth: hci0: command tx timeout [ 519.861389][T11453] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 519.873994][T11453] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 519.893380][T11480] bridge0: port 1(bridge_slave_0) entered blocking state [ 519.900797][ T54] Bluetooth: hci1: command tx timeout [ 519.906405][T11480] bridge0: port 1(bridge_slave_0) entered disabled state [ 519.909894][ T54] Bluetooth: hci5: command 0x041b tx timeout [ 519.913748][T11480] bridge_slave_0: entered allmulticast mode [ 519.932811][T11480] bridge_slave_0: entered promiscuous mode [ 519.942993][T11480] bridge0: port 2(bridge_slave_1) entered blocking state [ 519.950448][T11480] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.959146][T11480] bridge_slave_1: entered allmulticast mode [ 519.979640][T10704] Bluetooth: hci4: command tx timeout [ 519.985792][T11480] bridge_slave_1: entered promiscuous mode [ 520.024847][T11453] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 520.038387][T11453] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 520.167062][T11480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 520.216790][T11480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 520.227793][T11478] bridge0: port 1(bridge_slave_0) entered blocking state [ 520.235938][T11478] bridge0: port 1(bridge_slave_0) entered disabled state [ 520.243885][T11478] bridge_slave_0: entered allmulticast mode [ 520.251635][T11478] bridge_slave_0: entered promiscuous mode [ 520.260628][T11478] bridge0: port 2(bridge_slave_1) entered blocking state [ 520.272649][T11478] bridge0: port 2(bridge_slave_1) entered disabled state [ 520.280706][T11478] bridge_slave_1: entered allmulticast mode [ 520.288308][T11478] bridge_slave_1: entered promiscuous mode [ 520.386977][T11480] team0: Port device team_slave_0 added [ 520.402514][T11480] team0: Port device team_slave_1 added [ 520.423697][T11478] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 520.438973][T11478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 520.463536][T10704] Bluetooth: hci2: command tx timeout [ 520.514197][T11480] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 520.529339][T11480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.558042][T11480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 520.604165][T11478] team0: Port device team_slave_0 added [ 520.615326][T11490] chnl_net:caif_netlink_parms(): no params data found [ 520.643524][T11478] team0: Port device team_slave_1 added [ 520.650278][T11480] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 520.657314][T11480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.684066][T11480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 520.799042][T11478] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 520.806273][T11478] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.832822][T11478] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 520.918338][T11478] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 520.925617][T11478] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.952854][T11478] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 521.049660][ T1058] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 521.094340][T11480] hsr_slave_0: entered promiscuous mode [ 521.102058][T11480] hsr_slave_1: entered promiscuous mode [ 521.117404][T11480] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 521.128788][T11480] Cannot create hsr debugfs directory [ 521.221557][ T1058] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 521.248498][T11500] chnl_net:caif_netlink_parms(): no params data found [ 521.274772][T11478] hsr_slave_0: entered promiscuous mode [ 521.292096][T11478] hsr_slave_1: entered promiscuous mode [ 521.298644][T11478] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 521.306678][T11478] Cannot create hsr debugfs directory [ 521.328579][T11490] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.336008][T11490] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.343262][T10704] Bluetooth: hci0: command tx timeout [ 521.345727][T11490] bridge_slave_0: entered allmulticast mode [ 521.361121][T11490] bridge_slave_0: entered promiscuous mode [ 521.406499][ T1058] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 521.446600][T11490] bridge0: port 2(bridge_slave_1) entered blocking state [ 521.456213][T11490] bridge0: port 2(bridge_slave_1) entered disabled state [ 521.465603][T11490] bridge_slave_1: entered allmulticast mode [ 521.472512][T11490] bridge_slave_1: entered promiscuous mode [ 521.550789][ T1058] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 521.632962][T11490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 521.703501][T11490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 521.725110][T11500] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.733436][T11500] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.742855][T11500] bridge_slave_0: entered allmulticast mode [ 521.750456][T11500] bridge_slave_0: entered promiscuous mode [ 521.812478][T11500] bridge0: port 2(bridge_slave_1) entered blocking state [ 521.821365][T11500] bridge0: port 2(bridge_slave_1) entered disabled state [ 521.828703][T11500] bridge_slave_1: entered allmulticast mode [ 521.835956][T11500] bridge_slave_1: entered promiscuous mode [ 521.874716][T11453] 8021q: adding VLAN 0 to HW filter on device bond0 [ 521.897430][T11490] team0: Port device team_slave_0 added [ 521.908501][T11490] team0: Port device team_slave_1 added [ 521.930787][T11500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 521.947482][T11500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 521.981081][T10704] Bluetooth: hci1: command tx timeout [ 521.989889][T10704] Bluetooth: hci5: command 0x041b tx timeout [ 522.059804][T10704] Bluetooth: hci4: command tx timeout [ 522.128187][T11490] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 522.136004][T11490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 522.164246][T11490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 522.214170][T11453] 8021q: adding VLAN 0 to HW filter on device team0 [ 522.245665][T11490] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 522.253185][T11490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 