last executing test programs: 15m52.189285452s ago: executing program 3 (id=246): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000540)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a000000001800000000000000170100"], 0x60}], 0x1, 0x8001) 15m51.262229863s ago: executing program 3 (id=250): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000002200)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x2, 0x0, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x1, 0x21, 0x65, 0x68, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@noop]}}, {0x4e20, 0x4e23, 0x4d, 0x0, @gue={{0x2, 0x1, 0x0, 0x7f, 0x0, @val=0x80}, "4da4a7842a3ff5317af0ce63fc36be0d4f3324375a6c55577dba6c7e520ac3ac0e670700398a867a86cb20aa6ba0a20b4bb31545ed873a9fc3c51fa713"}}}}, 0x73) 15m49.874397s ago: executing program 3 (id=255): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc3100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c0007801800018014000240"], 0x8c}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080) 15m49.682837889s ago: executing program 3 (id=257): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000300)={[{@noblock_validity}, {@orlov}, {@nobh}, {@minixdf}, {@acl}, {@usrjquota, 0x2e}, {@grpquota}, {@nodiscard}, {@jqfmt_vfsv0}, {@noload}], [], 0x2c}, 0x84, 0x459, &(0x7f0000000900)="$eJzs20tvG1UbAOB3Jknv/ZKvlEsvgKEgIi5Jkxbogg0IpG6QkGBRliFNq1K3QU2QaFXRgFBZov4CYInEL2AFGwSsQGxhj5Aq1A2FBRo09tgYxw527NRp/TzSxOfMjH3e1zMnPjPHDmBolfI/ScSuiPgpIsYjYqR5h1L14eaNy/N/3Lg8n0SWvfpbkj8tfr9xeb62a1I87iwqk2lE+kESB1q0u3Tx0tm5cnnhQlGfXj731vTSxUtPnTk3d3rh9ML52WPHjh6ZefaZ2af7kufuPNb97y4e3Hf89Wsvz5+49sa3n+fx7iq2N+ZRNdFzm6Uo1d+TZo/2/Oqby+7isV2+bE55Xx+NiLFK/x+PkUqtajxeen+gwQEbKsuybOuqtfURwEoG3MGSGHQEwGDUPujz69/acguHHwN3/fnqBVCe981iqW4ZjbTYZ6zh+rbfShFxYuXPj/MlWt6HAADory/z8c+TrcZ/adzTsN//irmhiYj4f0TsiYi7ImJvRNwdUdn33oi4r8v2S0311eOfH7avK7EO5eO/54q5rX+P/2qjv5gYKWq7K/mPJafOlBcOF+/JZIxtzesza7Tx1Ys/ftRuW+P4L1/y9mtjwSKOX0ebbtCdnFue6yXnRtffq9wDvLI6/6Q+E5BExL6I2L+O198WEWce/+xgu+3/nf8aRtcRUJPs04jHqsd/JZryr0nWnp+c3hblhcPTtbNite++v/pKu/Z7yr8P8uO/o+X5X89/Immcr13qvo2rP3/Y9ppmvef/luS1SnlLse6dueXlCzMRW5KV1etn/3lurV7bP89/8lDr/r8n4q9PiucdiIj8JL4/Ih6IiAeL2B+KiIcj4tAa+X/zwiNvrj//jZXnf7Kr4999YeTs11+0a7+z43+0Upos1nTy/6/TAHt57wAAAOB2kVa+A5+kU/Vymk5NVb/Dvzd2pOXFpeUnTi2+ff5k9bvyEzGW1u50jTfcD50p7g3X6rNN9SOV+8ZZlmXbK/Wp+cXyRs2pA53Z2ab/534ZGXR0wIbrah7NL7zgjtKHeXTgNqX/w/DS/2F46f8wvFr1/ysRNwcQCnCL+fyH4aX/w/DS/2F46f8wlHr5Xf9ahT3HN+qV77TCyOYIo+tCpJsijI4KY8XZXl+TbpLAKoWtEdHpzlfiVgU24H9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffJ3AAAA//+7l+jE") mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='debugfs\x00', 0x0, &(0x7f0000000100)) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000240)='./file0\x00') 15m48.988192019s ago: executing program 3 (id=261): socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000380)='./file1\x00', 0x1c802, &(0x7f0000000880)=ANY=[@ANYRES8, @ANYRES16=0x0], 0x3, 