522.280872][T11490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 522.326728][T11500] team0: Port device team_slave_0 added [ 522.359078][T11500] team0: Port device team_slave_1 added [ 522.460952][ T1058] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.499366][ T927] bridge0: port 1(bridge_slave_0) entered blocking state [ 522.506497][ T927] bridge0: port 1(bridge_slave_0) entered forwarding state [ 522.541556][T10704] Bluetooth: hci2: command tx timeout [ 522.552269][T11490] hsr_slave_0: entered promiscuous mode [ 522.558755][T11490] hsr_slave_1: entered promiscuous mode [ 522.568116][T11490] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 522.575965][T11490] Cannot create hsr debugfs directory [ 522.586288][T11500] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 522.593992][T11500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 522.621980][T11500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 522.635150][T11500] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 522.642595][T11500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 522.668973][T11500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 522.707870][ T1058] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.845415][T11478] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.868758][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 522.876075][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 522.936801][ T1058] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.006324][T11478] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.080841][T11478] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.126011][ T1058] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.161953][T11500] hsr_slave_0: entered promiscuous mode [ 523.168755][T11500] hsr_slave_1: entered promiscuous mode [ 523.175613][T11500] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 523.189644][T11500] Cannot create hsr debugfs directory [ 523.242916][T11478] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.379415][T11453] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 523.419715][T10704] Bluetooth: hci0: command tx timeout [ 523.593043][ T1058] bridge_slave_1: left allmulticast mode [ 523.598721][ T1058] bridge_slave_1: left promiscuous mode [ 523.604917][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state [ 523.614912][ T1058] bridge_slave_0: left allmulticast mode [ 523.621261][ T1058] bridge_slave_0: left promiscuous mode [ 523.626940][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state [ 523.636934][ T1058] bridge_slave_1: left allmulticast mode [ 523.645122][ T1058] bridge_slave_1: left promiscuous mode [ 523.651086][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state [ 523.661790][ T1058] bridge_slave_0: left allmulticast mode [ 523.667473][ T1058] bridge_slave_0: left promiscuous mode [ 523.675127][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state [ 523.686458][ T1058] bridge_slave_1: left allmulticast mode [ 523.693464][ T1058] bridge_slave_1: left promiscuous mode [ 523.699259][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state [ 523.708638][ T1058] bridge_slave_0: left allmulticast mode [ 523.714611][ T1058] bridge_slave_0: left promiscuous mode [ 523.726829][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state [ 524.060016][T10704] Bluetooth: hci5: command 0x041b tx timeout [ 524.145587][T10704] Bluetooth: hci4: command tx timeout [ 524.621003][T10704] Bluetooth: hci2: command tx timeout [ 524.996038][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 525.012888][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 525.025800][ T1058] bond0 (unregistering): Released all slaves [ 525.234438][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 525.246429][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 525.257132][ T1058] bond0 (unregistering): Released all slaves [ 525.460812][ T1058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 525.472840][ T1058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 525.484636][ T1058] bond0 (unregistering): Released all slaves [ 525.499906][T10704] Bluetooth: hci0: command tx timeout [ 525.608238][T11478] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 525.672936][T11478] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 525.702481][T11478] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 525.727813][T11478] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 525.922604][ T1058] IPVS: stopping master sync thread 10430 ... [ 525.941539][T11453] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 525.956478][T11480] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 525.974048][T11480] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 526.077117][T11480] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 526.097205][T11480] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 526.140496][T10704] Bluetooth: hci5: command 0x041b tx timeout [ 526.586748][T11478] 8021q: adding VLAN 0 to HW filter on device bond0 [ 526.669379][T11480] 8021q: adding VLAN 0 to HW filter on device bond0 [ 526.710091][T10704] Bluetooth: hci2: command tx timeout [ 526.774391][T11478] 8021q: adding VLAN 0 to HW filter on device team0 [ 526.846732][ T5156] bridge0: port 1(bridge_slave_0) entered blocking state [ 526.853909][ T5156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 526.906330][ T1058] hsr_slave_0: left promiscuous mode [ 526.912529][ T1058] hsr_slave_1: left promiscuous mode [ 526.918447][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 526.936501][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 526.945390][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 526.953465][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 526.965436][ T1058] hsr_slave_0: left promiscuous mode [ 526.974734][ T1058] hsr_slave_1: left promiscuous mode [ 526.982752][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 526.991752][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 526.999657][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 527.007102][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 527.017634][ T1058] hsr_slave_0: left promiscuous mode [ 