0x5f4f, &(0x7f0000009040)="$eJzs3V1vHFf9B/DfPnj90H/TqPqrChEXbgqlpTTPCZSnplxwAUggoVyTyHWrQFpQEhCtIuIqF4gLHl4C3PSGi76RIvEKEC+ASAlXlaAMGvucZDxeex1i76x9Ph/JmfntmfGeydfj2fXM7AkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL7z7R+e6UXElV+kB45G/F8MIvoRi3W9HPXMpbz8MCKOxXpzPBcRg/mIev31f56JOB8RHx+JuP/g9kr98Nld9uPC6Vs3Pv3ut/7269/fPfbjN3/0Ybv9B/9/7qPf3Ik4+v3XPvr0zt5sOwAAAJSiqqqql97mH0/v7/tddwoAmIp8/K+S/LharVar97T+XX+2+qMutG6qxrvTLCJirblO/ZrB6XgAOGDW4pOuu0CH5F+0YUQ81XUngJnW67oD7Iv7D26v9FK+vebxYHmjPf+dclP+a72H93dsN52kfY3JtH6+7sYgnt2mP4tT6sMsyfn32/lf2WgfpeX2O/9p2S7/0catT8XJ+Q/a+bdsyv8PEXFg8++Pzb9UOf/h4+S/NjjA+7/8AQAAAAA4/PLf/492fP53/sk3ZVd2Ov+7PKU+AAAAAAAAAMBee9Lx/x4y/h8AAADMrPq9eu2PRx49tt1nsdWPX+5FPN1aHihMullmqet+AAAAAAAAAAAAAEBJhhvX8F7uRcxFxNNLS1VV1V9N7fpxPen6B13p2w8l6/qXPAAAbPj4SOte/l7EQkRcTp/1N7e0tFRVC4tL1VK1OJ9fz47mF6rFxvvaPK0fmx/t4gXxcFTV32yhsV7TpPfLk9rb369+rlE12EXHpqPDwAEgIjaORvcdkQ6Zqnomun6Vw8Fg/z987P/sRtc/pwAAAMD+q6qq6qWP8z6ezvn3u+4UADANC/n43z4voFar1Wq1+vDVTdV4d5pFRKw116lfMxiOHwAOmLX4pOsu0CH5F20YEce67gQw03pdd4B9cf/B7ZVeyrfXPB6k8d3ztSCb8l/rra+X1x83naR9jcm0fr7uxiCe3aY/z02pD7Mk599v539lo32Ultvv/Kdlu/zr7TzaQX+6lvMftPNvOTz598fmX6qc//Cx8h/IHwAAAAAAZlj++//Rcs//DnJ/lqfUBwAAAAAAAADYa/cf3F7J973m8/+fHbNcrznn/s9DI+ff23X+7v89THL+/Xb+rQtyBo35e288yv+fD26vfHjrH5/J05nPf24wqp97rtcfDNM1P9XcW3EtrsdqnN6y/HBT+5kt7XOb2s9OaD+3pX1Uty/m9pOxEj+N6/Hmw/b5CRdGLUxorya05/wH9v8i5fyHja86/6XU3mtNa/c+6G/Z75vTcc9z6c//fnHr3jV9d2PwcNua6u070UF/1v9PnhrFz2+u3jj5y6u3bt04E2my6dGzkSZ7LOc/l75y/i+9sNGef+8399d7H4weO/9ZcTeG2+b/QmO+3t6Xp9y3LuT8R+kr55+PQOP3/4Oc//b7/ysd9AcAAAAAAAAAAAAAAAB2UlXV+i2ilyLiYrr/p6t7MwGAqfrt99JMlYRarVar1epDWzdV473eLGJh8zoXI+JX474ZADDL/hMRf++6E3RG/gXLn/dXTz/XdWeAqbr53vs/uXr9+uqNm133BAAAAAAAAAD4X+XxP5cb4z+vXwfUGjd60/ivb8TygR3/sz8arI91njbo+dh5/O8TsfP438MJzzc3oX00oX1+QvvChPaxN3o05PyfTxnn/I+nDStp/NeXOuhP13L+J9JYzzn/L7SWa+Zf/ekg59/flP+pW+/87NTN995/9do7V99efXv13TOnL54/d+H8uQsXTr117frq6Y1/O+zx/sr557GvXQdalpx/zlz+Zcn5fz7V8i9Lzv/FVMu/LDn//HpP/mXJ+ef3PvIvS87/5VTLvyw5/y+mWv5lyfm/kmr5lyXn/6VUy78sOf9XUy3/suT8T6Za/mXJ+Z9KtfzLkvPPZ7jkX5acf76yQf5lyfmfTbX8y5LzP5dq+Zcl538+1fIvS87/QqrlX5ac/8VUy78sOf8vp1r+Zcn5fyXV8i9Lzv+1VMu/LDn/r6Za/mXJ+X8t1fIvS87/66mWf1ly/t9ItfzLkvP/ZqrlX5ac/+upln9ZHn3+v5kpz/zrLxEz0A0zpc68+9edlun6NxMAAAAAAAAAAAAA0DaNK4273kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+C87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLe3cXIVd5nAD/7Za8NCW4ghBAnrI0BA4t311/gEINJQkpJm1IS0qYlNY69Nk78Ve86AYTKUmhLFKQitRf0omkSpVGktgJFkZpKNEJqpPauXCXiJmolLiwVKgcllVIFtjpz3vfdmdnZmfXH4jnn/H4I/70zZ2beOXNmdp+1nhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLbhY9N/PpBlWf5/4491WXZp/vc12Z78y7mdF3uFAAAAwPl6q/HnP1yWTtizjAs1bfNvH/qP78/Pz89nX3jz9Nt/OT+fzhjLsqHVWdY4L/r3X/5ivnmb4KlsdGCw6evBHjc/1OP84R7nj/Q4f1WP81f3OH+0x/mLdsAia4rfxzSubFPjr+uKXZpdkY00ztvU4VJPDaweHIy/y2kYaFxmfuRgdjg7kk1nk4suM9D4L8te2pDf1j1ZvK3Bpttan2XZmZ89vj+uYSDs401Zy401ND92b9yVjb35s8f3f2f29fd3mj13w6KVZtnmjfk6n86yhV9XZQPZ6rRP4joHm9a5vsM6h1rWOdC4XP739nWeWeY64/0eDet8pcs614fTHrk2y7K5bMlt2j2VDWZr22417e/R4ojIryN/KN+TDZ/VcbJhGcdJfpnXrm09TtqPybj/N4R9MrzEGpofjjeeXLVov5/rcZLf6344VvPrvi+/0dHR5l+tthyr+TaPX7f0MdDxsetwDKRjuekY2NjrGBhcNdQ4BgYX1ryx5RiYWnSZwWygcVunr+t+DEzMHj0xMfPoY7ccPrrv0PSh6WNTkzu3b9uxfduOHRMHDx+Zniz+PLtdWiJrs8F0DG4MrzXxGLyhbdvmQ3L+mxfueTDaJ8+D/L5/5vp8QZcOZksc4/k2T28+/+dB+r7f9DwYbnoedHxN7fA8GF7G8yDf5szm5X3PHG76v9MaVuq1cF3TMXAxvx/mt/ngjUu/Fq4P63rmprP9fji06BiId2sgPPfyU9LPe6O3hf2y+Li4Oj/jklXZqZnpk1se2Tc7e3IqC+MdcXnTY9V+vKxtuk/ZouNl8KyPlz1//6vrr+5w+rqwr0Zv7v5Y5dtsH+/+WDVe3Vv356qs2J8tp27NwrjA3un92em7Wb4/U5bosj/zbZ6+5fx/Fky5pOn1b6TX69/QyHDx+jeU9sZIy+vf4odmqLGyLDtzy/Je/0bC/+/0698VffL6l++rB7d0PwbybZ6ZONtjYLjr69+1YQ6E9dwYEsNoU+5/u3H+XHGYNj2WPY+b4eGRcNwMx1tsPW62LbpMfm35bW+ePLfjZvO1rY9Vy88tFTxu8n31V5Pdj5t8m5enzv+1Y038a9Nrx6pex8DI0Kp8vSPpIChe7+bXxGNgS7Y/O54dyQ6ky+SPcn5b41uXdwysCv+/068dV/XJMZDvq+e3dj8G8m1+tO3C/uy0OZyStmn62an99wtLZf6rhxeur323XejMn6/z4z/+VDqtU4bIt3l9+9nmjO776eZwyiUd9lP782epY/pA9s7sp6vCOo/s6P67qXybK3Yu83jak2XZq1OvNn7fFX6/+71TP/5+y+99O/1O+dWpV++duP8nZ7N+AADO3duNP+dWFT9rNv2L9XL+/R8AAAAohZj7B8NM5H8AAACojJj7h8JM5H8AAACojJj7h8NMapL/H75t1wtvPZGldwOcD+L5cTfcd0exXex4z4Wvx+YX5Kd/9NsjL3z1ieXd9mCWZb+69wMdt3/4jriuwom4zg+3nr7IVdcs6/YfemBhu+b3Tzizq7j+eH+WexjErvJLE1sb1zv26FRjvnxv1pj3zz3zVHH9xddx+9Pbiu3/JrxpyZ6DAy2X3xzWsynMsfCeMvftWdgP+YyXe2H9h/718s8u3F683MDGdzfu5vN/XFxvfI+o5y4vto/3e6n1/8vXvvtCvv0j13Ve/xODndd/Olzva2H+cnexffM+/2rT+v80rD/eXrzclm/9sOP6X3xfsf2L4bj4Rpjt67/rLz74VqfHK97OntuLy8Xbn/zf7Y3LxeuL19++/tEnplr2R/v1v/xmcT27v/zzoebt4+nxdqKHbm89vgfC49vSI8+y7Lt/lrXs5+wjxeX+uW398fpO3N55/Te3rfPEwDWNyy/cn3Ut9+vrf7e14/2N69nzj+ta7s9zd4f99+bEj/LrPX1/OB7D+f/3SnF97e9l+uLdra83cftvrCuet/H6JtrW/1zb+ueuyfdd7/Xf82ax/hfvXN2y/j2fCMfTPcXstf5Df3tZy+W/+Z3i8Tj5lfFjx2dOHT7QtFebn8erR9esveTSd737svBa2v713uOzD0+fHJscm8yysRK+ZeBKr/9bYf5PMeYu/C0UfvLz4rh79pPF960bflF8/Vw4/aHweMbvj1//65GW47X9cZ+7s5jnu/6bwjqW631f+69rlrXh6c+/dOqf/uT19p8L4v058d7Rxv17fsOVjfMGXi7Ob3+96uU/39v6vP7p8GRj/iDs1/nwzswbryxur/3643uTPPvp4vkbf5KLl8/a3k9k3VDr/Tjf9f80/Bzzw6taX//i8fGDJ9rezXldNpAvYS68PmRzxflxq7i/nz1zZcfbi+/Dk829/2yWuaSZR2cmjhw+duqRidnpmdmJmUcf23v0+Kljs3sb712694u9Lr/w/F7beH4fmN65PWs8248XY4Vd7PWfeGD/gVsnrz8wfXDfqYOzD5yYPnlo/8zM/ukDM9fvO3hw+iu9Ln/4wO6prbu23bp1/NDhA7tv27Vr267xw8eO58soFtXDzskvjR87ubdxkZnd23dN7dixfXL86PED07tvnZwcP9Xr8o3vTeP5pb88fnL6yL7Zw0enx2cOPza9e2rXzp1be77749ETB2fGJk6eOjZxamb65ERxX8ZmGyfn3/t6XZ56mDkeXu/aDISfzj938870/ri5bz+55FUVm7T+eJq9Ed4LKn5/6/V1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/kfxH08e/1yX/X6j+/5P6/w36//r/mf5/ov+v/5/p/+v/96D/r/9f5vXr/+v/01u/9f9D7s/WZJl//wcAAICKirl/bZiJ/A8AAACVEXP/JWEm8j8AAABURsz9l4aZ1CT/+/x//X/9/279/7it/n+m/98P/f9N/63/v4j+v/5/pv9/zi52f77s6+/D/v8a/X/6Tb/1/2Puf1eYSU3yPwAAANRBzP3vDjOR/wEAAKAyYu6/LMxE/gcAAIDKiLl/XZhJTfK//r/+v/6/z//X/y9N/9/n/3eg/6//n+n/n7OL3Z8v+/r7sP/v8//pO/3W/4+5/9fCTGqS/wEAAKAOYu5/T5iJ/A8AAACVEXP/5WEm8j8AAABURsz9V4SZ1CT/17P//1qWZfr/mf6//n/bOvX/9f9Xgv6//n83+v/6/2Vev/6//j+99Vv/P+b+94aZ1CT/AwAAQB3E3H9lmIn8DwAAAJURc//7wkzkfwAAAKiMmPuvCjOpSf6vZ//f5//r/xf0/1vXqf+v/78S9P/1/7vR/9f/L/P69f/1/+mt3/r/Mfe/P8ykJvkfAAAA6iDm/qvDTOR/AAAAqIyY+z8QZiL/AwAAQGXE3L8+zKQm+V//X/9f/1//X/9f/38llav/P7jkOfr/Bf3/Vheu/z+3sAD9/9KsX/9f/5/e+q3/H3P/B8NMapL/AQAAoA5i7v9QmIn8DwAAAJURc/81YSbyPwAAAFRGzP1jYSY1yf/6//r/+v/6//r/+v8rqVz9/6Xp/xf0/1v5/H/9f/1//X+667f+f8z9G8JMapL/AQAAoA5i7t8YZiL/AwAAQGXE3H9tmIn8DwAAAJURc/+mMJOa5H/9f/1//X/9f/1//f+VpP+v/9+N/r/+f5nXr/+v/09v/db/j7n/ujCTmuR/AAAAqIOY+68PM5H/AQAAoDJi7r8hzET+BwAAgMqIuX9zmElN8r/+v/6//n+J+/9D+v+Z/n/f0//X/+9G/1//v8zr1//X/6e3fuv/x9x/Y5hJTfI/AAAA1EHM/TeFmcj/AAAAUBkx998cZiL/AwAAQGXE3D8eZlKT/K//r/+v/1/i/r/P/29Zv/5/f9L/L0v/f6T1S/3/ZdH/1//X/9f/p7t+6//H3H9LmElN8j8AAADUQcz9W8JM5H8AAACojJj7J8JM5H8AAACojJj7J8NMapL/9f/1//X/9f/1//X/V5L+f1n6/230/5dF/1//X/9f/5/u+q3/H3P/VJhJTfI/AAAA1EHM/VvDTOR/AAAAqIyY+7eFmcj/AAAAUBkx928PM6lJ/i9J/39LKkDp/+v/6//r/+v/l4r+v/5/N/r/+v9lXr/+v/4/rQY7nNZv/f+Y+3eEmdQk/wMAAEAdxNy/M8xE/gcAAIDKiLn/1jAT+R8AAAAqI+b+28JMapL/S9L/9/n/+v/6/030//X/y0T/X/+/G/1//f8yr1//X/+f3vqt/x9z/64wk5rkfwAAAKiDmPs/HGYi/wMAAEBlxNx/e5iJ/A8AAACl0ulzCKOY+z8SZlKT/K//X/X+//xq/X/9f/3/7uvX/19Z+v/6/93o/+v/l3n9+v/6//TWb/3/mPt3h5nUJP8DAABAHcTcf0eYifwPAAAAlRFz/51hJvI/AAAAVEbM/XvCTGqS//X/q97/9/n/+v/6/73Wr/+/svT/9f+70f8vZ/8//Nii/99H/f/8GNL/px/1W/8/5v67wkxqkv8BAACgDmLu/2iYifwPAAAAlRFz/8fCTOR/AAAAqIyY+z8eZlKT/K//r/+v/6//r/+v/7+S9P9XrP/feCnU/y/o/5+bi92fL/v