527.023917][ T1058] hsr_slave_1: left promiscuous mode [ 527.035631][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 527.043129][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 527.051563][ T1058] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 527.058982][ T1058] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 527.118799][ T1058] veth1_macvtap: left promiscuous mode [ 527.127068][ T1058] veth0_macvtap: left promiscuous mode [ 527.133424][ T1058] veth1_vlan: left promiscuous mode [ 527.138830][ T1058] veth0_vlan: left promiscuous mode [ 527.145112][ T1058] veth1_macvtap: left promiscuous mode [ 527.151037][ T1058] veth0_macvtap: left promiscuous mode [ 527.156601][ T1058] veth1_vlan: left promiscuous mode [ 527.162813][ T1058] veth0_vlan: left promiscuous mode [ 527.168985][ T1058] veth1_macvtap: left promiscuous mode [ 527.174809][ T1058] veth0_macvtap: left promiscuous mode [ 527.180627][ T1058] veth1_vlan: left promiscuous mode [ 527.186083][ T1058] veth0_vlan: left promiscuous mode [ 528.068022][ T1058] team0 (unregistering): Port device team_slave_1 removed [ 528.135076][ T1058] team0 (unregistering): Port device team_slave_0 removed [ 529.426145][ T1058] team0 (unregistering): Port device team_slave_1 removed [ 529.502075][ T1058] team0 (unregistering): Port device team_slave_0 removed [ 530.838841][ T1058] team0 (unregistering): Port device team_slave_1 removed [ 530.903259][ T1058] team0 (unregistering): Port device team_slave_0 removed [ 531.621827][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state [ 531.629066][ T5156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 531.647194][T11480] 8021q: adding VLAN 0 to HW filter on device team0 [ 531.687120][T11453] veth0_vlan: entered promiscuous mode [ 531.708947][T11453] veth1_vlan: entered promiscuous mode [ 531.802986][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state [ 531.810369][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 531.832939][ T929] bridge0: port 2(bridge_slave_1) entered blocking state [ 531.840270][ T929] bridge0: port 2(bridge_slave_1) entered forwarding state [ 532.018409][T11480] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 532.083003][T11453] veth0_macvtap: entered promiscuous mode [ 532.121916][T11453] veth1_macvtap: entered promiscuous mode [ 532.222121][T11453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 532.249892][T11453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 532.268227][T11453] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 532.281161][T11453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 532.294271][T11453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 532.305829][T11453] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 532.332376][T11453] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 532.349590][T11453] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 532.358330][T11453] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 532.375569][T11453] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 532.473243][T11490] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 532.544441][T11480] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 532.619432][T11490] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 532.645344][T11490] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 532.710870][T11478] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 532.734522][T11490] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 532.772964][T11480] veth0_vlan: entered promiscuous mode [ 532.889144][T11480] veth1_vlan: entered promiscuous mode [ 532.916596][ T2429] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 532.928463][ T2429] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 532.975495][T11500] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 532.986470][T11500] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 532.996739][T11500] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 533.047253][T11500] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 533.116859][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 533.121793][T11478] veth0_vlan: entered promiscuous mode [ 533.141139][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 533.197153][T11478] veth1_vlan: entered promiscuous mode [ 533.361765][T11480] veth0_macvtap: entered promiscuous mode [ 533.460497][T11480] veth1_macvtap: entered promiscuous mode [ 533.518169][T11500] 8021q: adding VLAN 0 to HW filter on device bond0 [ 533.528191][T11478] veth0_macvtap: entered promiscuous mode [ 533.578733][T11490] 8021q: adding VLAN 0 to HW filter on device bond0 [ 533.594925][T11478] veth1_macvtap: entered promiscuous mode [ 533.613698][T11500] 8021q: adding VLAN 0 to HW filter on device team0 [ 533.626245][T11545] loop4: detected capacity change from 0 to 256 [ 533.666559][ T5158] bridge0: port 1(bridge_slave_0) entered blocking state [ 533.673887][ T5158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 533.686117][T11545] FAT-fs (loop4): Directory bread(block 64) failed [ 533.686999][ T5158] bridge0: port 2(bridge_slave_1) entered blocking state [ 533.693433][T11545] FAT-fs (loop4): Directory bread(block 65) failed [ 533.699822][ T5158] bridge0: port 2(bridge_slave_1) entered forwarding state [ 533.712619][T11490] 8021q: adding VLAN 0 to HW filter on device team0 [ 533.716371][T11545] FAT-fs (loop4): Directory bread(block 66) failed [ 533.728210][T11545] FAT-fs (loop4): Directory bread(block 67) failed [ 533.734253][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 533.735348][T11545] FAT-fs (loop4): Directory bread(block 68) failed [ 533.748496][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.759642][T11545] FAT-fs (loop4): Directory bread(block 69) failed [ 533.762221][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 533.768979][T11545] FAT-fs (loop4): Directory bread(block 70) failed [ 533.782960][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.796192][T11545] FAT-fs (loop4): Directory bread(block 71) failed [ 533.803703][T11545] FAT-fs (loop4): Directory bread(block 72) failed [ 533.804545][T11478] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 533.810779][T11545] FAT-fs (loop4): Directory