6+6n/7/P/6Vf91v+Puf/uMJOa5H8AAACog5j7PxFmIv8DAABAZcTc/+thJvI/AAAAVEbM/feEmdQk/+v/6//r/+v/6//r/68k/X+f/9+N/r/+f5nXr/+v/09v/db/j7n/N8JMapL/AQAAoA5i7r83zET+BwAAgMqIuf+TYSbyPwAAAJTMqiXPibn/N8NMapL/y9f/Hytl/38wXb/+v/6//r/+v/7/haT/r/+f6f+fs4vdny/7+vX/9f/prd/6/zH3/1aYSU3yPwAAANRBzP2fCjOR/wEAAKAyYu7/7TAT+R8AAAAqI+b++8JMapL/L3T/v/3y3fj8f/3/TP9f/1//X///POn/6/9n+v/n7GL350u8/vijiP6//j899Fv/P+b+3wkzqUn+BwAAgDqIuf/+MBP5HwAAAPrUw2d9iZj7Px1mIv8DAABAZcTc/5kwk5rk//J9/r/+v/6//r/+v/5/mej/6/93o/+v/1/m9fv8f/1/euu3/n/M/Q+EmdQk/wMAAEAdxNz/2TAT+R8AAAAqI+b+3w0zkf8BAACgMmLu/70wk5rkf/1//X/9f/1//X/9/5Wk/7+4/5+/hun/F/T/9f/LvH79f/1/euu3/n/M/Z8LM6lJ/gcAAIA6iLn/98NM5H8AAACojJj7/yDMRP4HAACAyoi5/8Ewk5rkf/1//X/9f/1//X/9/5Wk/+/z/7vR/9f/L/P69f/1/+mt3/r/Mfd/PsykJvkfAAAA6iDm/j8MM5H/AQAAoDJi7t8bZiL/AwAAQGXE3P9QmElN8r/+v/6//r/+v/6//v9K0v/X/+9G/1//v8zr1//X/6e3fuv/x9y/L8xkT+vNAAAAAOUVc/8Xwkxq8u//AAAAUAcx9+8PM5H/AQAAoDJi7j8QZlKT/K//r/+v/6//r/+v/7+S9P/1/7vR/9f/L/P69f/1/+mt3/r/MfdPh5nUJP8DAABAHcTcfzDMRP4HAACAyoi5/1CYifwPAAAAlRFz/8NhJjXJ//r/+v/6/7Xt/7/yvbZ16v/r/68E/X/9/270//X/y7x+/X/9f3rrt/5/zP2Hw0xqkv8BAACgDmLu/2KYifwPAAAAlRFz/5fCTOR/AAAAqIyY+4+EmdQk/+v/6//r/9e2/7+8z/9fs3C7+v/6/+dC/1//vxv9f/3/Mq9f/1//n976rf8fc//RMJOa5H8AAACog5j7j4WZyP8AAABQGTH3Hw8zkf8BAACgMmLuPxFmUpP8r/9/dv3/gSW6gfr/ndev/1+B/n8T/X/9/3Oh/6//343+v/5/mdev/6//T2/91v+Puf+Pwkxqkv8BAACgDmLuPxlmIv8DAABAZcTcPxNmIv8DAABAZcTcPxtmUpP8r//v8//1//X/9f/1/1eS/r/+fzf6//r/ZV6//r/+P731W/8/5v5TYSY1yf8A8P/s3XeuXlfVx/HndV6Do4g5RMyAETAExoCEGAK9JPTQIfTeQm+hQ+i99x56b4HQqwTK9Vor2Nx7zrV9H3ufvT6fP7LCDSg7SpD4yXx1AAA6yN1/v7jF/gcAAIBp5O6/f9xi/wMAAMA0cvc/IG5psv/1//p//b/+X/+v/98n/b/+f4n+X/+/5ffr//X/rBut/8/d/8C4pcn+BwAAgA5y9z8obrH/AQAAYBq5+x8ct9j/AAAAMI3c/Q+JW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/c/NG5psv8BAACgg9z9D4tb7H8AAACYRu7+h8ct9j8AAABMI3f/dXFLk/2v/9f/6/832P//v/5f/78d+n/9/xL9v/5/y+/X/+v/WTda/5+7//q4pcn+BwAAgA5y9z8ibrH/AQAAYHPuft/Df567/5Fxi/0PAAAA08jd/6i4pcn+1//r//X/G+z/ff9f/78h+n/9/xL9v/5/y+/X/+v/WTda/5+7/9FxS5P9DwAAAB3k7n9M3GL/AwAAwDRy9z82brH/AQAAYOtO5+/k7n9c3NJk/+v/9f/6f/2//l//v0/6f/3/Ev2//n/L79f/6/9Zt/f+/143HNzj9v+5+2+IW5rsfwAAAOggd//j4xb7HwAAAKaRu/8JcYv9DwAAANPI3f/EuKXJ/tf/6//v7P///X/6f/2//v/On+v/T4b+X/+/RP+v/9/y+/X/+n/W7b3/X+n9z//XufufFLc02f8AAADQQe7+J8ct9j8AAABMI3f/U+IW+x8AAACmkbv/qXFLk/2v/9f/+/6//l//r//fJ/3/sP3/+f/VO5f+/1j0//r/o/r/ex7j/fp/Ohit/8/d/7S4pcn+BwAAgA5y9z89brH/AQAAYBq5+2+MW+x/AAAAmEbu/mfELU32v/5f/6//1/+f2/+fatn/3/Ez/f9+6P+H7f+X6f+PRf+v//f9f/0/y0br/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAmEbu/mfHLfY/AAAATCN3/3Pilib7X/+v/9f/6/8v6fv/V83R//v+//7o//X/S/T/+v8tv1//r/9n3Wj9f+7+58YtTfY/AAAATO/Urnb/8+IW+x8AAACmkbv/+XGL/Q8AAADTyN3/grilyf7X/+v/9f/6/0vq/yf5/r/+f3/0//r/Jcft/3f6//pr0f+P8379v/6fdaP1/7n7Xxi3NNn/AAAA0EHu/hfFLfY/AAAATCN3/4vjFvsfAAAAppG7/yVxS5P9r//X/+v/9f/6f/3/Pun/9f9LfP9f/7/l9+v/9f+sG63/z93/0rilyf4HAACADnL3vyxusf8BAABgGrn7Xx632P8AAAAwjdz9r4hbzt//py7nqy4f/b/+X/+v/9f/6//3Sf+v/1+i/z+8/z9zxJ9P/z/W+/X/+n/Wjdb/5+6/KW7x6/8AAAAwjdz9r4xb7H8AAACYRu7+V8Ut9j8AAABMI3f/q+OWJvv/qP7/9mvO/nH9//Ho/w9/v/5f/6//1//r//X/S/T/vv+/5ffr//X/rBut/8/d/5q4pcn+BwAAgA5y9782brH/AQAAYBq5+18Xt9j/AAAAMI3c/a+PW5rs/5P//v+1+n/9v/4/rv5f/6//1//r/5fp//X/W36//l//z7rR+v/c/W+IW5rsfwAAAOggd/8b4xb7HwAAAKaRu/9NcYv9DwAAANPI3f/muKXJ/j/5/t/3//X/F9j/n9L/J/1//H3V/+v/L4D+X/+/0/9ftCvdz2/9/fp//T/rRuv/c/fffDD1+u1/AAAA6ODmg9+e2b0lbrH/AQAAYBq5+98at9j/AAAAMI3c/W+LW5rsf/2//v+K9/++/1/0//H3Vf+v/78A+n/9/07/f9GudD+/9ffr//X/rBut/8/d//