bread(block 73) failed [ 533.834853][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 533.846022][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.856505][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 533.868375][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.878537][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 533.891390][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.903084][T11480] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 533.923566][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 533.939731][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.951127][T11478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 533.962115][T11478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.976643][T11478] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 533.985136][ C1] eth0: bad gso: type: 1, size: 1408 [ 534.004970][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 534.019412][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 534.030395][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 534.041276][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 534.052188][T11480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 534.066043][T11480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 534.097194][T11480] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 534.123927][ T5158] bridge0: port 1(bridge_slave_0) entered blocking state [ 534.131339][ T5158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 534.153316][T11478] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.166704][T11478] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.176723][T11478] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.185594][T11478] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.207450][T11549] netlink: 87 bytes leftover after parsing attributes in process `syz.4.1951'. [ 534.218722][T11480] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.236571][T11480] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.245910][T11480] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.262965][T11480] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 534.282187][ T929] bridge0: port 2(bridge_slave_1) entered blocking state [ 534.289359][ T929] bridge0: port 2(bridge_slave_1) entered forwarding state [ 534.356149][T11553] loop4: detected capacity change from 0 to 24 [ 534.359410][T11500] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 534.375064][T11553] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 534.419844][T11553] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 534.533659][T11553] VFS: Lookup of 'file0' in romfs loop4 would have caused loop [ 534.747050][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 534.771217][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 534.791358][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 534.799388][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 534.868940][T11564] loop4: detected capacity change from 0 to 256 [ 534.926876][T11564] FAT-fs (loop4): Directory bread(block 64) failed [ 534.967774][T11564] FAT-fs (loop4): Directory bread(block 65) failed [ 534.992604][T11564] FAT-fs (loop4): Directory bread(block 66) failed [ 534.997012][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 534.999255][T11564] FAT-fs (loop4): Directory bread(block 67) failed [ 535.036502][T11564] FAT-fs (loop4): Directory bread(block 68) failed [ 535.039070][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 535.059453][T11564] FAT-fs (loop4): Directory bread(block 69) failed [ 535.086182][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 535.099811][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 535.106256][T11564] FAT-fs (loop4): Directory bread(block 70) failed [ 535.127239][T11490] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 535.129862][T11564] FAT-fs (loop4): Directory bread(block 71) failed [ 535.138769][T11500] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 535.147816][T11564] FAT-fs (loop4): Directory bread(block 72) failed [ 535.170434][T11564] FAT-fs (loop4): Directory bread(block 73) failed [ 535.333654][T11564] syz.4.1955: attempt to access beyond end of device [ 535.333654][T11564] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 535.355519][T11500] veth0_vlan: entered promiscuous mode [ 535.364886][T11564] syz.4.1955: attempt to access beyond end of device [ 535.364886][T11564] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 535.406761][T11500] veth1_vlan: entered promiscuous mode [ 535.453559][ T29] audit: type=1800 audit(1721300439.257:154): pid=11564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1955" name="memory.events" dev="loop4" ino=1048786 res=0 errno=0 [ 535.477720][T11490] veth0_vlan: entered promiscuous mode [ 535.514794][T11490] veth1_vlan: entered promiscuous mode [ 535.657024][T11500] veth0_macvtap: entered promiscuous mode [ 535.712762][T11500] veth1_macvtap: entered promiscuous mode [ 535.750087][T11490] veth0_macvtap: entered promiscuous mode [ 535.757442][T11580] netlink: 87 bytes leftover after parsing attributes in process `syz.4.1958'. [ 535.785132][T11490] veth1_macvtap: entered promiscuous mode [ 535.848925][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 535.890278][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 535.901552][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 535.912514][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 535.922529][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 535.934846][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 535.954874][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 535.966743][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 535.998267][T11500] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 536.017484][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.043395][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.067319][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.078041][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.108965][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.131757][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.161367][T11500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.172814][T11500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.204059][T11500] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 