a4pcn+BwAAgA5y978jbrH/AQAAYBqx+8/+n9/tfwAAAJjSOw9+e2b3rrilyf5v3P9fe6n9/9X/9fv6/8Pfr/8/kf7/5vP/2dP/6/+3RP+v/1+i/9f/b/n94/T/8YPr9P+MZ7T+P3f/u+OWJvsfAAAAOsjd/564xf4HAACAaeTuvyVusf8BAABgGrn73xu3NNn/jfv/Sb7/f+/b4gX6/3n7f9//j6v/1/8fRv8/Qf9/x//80v/Xn1//v533j9P/+/4/4xqt/8/d/764pcn+BwAAgA5y978/brH/AQAAYBq5+z8Qt9j/AAAAMI3c/R+MW5rsf/3/1vt/3//X/+v/9f9j0//r/5f4/r/+f8vv1//r/1k3Wv+fu/9DcUuT/Q8AAAAd5O7/cNxi/wMAAMA0cvd/JG6x/wEAAGAaufs/Grc02f/6f/3/vvr/O/4k+v8m/f/1+v+d/v9I+n/9/xL9v/5/y+/X/+v/WTda/5+7/2NxS5P9DwAAAB3k7v943GL/AwAAwDRy938ibrH/AQAAYBq5+z8ZN9zjblfuSSfr9BE/j95c/6//9/1//b/v/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/d/Km7x6/8AAAAwjdz9n45b7H8AAACYRu7+z8Qt9j8AAABMI3f/Z+OWJvtf/6//1/9vtv+/Wv9/7vv1/2PS/+v/l+j/9f9bfv+x+/9bD//P6//pYLT+P3f/5+KWJvsfAAAAOsjd//m4xf4HAACAaeTu/0LcYv8DAADANHL3fzFuabL/9f/6f/3/Zvt/3/8/7/36/zHp//X/S/T/+v8tv9/3//X/rBut/8/d/6W4pcn+BwAAgA5y9385brH/AQAAYBq5+78St9j/AAAAMI3c/V+NW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/d/LW5psv8BAACgg9z9X49b7H8AAACYRu7+b8Qt9j8AAABMI3f/N+OWJvt/5v5/6d+m/z9L/6//3+n/9f97pv/X/y/R/+v/t/x+/b/+n3Wj9f+5+78VtzTZ/wAAANBB7v5vxy32PwAAAEwjd/+tcYv9DwAAANPI3f+duKXJ/p+5/1+i/z9L/6//3+n/9f97pv/X/y/R/+v/t/x+/b/+n3VXqP8/vTui/8/d/924pcn+BwAAgA5y938vbrH/AQAAYBq5+78ft9j/AAAAMI3c/T+IW+bZ//e5ZeEP6v9PvP8/+IdI/6//3+n/9f/6/wP6f/3/Ev2//n/L79f/6/9ZN9r3/3P3/zBumWf/AwAAQHu5+38Ut9j/AAAAMI3c/T+OW+x/AAAAmEbu/p/ELU32v/7f9//1/636/6t2+n/9/2Wm/9f/L9H/6/+3/H79v/6fdaP1/7n7fxq35PC75mL+KgEAAICR5O7/WdzS5Nf/AQAAoIPc/T+PW+x/AAAAmEbu/l/ELU32v/5f/6//b9X/+/6//v+y0//r/5fo//X/W35/9v/5z53+X//P/xqt/8/d/8u4pcn+BwAAgA5y9/8qbrH/AQAAYBq5+38dt9j/AAAAMI3c/b+JW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/b7/r/9n3Wj9f+7+2+KWJvsfAAAAOsjd/9u4xf4HAACAaeTu/13cYv8DAADANHL33x63NNn/+n/9/5T9/131//p//f8o9P/6/yX6f/3/lt+v/9f/s260/j93/+/jlib7HwAAADrI3f+HuMX+BwAAgGnk7v9j3GL/AwAAwDRy9/8pbmmy//X/+v8L7/9P11/3sP2/7//r//X/w5i3/7+L/v+w/v/Mhb2/e/9/401nf6z/3+b79f/6f9aN1v/n7v9z3NJk/wMAAEAHufv/ErfY/wAAADCN3P1/jVvsfwAAAJhG7v6/xS1N9r/+X/8/5ff/9f/6f/3/MObt/33/3/f/ff9f/6//1/+zZrT+P3f/3+OWJvsfAAAAOsjd/4+4xf4HAACAaeTu/2fcYv8DAADANHL3/ytuabL/9f/6f/2//l//r//fJ/2//n+J/l//v+X36//1/6wbrf/P3f+fAAAA///vXi84") open(0x0, 0x0, 0x20) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) link(0x0, &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) lseek(r2, 0x7ff, 0x0) 15m47.514116901s ago: executing program 3 (id=268): syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="00ed8dd5f4aa250ed63d4d5a95c96dcac2ca7342c7dcfaac39021de2f290936759c3c21d8e2aa997ad1a8756735c00343730cc42de7ee60b4689f51e7a"], 0x1, 0xa07, &(0x7f0000000b00)="$eJzs3UuMHEfdAPDq2Z31M5/H+WyyOCaxCSThkd14vZiHBXEUX7DiiFukiIvlOMHCMQhHgkQ52D5xI1FkrjzEKZcIEBK5ICsnLpGIJS45BQ4csIwUiQME7EXerZqd/XtGPbO2d3Z2fj+ptqa6aqaqZ3t6erq7qhIwthqLf+fnp6uULr3z5tG/P/y3LTeXPNEu0Vr8O9mRaqaUqpyeDK/34cRSfP2j1052i6s0t/i3pNMz19rP3ZZSOp/2pcuplfZcuvLGe3NPH79w7OL+9986fPXurD0AAIyXb10+PL/7L3+6f+fHbz9wJG1qLy/H562c3p6P+4/kA/9y/N9IK9NVR+g0FcpN5tAI5Sa6lOuspxnKTfaofyq8brNHuU019U90LOu23jDKynbcSlVjZkW60ZiZWfpNnhZ/109VM2dPn3nh3JAaCtxx/3wwpbRPEIRxDAs7hr0HAlgSrxfe4nw8s3B72q822V/9155sdH8+3AFrvf2rf7Tq/9UFexzunI26NZX1Kp+j7TkdryPE+5cG/fyX14vXI5p9trPXdYRRub7Qq50Ta9yO1erV/rhdbFRfz3F5H74R8js/P/F/Oir/Y6C7fzn/LwhjGxaGvQMC1q1439xCVvLjfX0xf1NN/uaa/C01+Vtr8rfV5MM4++3LP0mvV8u/8+Nv+kHPh5XzbPfk+P8GbE88Hzlo/fG+30Hdbv3xfmJYz35/4tlTX3n+uStL9/9X7e3/Rt7e9+V0K3+2LucC5XxhPK/evve/tbKeRo9y94b23NOl/OLjXSvLVbuWXyd17Gduacf0yuft6FVu78pyrVBuSw6bQ3vj8cnW8Lxy/FH2q+X9mgzr2wzrMRXaUfYrO3Mc2wGrUbbHXvf/l+1zOjWrF06fOfV4Tpft9I8TzU03lx9Y43YDt6/f/j/TaWX/n+3t5c1G535hx/LyqnO/0ArL53osP5jT5XvuOxNbFpfPnPzemefv9MrDmDv3yqvfPXHmzKkfeOCBBx60Hwx7zwTcbbMvv/T92XOvvPrY6ZdOvHjqxVNnDx46dHBu7tBXD87PLh7Xz3Ye3QMbyfKX/rBbAgAAAAAAAAAAAPTrh8eOXvnzu1/+YKn//3L/v9L/v9z5W/r//zj0/4/95Es/+NIPcGeX/MUyYYDVqVCumcP/h/buCvXsDs/7RI7b8/jl/v+lujiua2nPfWF5HL+3lAvDCdwyXspUGIMkzhf46RxfzPEvEwxRtaX74hzXjW9dtvUyPoVxKUZT+b+VraGMY1L6f/ca16ns/3euQRu589aiO+Gw1xHo7h/G/xaEsQ0LC2bxANaHYc//Wc57lvjsH765+WYoxa49uXJ/Gccvhdux3uefVP/Gmv+zPf9d3/u/MGNea3X1/vtnVz/oqDbt6bf+uP5lHOhdg9X/ca6/rM0jqb/6F34R6o8XhPr0n1D/1j7rv2X9966u/v/m+svb9uhD/da/1OKqsbId8bxxuf4XzxsX18P6l7E9B17/VU7UeCPXD+NsVOaZHdSozP/bS7wP40s5XXaE5T6HON/JoO0v91eU74Hd4fWrmu838/+Otq/luO7zUOb/Ldtjq0u60ZFudnlvN+q+BkbVh67/CcLYhoWFhbt7QqvGUCtn6O//sH8nDLv+Yb//deL8v/EYPs7/G/Pj/L8xP87/G/Pj/HoxP87/G9/POP9vzL8vvG6cH3i6Jv+TNfl7avLvr8nfW5P/qZr8/TX5D9TkP1iTf29N/kM1+Z+pyf9sTf7DNfmP1uR/riZ/oyv9UcZ1/WGcxf55Pv8wPsr1n16f/101+cDo+unbB5567jffbi31/59qnw8p1/GO5HQz/3b+UU7H696pI30z792c/mvIX+/nO2CcxPEz4vf7IzX5wOgq93n5fMMYqrqP2NPvuFW9jvMZLZ/P8Rdy/MUcP5bjmRzP5vhAjufWqH3cHU/9+neHX6+Wf+/vCPn93k8e+wPFcaIO9tmeeH5g0PvZ4zh+g7rd+lfZHQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBoGot/5+enq5QuvfPm0WePn569ueSJdonW4t/JjlSz/byUHs/xRI5/nh9c/+i1k53xjRxXaS5VqWovT89ca9e0LaV0Pu1Ll1Mr7bl05Y335p4+fuHYxf3vv3X46t17BwAAAGDj+18AAAD//3wJDZ0=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x842, 0x0) write(r0, &(0x7f0000000540)="953820a61a166fd5dd4b4b", 0xfdef) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000000000001f00000000000000000000000400000001"]) 15m46.560766528s ago: executing program 32 (id=268): syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="00ed8dd5f4aa250ed63d4d5a95c96dcac2ca7342c7dcfaac39021de2f290936759c3c21d8e2aa997ad1a8756735c00343730cc42de7ee60b4689f51e7a"], 0x1, 0xa07, &(0x7f0000000b00)="$eJzs3UuMHEfdAPDq2Z31M5/H+WyyOCaxCSThkd14vZiHBXEUX7DiiFukiIvlOMHCMQhHgkQ52D5xI1FkrjzEKZcIEBK5ICsnLpGIJS45BQ4csIwUiQME7EXerZqd/XtGPbO2d3Z2fj+ptqa6aqaqZ3t6erq7qhIwthqLf+fnp6uULr3z5tG/P/y3LTeXPNEu0Vr8O9mRaqaUqpyeDK/34cRSfP2j1052i6s0t/i3pNMz19rP3ZZSOp/2pcuplfZcuvLGe3NPH79w7OL+9986fPXurD0AAIyXb10+PL/7L3+6f+fHbz9wJG1qLy/H562c3p6P+4/kA/9y/N9IK9NVR+g0FcpN5tAI5Sa6lOuspxnKTfaofyq8brNHuU019U90LOu23jDKynbcSlVjZkW60ZiZWfpNnhZ/109VM2dPn3nh3JAaCtxx/3wwpbRPEIRxDAs7hr0HAlgSrxfe4nw8s3B72q822V/9155sdH8+3AFrvf2rf7Tq/9UFexzunI26NZX1Kp+j7TkdryPE+5cG/fyX14vXI5p9trPXdYRRub7Qq50Ta9yO1erV/rhdbFRfz3F5H74R8js/P/F/Oir/Y6C7fzn/LwhjGxaGvQMC1q1439xCVvLjfX0xf1NN/uaa/C01+Vtr8rfV5MM4++3LP0mvV8u/8+Nv+kHPh5XzbPfk+P8GbE88Hzlo/fG+30Hdbv3xfmJYz35/4tlTX3n+uStL9/9X7e3/Rt7e9+V0K3+2LucC5XxhPK/evve/tbKeRo9y94b23NOl/OLjXSvLVbuWXyd17Gduacf0yuft6FVu78pyrVBuSw6bQ3vj8cnW8Lxy/FH2q+X9mgzr2wzrMRXaUfYrO3Mc2wGrUbbHXvf/l+1zOjWrF06fOfV4Tpft9I8TzU03lx9Y43YDt6/f/j/TaWX/n+3t5c1G535hx/LyqnO/0ArL53osP5jT5XvuOxNbFpfPnPzemefv9MrDmDv3yqvfPXHmzKkfeOCBBx60Hwx7zwTcbbMvv/T92XOvvPrY6ZdOvHjqxVNnDx46dHBu7tBXD87PLh7Xz3Ye3QMbyfKX/rBbAgAAAAAAAAAAAPTrh8eOXvnzu1/+YKn//3L/v9L/v9z5W/r//zj0/4/95Es/+NIPcGeX/MUyYYDVqVCumcP/h/buCvXsDs/7RI7b8/jl/v+lujiua2nPfWF5HL+3lAvDCdwyXspUGIMkzhf46RxfzPEvEwxRtaX74hzXjW9dtvUyPoVxKUZT+b+VraGMY1L6f/ca16ns/3euQRu589aiO+Gw1xHo7h/G/xaEsQ0LC2bxANaHYc//Wc57lvjsH765+WYoxa49uXJ/Gccvhdux3uefVP/Gmv+zPf9d3/u/MGNea3X1/vtnVz/oqDbt6bf+uP5lHOhdg9X/ca6/rM0jqb/6F34R6o8XhPr0n1D/1j7rv2X9966u/v/m+svb9uhD/da/1OKqsbId8bxxuf4XzxsX18P6l7E9B