536.226145][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.278713][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.309619][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.321037][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.331118][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.366554][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.388744][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.406073][T11605] tipc: Can't bind to reserved service type 0 [ 536.419612][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.444265][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 536.465694][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.486752][T11490] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 536.503373][T11605] loop4: detected capacity change from 0 to 4096 [ 536.516832][T11500] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 536.528162][T11500] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 536.543368][T11500] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 536.553132][T11500] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 536.557933][T11605] NILFS (loop4): unsupported revision (superblock rev.=1.0, current rev.=2.0). Please check the version of mkfs.nilfs(2). [ 536.564841][T11607] netlink: 87 bytes leftover after parsing attributes in process `syz.3.1970'. [ 536.628377][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.688509][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.791467][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.827990][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.874846][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.903037][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.913630][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.925055][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 536.935332][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 536.947087][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 537.508520][T11490] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 537.786612][T11490] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 537.798982][T11490] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 537.807842][T11490] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 537.816808][T11490] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.047252][ T2800] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.053151][T11628] loop3: detected capacity change from 0 to 2048 [ 538.089746][ T2800] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.155859][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.174760][T11628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 538.205159][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.267790][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.303480][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.326428][T11628] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 538.345915][T11641] loop2: detected capacity change from 0 to 128 [ 538.347416][ T29] audit: type=1800 audit(1721300442.137:155): pid=11628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1977" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 538.428776][ T29] audit: type=1800 audit(1721300442.237:156): pid=11641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1980" name="bus" dev="loop2" ino=1048788 res=0 errno=0 [ 538.505361][ T2429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.525180][ T2429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.533081][T11480] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.001715][T11660] macvlan2: entered allmulticast mode [ 539.050764][T11660] geneve1: entered promiscuous mode [ 539.056808][T11660] geneve1: entered allmulticast mode [ 539.127473][T10704] Bluetooth: Wrong link type (-71) [ 539.133335][T10704] Bluetooth: Unknown BR/EDR signaling command 0x00 [ 539.140120][T10704] Bluetooth: Wrong link type (-22) [ 539.174661][T11660] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 539.956999][ C1] eth0: bad gso: type: 1, size: 1408 [ 540.021412][T11676] loop1: detected capacity change from 0 to 128 [ 540.072628][ T29] audit: type=1800 audit(1721300443.877:157): pid=11676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1991" name="bus" dev="loop1" ino=1048799 res=0 errno=0 [ 542.006271][T11707] syzkaller0: entered promiscuous mode [ 542.015816][T11707] syzkaller0: entered allmulticast mode [ 542.976890][T11721] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2006'. [ 543.012295][T11721] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 543.064019][T11687] loop4: detected capacity change from 0 to 32768 [ 543.212557][T10704] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 543.230281][T10704] Bluetooth: hci1: Injecting HCI hardware error event [ 543.242763][T10704] Bluetooth: hci1: hardware error 0x00 [ 545.339927][T10704] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 545.768236][T11749] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2018'. [ 545.779984][T11749] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 547.342861][ C1] DEBUG: holding rtnl_mutex for 532 jiffies. [ 547.348948][ C1] task:syz.3.2003 state:D stack:24672 pid:11704 tgid:11704 ppid:11480 flags:0x00004006 [ 547.359256][ C1] Call Trace: [ 547.362560][ C1] [ 547.365533][ C1] __schedule+0x1800/0x4a60 [ 547.370074][ C1] ? __pfx___schedule+0x10/0x10 [ 547.375093][ C1] ? __pfx_lock_release+0x10/0x10 [ 547.380269][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 547.386350][ C1] ? schedule+0x90/0x320 [ 547.390768][ C1] schedule+0x14b/0x320 [ 547.394959][ C1] synchronize_rcu_expedited+0x684/0x830 [ 547.401125][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 547.407406][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 547.412726][ C1] ? __pfx___might_resched+0x10/0x10 [ 547.418030][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 547.424046][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 547.430152][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 547.436539][ C1] synchronize_rcu+0x11b/0x360 [ 547.441344][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 547.446630][ C1] lockdep_unregister_key+0x4b7/0x540 [ 547.452146][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 547.458054][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 547.463369][ C1] ? __qdisc_destroy+0x150/0x410 [ 547.468508][ C1] ? kfree+0x149/0x360 [ 547.472683][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 547.478333][ C1] __qdisc_destroy+0x165/0x410 [ 547.483135][ C1] dev_shutdown+0x9b/0x450 [ 547.487543][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 547.493937][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 547.500763][ C1] ? mark_lock+0x9a/0x360 [ 547.505144][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 547.511462][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 547.517872][ C1] ? __queue_work+0x199/0xf50 [ 547.522605][ C1] ? queue_delayed_work_on+0x1eb/0x390 [ 547.528086][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 547.533319][ C1] unregister_netdevice_queue+0x303/0x370 [ 547.539061][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 547.545348][ C1] __tun_detach+0x6b9/0x1600 [ 547.550033][ C1] tun_chr_close+0x108/0x1b0 [ 547.554675][ C1] ? __pfx_tun_chr_close+0x10/0x10 [ 547.559846][ C1] __fput+0x24a/0x8a0 [ 547.564015][ C1] task_work_run+0x24f/0x310 [ 547.569053][ C1] ? __pfx_task_work_run+0x10/0x10 [ 547.574277][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 547.580017][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 547.585796][ C1] do_syscall_64+0x100/0x230 [ 547.590425][ C1] ? clear_bhb_loop+0x35/0x90 [ 547.595096][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.601020][ C1] RIP: 0033:0x7efd25575b59 [ 547.605434][ C1] RSP: 002b:00007fff5b33d8d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 547.613898][ C1] RAX: 0000000000000000 RBX: 00007efd25705a60 RCX: 00007efd25575b59 [ 547.621913][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 547.629942][ C1] RBP: 00007efd25705a60 R08: 00007efd24c01000 R09: 000000095b33dbff [ 547.637953][ C1] R10: 00000000003ffd20 R11: 0000000000000246 R12: 0000000000084558 [ 547.645936][ C1] R13: 0000000000000032 R14: 00007efd25705a60 R15: 00007efd25704110 [ 547.653958][ C1] [ 547.656963][ C1] DEBUG: waiting rtnl_mutex for 562 jiffies. [ 547.662952][ C1] task:kworker/0:4 state:D stack:21680 pid:5152 tgid:5152 ppid:2 flags:0x00004000 [ 547.673287][ C1] Workqueue: events linkwatch_event [ 547.678523][ C1] Call Trace: [ 547.681843][ C1] [ 547.684792][ C1] __schedule+0x1800/0x4a60 [ 547.689387][ C1] ? __pfx___schedule+0x10/0x10 [ 547.694378][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 547.700410][ C1] ? __pfx_lock_release+0x10/0x10 [ 547.705496][ C1] ? kick_pool+0x1bd/0x620 [ 547.709963][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 547.715158][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 547.720410][ C1] ? schedule+0x90/0x320 [ 547.724665][ C1] schedule+0x14b/0x320 [ 547.728810][ C1] schedule_preempt_disabled+0x13/0x30 [ 547.734294][ C1] __mutex_lock+0x6a4/0xd70 [ 547.738786][ C1] ? __mutex_lock+0x527/0xd70 [ 547.743487][ C1] ? linkwatch_event+0xe/0x60 [ 547.748155][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 547.753211][ C1] ? get_rtnl_holder+0x144/0x190 [ 547.758139][ C1] ? process_scheduled_works+0x945/0x1830 [ 547.763874][ C1] linkwatch_event+0xe/0x60 [ 547.768388][ C1] process_scheduled_works+0xa2c/0x1830 [ 547.773997][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 547.780056][ C1] ? assign_work+0x364/0x3d0 [ 547.784693][ C1] worker_thread+0x86d/0xd40 [ 547.789281][ C1] ? __kthread_parkme+0x169/0x1d0 [ 547.794360][ C1] ? __pfx_worker_thread+0x10/0x10 [ 547.799535][ C1] kthread+0x2f0/0x390 [ 547.803635][ C1] ? __pfx_worker_thread+0x10/0x10 [ 547.808761][ C1] ? __pfx_kthread+0x10/0x10 [ 547.813441][ C1] ret_from_fork+0x4b/0x80 [ 547.817940][ C1] ? __pfx_kthread+0x10/0x10 [ 547.822547][ C1] ret_from_fork_asm+0x1a/0x30 [ 547.827315][ C1] [ 547.830362][ C1] DEBUG: waiting rtnl_mutex for 580 jiffies. [ 547.836385][ C1] task:kworker/u8:5 state:D stack:19792 pid:1058 tgid:1058 ppid:2 flags:0x00004000 [ 547.846600][ C1] Workqueue: ipv6_addrconf addrconf_dad_work [ 547.852642][ C1] Call Trace: [ 547.855921][ C1] [ 547.858838][ C1] __schedule+0x1800/0x4a60 [ 547.863373][ C1] ? __pfx___schedule+0x10/0x10 [ 547.868242][ C1] ? __pfx_lock_release+0x10/0x10 [ 547.873283][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 547.878730][ C1] ? kthread_data+0x52/0xd0 [ 547.883259][ C1] ? schedule+0x90/0x320 [ 547.887531][ C1] ? wq_worker_sleeping+0x66/0x240 [ 547.892662][ C1] ? schedule+0x90/0x320 [ 547.896894][ C1] schedule+0x14b/0x320 [ 547.901183][ C1] schedule_preempt_disabled+0x13/0x30 [ 547.906895][ C1] __mutex_lock+0x6a4/0xd70 [ 547.911440][ C1] ? mark_lock+0x9a/0x360 [ 547.915862][ C1] ? __mutex_lock+0x527/0xd70 [ 547.920585][ C1] ? addrconf_dad_work+0xd0/0x16f0 [ 547.925700][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 547.930805][ C1] ? get_rtnl_holder+0x144/0x190 [ 547.935789][ C1] addrconf_dad_work+0xd0/0x16f0 [ 547.940833][ C1] ? __pfx_addrconf_dad_work+0x10/0x10 [ 547.946392][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 547.952950][ C1] ? process_scheduled_works+0x945/0x1830 [ 547.958663][ C1] process_scheduled_works+0xa2c/0x1830 [ 547.964241][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 547.970329][ C1] ? assign_work+0x364/0x3d0 [ 547.974912][ C1] worker_thread+0x86d/0xd40 [ 547.979609][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 547.985645][ C1] ? __kthread_parkme+0x169/0x1d0 [ 547.990733][ C1] ? __pfx_worker_thread+0x10/0x10 [ 547.995889][ C1] kthread+0x2f0/0x390 [ 548.000041][ C1] ? __pfx_worker_thread+0x10/0x10 [ 548.005170][ C1] ? __pfx_kthread+0x10/0x10 [ 548.009797][ C1] ret_from_fork+0x4b/0x80 [ 548.014244][ C1] ? __pfx_kthread+0x10/0x10 [ 548.018877][ C1] ret_from_fork_asm+0x1a/0x30 [ 548.023677][ C1] [ 548.026685][ C1] [ 548.026685][ C1] Showing all locks held in the system: [ 548.034434][ C1] 3 locks held by kworker/u8:5/1058: [ 548.039724][ C1] #0: ffff88802989e948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 548.051334][ C1] #1: ffffc9000451fd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 548.064136][ C1] #2: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 548.073593][ C1] 4 locks held by kworker/u8:10/2800: [ 548.078952][ C1] #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 548.089885][ C1] #1: ffffc90009c1fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 548.100469][ C1] #2: ffffffff8f5fced0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 548.109884][ C1] #3: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0 [ 548.119222][ C1] 2 locks held by getty/4856: [ 548.124029][ C1] #0: ffff88802f3090a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 548.133887][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 548.144087][ C1] 3 locks held by kworker/0:4/5152: [ 548.149525][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 548.160891][ C1] #1: ffffc9000442fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 548.171971][ C1] #2: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 548.180955][ C1] 2 locks held by syz.3.2003/11704: [ 548.186157][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 548.195322][ C1] #1: ffffffff8e33ce78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 548.206403][ C1] 1 lock held by syz.0.2007/11729: [ 548.211645][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 548.221156][ C1] 1 lock held by syz.2.2012/11733: [ 548.226505][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 548.235983][ C1] 1 lock held by syz.4.2009/11735: [ 548.241153][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340 [ 548.250034][ C1] 1 lock held by syz.1.2020/11753: [ 548.255164][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: raw_setsockopt+0xa89/0x1a80 [ 548.264479][ C1] 1 lock held by syz.1.2020/11754: [ 548.269655][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: raw_setsockopt+0xe6d/0x1a80 [ 548.278887][ C1] 1 lock held by syz.1.2020/11755: [ 548.284064][ C1] #0: ffffffff8f609a48 (rtnl_mutex){+.+.}-{3:3}, at: raw_bind+0x99/0x770 [ 548.292789][ C1] [ 548.295136][ C1] ============================================= [ 548.295136][ C1] [ 549.599244][T11774] loop4: detected capacity change from 0 to 256 [ 549.626058][T11774] exfat: Unknown parameter 'ÿÿ' [ 549.702165][T11778] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2028'. [ 549.721762][ T929] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 549.968098][ T929] usb 2-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 550.013168][ T929] usb 2-1: config 9 has 0 interfaces, different from the descriptor's value: 1 [ 550.091039][T11785] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2028'. [ 550.315468][T11768] ================================================================== [ 550.323578][T11768] BUG: KASAN: slab-use-after-free in handle_mm_fault+0x14f0/0x19a0 [ 550.331512][T11768] Read of size 8 at addr ffff88802b8e4308 by task syz.2.2021/11768 [ 550.339434][T11768] [ 550.341786][T11768] CPU: 1 UID: 0 PID: 11768 Comm: syz.2.2021 Not tainted 6.10.0-next-20240718-syzkaller #0 [ 550.351755][T11768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 550.361847][T11768] Call Trace: [ 550.365165][T11768] [ 550.368096][T11768] dump_stack_lvl+0x241/0x360 [ 550.372808][T11768] ? __pfx_dump_stack_lvl+0x10/0x10 [ 550.378030][T11768] ? __pfx__printk+0x10/0x10 [ 550.382634][T11768] ? _printk+0xd5/0x120 [ 550.386797][T11768] ? __virt_addr_valid+0x183/0x530 [ 550.391918][T11768] ? __virt_addr_valid+0x183/0x530 [ 550.397060][T11768] print_report+0x169/0x550 [ 550.401571][T11768] ? __virt_addr_valid+0x183/0x530 [ 550.406718][T11768] ? __virt_addr_valid+0x183/0x530 [ 550.411835][T11768] ? __virt_addr_valid+0x45f/0x530 [ 550.416960][T11768] ? __phys_addr+0xba/0x170 [ 550.421475][T11768] ? handle_mm_fault+0x14f0/0x19a0 [ 550.426597][T11768] kasan_report+0x143/0x180 [ 550.431108][T11768] ? handle_mm_fault+0x14f0/0x19a0 [ 550.436242][T11768] handle_mm_fault+0x14f0/0x19a0 [ 550.441205][T11768] ? __pfx_handle_mm_fault+0x10/0x10 [ 550.446499][T11768] ? lock_vma_under_rcu+0x592/0x6e0 [ 550.451715][T11768] ? exc_page_fault+0x113/0x8c0 [ 550.456587][T11768] exc_page_fault+0x459/0x8c0 [ 550.461276][T11768] asm_exc_page_fault+0x26/0x30 [ 550.466136][T11768] RIP: 0033:0x7fa608e3911e [ 550.470558][T11768] Code: e9 5d fe ff ff 0f 1f 80 00 00 00 00 48 89 7c 24 f0 48 89 74 24 e8 48 89 54 24 e0 48 8b 4c 24 f0 48 8b 54 24 e8 48 8b 74 24 e0 <8b> 41 40 23 81 00 01 00 00 f3 0f 6f 06 c1 e0 06 48 01 d0 0f 11 00 [ 550.490184][T11768] RSP: 002b:00007fa609d8e038 EFLAGS: 00010212 [ 550.493104][ T929] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 550.496339][T11768] RAX: 00007fa608e39100 RBX: 00007fa609104038 RCX: 0000000020400000 [ 550.505401][ T929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 550.513305][T11768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020400000 [ 550.513330][T11768] RBP: 00007fa608fe4e5d R08: 0000000000000000 R09: 0000000000000000 [ 550.513342][T11768] R10: 0000000020400000 R11: 0000000000000000 R12: 0000000000000000 [ 550.513353][T11768] R13: 000000000000006e R14: 00007fa609104038 R15: 00007ffcb3f11a98 [ 550.513374][T11768] [ 550.513382][T11768] [ 550.513387][T11768] Allocated by task 11763: [ 550.513397][T11768] kasan_save_track+0x3f/0x80 [ 550.513425][T11768] __kasan_slab_alloc+0x66/0x80 [ 550.573183][T11768] kmem_cache_alloc_noprof+0x135/0x2a0 [ 550.578665][T11768] vm_area_alloc+0x24/0x1d0 [ 550.583193][T11768] mmap_region+0xc3d/0x2090 [ 550.587718][T11768] do_mmap+0x8f9/0x1010 [ 550.591893][T11768] vm_mmap_pgoff+0x1dd/0x3d0 [ 550.596509][T11768] do_syscall_64+0xf3/0x230 [ 550.601044][T11768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.606971][T11768] [ 550.609304][T11768] Freed by task 2800: [ 550.613315][T11768] kasan_save_track+0x3f/0x80 [ 550.618014][T11768] kasan_save_free_info+0x40/0x50 [ 550.623053][T11768] poison_slab_object+0xe0/0x150 [ 550.628186][T11768] __kasan_slab_free+0x37/0x60 [ 550.632973][T11768] kmem_cache_free+0x145/0x350 [ 550.637764][T11768] rcu_core+0xafd/0x1830 [ 550.642040][T11768] handle_softirqs+0x2c4/0x970 [ 550.646824][T11768] __irq_exit_rcu+0xf4/0x1c0 [ 550.651418][T11768] irq_exit_rcu+0x9/0x30 [ 550.655662][T11768] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 550.661291][T11768] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 550.667267][T11768] [ 550.669581][T11768] Last potentially related work creation: [ 550.675383][T11768] kasan_save_stack+0x3f/0x60 [ 550.680078][T11768] __kasan_record_aux_stack+0xac/0xc0 [ 550.685455][T11768] call_rcu+0x167/0xa70 [ 550.689603][T11768] vma_complete+0x98a/0xb60 [ 550.694096][T11768] vma_merge+0x1d9b/0x2690 [ 550.698502][T11768] vma_modify+0xb8/0x350 [ 550.702734][T11768] userfaultfd_release+0x413/0x900 [ 550.707835][T11768] __fput+0x24a/0x8a0 [ 550.711901][T11768] task_work_run+0x24f/0x310 [ 550.716488][T11768] syscall_exit_to_user_mode+0x168/0x370 [ 550.722114][T11768] do_syscall_64+0x100/0x230 [ 550.726700][T11768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.732586][T11768] [ 550.734904][T11768] The buggy address belongs to the object at ffff88802b8e42e8 [ 550.734904][T11768] which belongs to the cache vm_area_struct of size 184 [ 550.749290][T11768] The buggy address is located 32 bytes inside of [ 550.749290][T11768] freed 184-byte region [ffff88802b8e42e8, ffff88802b8e43a0) [ 550.763074][T11768] [ 550.765386][T11768] The buggy address belongs to the physical page: [ 550.771819][T11768] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b8e4 [ 550.780584][T11768] memcg:ffff888063026701 [ 550.784808][T11768] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 550.791911][T11768] page_type: 0xfdffffff(slab) [ 550.796606][T11768] raw: 00fff00000000000 ffff888015eefb40 ffffea0001964540 dead000000000008 [ 550.805180][T11768] raw: 0000000000000000 0000000000100010 00000001fdffffff ffff888063026701 [ 550.813745][T11768] page dumped because: kasan: bad access detected [ 550.820153][T11768] page_owner tracks the page as allocated [ 550.825852][T11768] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8798, tgid 8798 (syz-executor), ts 355483907050, free_ts 355483234949 [ 550.845223][T11768] post_alloc_hook+0x1f3/0x230 [ 550.850000][T11768] get_page_from_freelist+0x2ccb/0x2d80 [ 550.855539][T11768] __alloc_pages_noprof+0x256/0x6c0 [ 550.860727][T11768] alloc_slab_page+0x5f/0x120 [ 550.865423][T11768] allocate_slab+0x5a/0x2f0 [ 550.870013][T11768] ___slab_alloc+0xcd1/0x14b0 [ 550.874877][T11768] __slab_alloc+0x58/0xa0 [ 550.879198][T11768] kmem_cache_alloc_noprof+0x1c1/0x2a0 [ 550.884658][T11768] vm_area_dup+0x27/0x290 [ 550.888990][T11768] copy_mm+0xc7b/0x1f30 [ 550.893159][T11768] copy_process+0x186b/0x3d90 [ 550.897836][T11768] kernel_clone+0x226/0x8f0 [ 550.902337][T11768] __x64_sys_clone+0x258/0x2a0 [ 550.907211][T11768] do_syscall_64+0xf3/0x230 [ 550.911711][T11768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.917616][T11768] page last free pid 8798 tgid 8798 stack trace: [ 550.924210][T11768] free_unref_page+0xd22/0xea0 [ 550.928993][T11768] vfree+0x186/0x2e0 [ 550.932881][T11768] __do_replace+0x874/0xa50 [ 550.937391][T11768] do_ip6t_set_ctl+0xf11/0x1270 [ 550.942235][T11768] nf_setsockopt+0x295/0x2c0 [ 550.946818][T11768] do_sock_setsockopt+0x3af/0x720 [ 550.951836][T11768] __sys_setsockopt+0x1ae/0x250 [ 550.956673][T11768] __x64_sys_setsockopt+0xb5/0xd0 [ 550.961688][T11768] do_syscall_64+0xf3/0x230 [ 550.966186][T11768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.972077][T11768] [ 550.974386][T11768] Memory state around the buggy address: [ 550.979999][T11768] ffff88802b8e4200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 550.988054][T11768] ffff88802b8e4280: 00 00 00 00 00 fc fc fc fc fc fc fc fc fa fb fb [ 550.996109][T11768] >ffff88802b8e4300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 551.004191][T11768] ^ [ 551.008534][T11768] ffff88802b8e4380: fb fb fb fb fc fc fc fc fc fc fc fc 00 00 00 00 [ 551.016609][T11768] ffff88802b8e4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 551.024756][T11768] ================================================================== [ 551.071562][T11768] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 551.078794][T11768] CPU: 0 UID: 0 PID: 11768 Comm: syz.2.2021 Not tainted 6.10.0-next-20240718-syzkaller #0 [ 551.088710][T11768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 551.098795][T11768] Call Trace: [ 551.102263][T11768] [ 551.105201][T11768] dump_stack_lvl+0x241/0x360 [ 551.109905][T11768] ? __pfx_dump_stack_lvl+0x10/0x10 [ 551.115120][T11768] ? __pfx__printk+0x10/0x10 [ 551.119745][T11768] ? preempt_schedule+0xe1/0xf0 [ 551.124792][T11768] ? vscnprintf+0x5d/0x90 [ 551.129136][T11768] panic+0x349/0x870 [ 551.133047][T11768] ? check_panic_on_warn+0x21/0xb0 [ 551.138182][T11768] ? __pfx_panic+0x10/0x10 [ 551.142620][T11768] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 551.148611][T11768] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 551.155043][T11768] ? print_report+0x502/0x550 [ 551.159747][T11768] check_panic_on_warn+0x86/0xb0 [ 551.164808][T11768] ? handle_mm_fault+0x14f0/0x19a0 [ 551.169964][T11768] end_report+0x77/0x160 [ 551.174233][T11768] kasan_report+0x154/0x180 [ 551.178765][T11768] ? handle_mm_fault+0x14f0/0x19a0 [ 551.183956][T11768] handle_mm_fault+0x14f0/0x19a0 [ 551.188987][T11768] ? __pfx_handle_mm_fault+0x10/0x10 [ 551.194306][T11768] ? lock_vma_under_rcu+0x592/0x6e0 [ 551.199539][T11768] ? exc_page_fault+0x113/0x8c0 [ 551.204425][T11768] exc_page_fault+0x459/0x8c0 [ 551.209454][T11768] asm_exc_page_fault+0x26/0x30 [ 551.214337][T11768] RIP: 0033:0x7fa608e3911e [ 551.218775][T11768] Code: e9 5d fe ff ff 0f 1f 80 00 00 00 00 48 89 7c 24 f0 48 89 74 24 e8 48 89 54 24 e0 48 8b 4c 24 f0 48 8b 54 24 e8 48 8b 74 24 e0 <8b> 41 40 23 81 00 01 00 00 f3 0f 6f 06 c1 e0 06 48 01 d0 0f 11 00 [ 551.238669][T11768] RSP: 002b:00007fa609d8e038 EFLAGS: 00010212 [ 551.244761][T11768] RAX: 00007fa608e39100 RBX: 00007fa609104038 RCX: 0000000020400000 [ 551.252757][T11768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020400000 [ 551.260930][T11768] RBP: 00007fa608fe4e5d R08: 0000000000000000 R09: 0000000000000000 [ 551.269014][T11768] R10: 0000000020400000 R11: 0000000000000000 R12: 0000000000000000 [ 551.277092][T11768] R13: 000000000000006e R14: 00007fa609104038 R15: 00007ffcb3f11a98 [ 551.285102][T11768] [ 551.288410][T11768] Kernel Offset: disabled [ 551.292902][T11768] Rebooting in 86400 seconds..