17/VU7UeCPXD+NsVOaZHdSozP/bS7wP40s5XXaE5T6HON/JoO0v91eU74Hd4fWrmu838/+Otq/luO7zUOb/Ldtjq0u60ZFudnlvN+q+BkbVh67/CcLYhoWFhbt7QqvGUCtn6O//sH8nDLv+Yb//deL8v/EYPs7/G/Pj/L8xP87/G/Pj/HoxP87/G9/POP9vzL8vvG6cH3i6Jv+TNfl7avLvr8nfW5P/qZr8/TX5D9TkP1iTf29N/kM1+Z+pyf9sTf7DNfmP1uR/riZ/oyv9UcZ1/WGcxf55Pv8wPsr1n16f/101+cDo+unbB5567jffbi31/59qnw8p1/GO5HQz/3b+UU7H696pI30z792c/mvIX+/nO2CcxPEz4vf7IzX5wOgq93n5fMMYqrqP2NPvuFW9jvMZLZ/P8Rdy/MUcP5bjmRzP5vhAjufWqH3cHU/9+neHX6+Wf+/vCPn93k8e+wPFcaIO9tmeeH5g0PvZ4zh+g7rd+lfZHQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBoGot/5+enq5QuvfPm0WePn569ueSJdonW4t/JjlSz/byUHs/xRI5/nh9c/+i1k53xjRxXaS5VqWovT89ca9e0LaV0Pu1Ll1Mr7bl05Y335p4+fuHYxf3vv3X46t17BwAAAGDj+18AAAD//3wJDZ0=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x842, 0x0) write(r0, &(0x7f0000000540)="953820a61a166fd5dd4b4b", 0xfdef) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000000000001f00000000000000000000000400000001"]) 9m18.854540541s ago: executing program 1 (id=940): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) ioperm(0x0, 0x3, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(&(0x7f0000000540)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f00000005c0)='vxfs\x00', 0x0, 0x0) r5 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 9m14.336484555s ago: executing program 1 (id=948): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) prctl$PR_SET_MM(0x23, 0xb, &(0x7f00007d7000/0x4000)=nil) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="2c0000001a0001ff8000000000f61e000a000000000000000000000006001d000000000008001e80"], 0x2c}}, 0x0) 9m7.883486892s ago: executing program 1 (id=959): r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0) r1 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x8844, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000180)='./file1\x00', 0x2008002, &(0x7f0000000400)=ANY=[@ANYBLOB='utf8,adinicb,lastblock=00000000000000000001,unhide,gid=', @ANYRESDEC=0x0, @ANYBLOB=',session=00000000000000001023,uid=ignore,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c00ba95e3856be72911d5feaaf3d0c0acaa9fa197ed0d116bf1ee4896b3095d2e09e0adff0fc14eed77abeac19eb91e86e97479566b5c81a25240f81d8f905ccf57cf782134b2bc32c843aa113d8c1d28cf893b9981af20804a8a1f472a604e491dc5e21a7f02443d89680cf06e74f108d437cc8297245cec5480719902ab"], 0x0, 0xc57, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3Fld1WTOwoThoXm7ZIZcZy9S+mYhXOqqbZBpBlIhRzC8AVSakLUSRBUo1spC3TS1H0kKKHosiJQGsUSNHAaIqgR6Z1geTiQ5FTT0QLG0HRA1sEyClgMLNvxRVN2qQlUpL1+djSd2fmvZn3ZtYzssA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN99+cLJU2kPFf5kHxsDAByIS2NfOXl6L89/AOChd3mv//8PAAAAAAAAAAAAAAActBRFPBEp5i+tp4lquaN+sd1389b48EjEX25T7Uiqah6qype/6qdOnzn7heeHznXzYns21z8In45Xxy5faLw0d2N+YXpxcXqqMT7bnpybmt71HnZTv28PLRqsTkDjxvWbU1evLjZOP3fmjs23Bt7tf/zYwPmhZ0483S07PjwyMrZZpN5bvraHQ29npxEeh6OIE5Hi2e/+JLUioohdnov3UT/Ya7/VkaoTg1UnxodHqo7MtFuzS+XG0e6JKCIaPZWa3XO0/bWI2l6u/X5qRiyXzS8bPFh2b2y+tdC6MjPdGG0tLLWX2nOzo6nT2rI/jSjiXIpYiYi1/vfuri+KqEWKbx9dT1ci4lD3PHy+Ghi8czuKfezjLpTtbPRFrBQPwTV7gPVHEa9Eip++dTwm832mutd8LuKVMr8f8UaZL0ak8otxNuKdbb5HPJxqUcRflNf//Hqa6j7iqvvKxa82vjx7da6nbPe+ssfnw3vuFPfp+XBkSx6MB/zeVI8iWtUdfz3t/g9LAAAAAAAAAAAAAAAAAOy3I1HEpyLFy//xh9W44qjGpR89P/R7A7/cO2b8qQ/YT1n2uYhYLnY3JvdwHhg4mkZTus9jiR9l9Sjij/L4v2/e78YAAAAAAAAAAAAAAAAAAAA80or4caR44e3jaSV65xRvz15rXG5dmenMCtud+7c7Z/rGxsZGI3WymXMi53LOlZyrOddyRpHr52zmnMi5nHMl52rOtZxxKNfP+c7f5Pp5eTnnSs7VnGs5o5br52zmnMi5nHMl52rOtZzxgMzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwUVJEET+PFN/6+nqKFBHNiIno5Gr//W4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0V8L1I0fr95e10tIlL1b8fx8rez0Txc5sejOVTmi9G8kLNVZa35zfvQfu5OXyriR5Giv/7m7Quer39fZ+n21yDe+Mbm0qdrnTzU3Tjwbv/jx46eHxr5tad2+py2a8DgxfbszVuN8eGRkbGe1bV89I/3rBvIxy3uTdeJiMXXXr/empmZXvhwH67G69fLr8CHrP6QfUi1R6WnPlQfovaBZc7nO+D9buq97zuPgPL5/06k+O23/7P7wO88/+vxS52l20/4+Nkfbz7/X9i6o10+/2tb6+Xnf/lM3+75/0TPuhfyn0b6ahH1pRvzfcci6ouvvX6ifaN1bfra9OzZkye/ODT0xTMn+w5H1K+2Z6Z7Pt2T0wUAAAAAAAAAAAAAAABwcFIRX4oUrR+tp0ZE3KrGaw2cH3rmxNOH4lA13uqOcduvjl2+0Hhp7sb8wvTi4vRUY3y2PTk3Nb3bw9Wr4V7jwyP70pkPdGSf23+k/tLc/GsL7Wt/sLTt9sfqF64sLi20Jrfb/Oc5m70rB6sGjw+PVI2eabdmq6qj2w6m37u+VMR/RYrJs4302bwuj//fOsL/jvH/y1t3tE/j/z/Ws648ZkpF/CxS/NZfPRWfrdr5WPVCgOaW3Zbl/i5SDJ77TC4Xh8ty3TZ03ivQGRlYlv2/SPFPP7+zbHc85BObZU/t+sQ+JMrrfzRSfO/PvhO/ntfd+f6H7a//Y1t3tE/X/8medY/d8b6Cu+46+fqfiBQvPvFm/EZe937v/+i+e+N4Lnz7/Rz7dP0/0bNuIB/3N+9N1wEAAAAAAAAAAB5qfamIv48UPxippefzut38/N9UJzZ/pGuffv7rkz3rpu5+vqJdfbgnJxYAAAAAHgB9qYgfR4prS2/eHkN95/jvnvGfv7M5/nM4bdla/T3fr1TvDbiXf//XayAfd+Luuw0AAAAAAAAAAAAAAAAAAAAPlJSKeD7Ppz5Rjeef2nE+9dVI8fL/PJvLpWNlue488APV7/VLc7MnLszMzE22llpXZqYbY/Otyemy7pORYv1vP5PrFtX86t355jtzvG/Oxb4QKUb+oVu2Mxd7d27yJzfLnirLfixS/Pc/3lm2O4/1JzbLni7L/nWk+Nq/bF/22GbZM2XZ70SKH36t0S37WFm2+37UT26WfW5yrtiHqwIAAAAAAAAAAAAAAAAAAMCjpi8V8aeR4n9vrNwey5/n/+/rWay88Y2e+f63uFXN8z9Qzf+/0+cPM/9/9V6B5Z2OCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH00ping9UsxfWk+r/eVyR/1ie/bmrfHhke2rHUlVzUNV+fJX/dTpM2e/8PzQuW6+f/177VPx6tjlC42X5m7ML0wvLk5PNcZn25NzU9O73sPd1t9qsDoBjRvXb05dvbrYOP3cmWr14bz51sC7/Y8fGzg/9MyJp7tlx4dHRsZ6dlHr+9BHf4/udT28Zf3hKOJwpHj2uz9JP+iPKOLuz8UHfHf225GqE4NVJ8aHR6qOzLRbs0vlxtHuiSgiGj2Vmt1zdADX4q40I5bL5pcNHiy7NzbfWmhdmZlujLYWltpL7bnZ0dRpbdmfRhRxLkWsRMRa/3t31xdFXI8U3z66nv61P+JQ9zx8/tLYV06e3rkdxT72cRfKdjb6IlaKvV6z+9zwB0x/FPHPkeKnbx2Pf+uPqEXnV3wu4pUyvx/xRnROWyq/GGcj3tnme8TDqRZF/H95/c+vp7f6y/tB975y8auNL89enesp272vPPTPh4O0873pSwfajh3Uo4gfVnf89fTv/rsGAAAAAAAAAAAAAAAAeIAU8auR4oW3j6dqfHAeU/xk3nplpjOsrzv2rztmemNjY6OROtnMOZFzOedKqle5mpfXckaR6+dsllnf2JjIy8s5V3Ku5lzLGYdy/ZzNnBM5l3Ou5FzNuZYzarl+zmbOiZzLOVdyruZcyxkPylhwAAAAAAAAAAAAAAAAAADgI6Wo/knxra+vp43+zvzSE9HJVfOBfuT9IgAA//+LUPSl") syz_io_uring_submit(r2, r3, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x4004, @fd=r0, 0x823, &(0x7f00000001c0)=[{0x0}], 0x1}) syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0x0, 0x22c, &(0x7f00000000c0)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvMGKZxyVejt0v0g9V6hlZsYGNVT+BfN2TDBaSYv2FjGyChkc5gPyMziABnEwMAw+U/EvQcskgwiYLPWXArKnHJVlOOf2KmW5avMOu8zzOiYlsbAaDCLg4GBQe+I7kw7A95uJqiZxda8EEcWn0FxpxfHZMb9TIqMIHVn/l4NfsBox9Ady8DIILfBX23xtz9SlRs31UdOr4qomdrddHPp+jiGbfp/r5hIvZ+YEfb/wSFBLYu8/A/zZJS+b26Y86Gm7omJY2ej8lz+1st/372PqS1OUGN6LN5VyMaf4KZV8wnkBNa56dXtW4oVF2SluUw8NvXi34TjaxkYJl94Yqtfc+ZQvGIMp5Rb5dyYu27xglzL1M/XvWFgOBj1eSIDyFNMDAwzw3bugfqLHeSv8gZoZDAwMzAwqIAVsTCkZeakGngwMDIwQzmGLFBVMNVMDBxgCb3k/JyUdgZGcBIAa1vOwAI3w/AxAyucY4TMMbZogJrE0A6lVaC0B5ReDqUfMzCwMSAlL1iyYQGb0A/laTSAlFUklpQUGYKUQ1hwMSO4mJEA3GYmqK1zmVA9d5wJpoJB8jHDKBgFo2AUjIJRMApGwSgYBaNgFIw4AAgAAP//ID+yAQ==") syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0) close(0x3) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x24000000) syz_io_uring_setup(0x10a, 0x0, 0x0, 0x0) io_uring_enter(r1, 0x27e2, 0x0, 0x0, 0x0, 0x0) 9m0.906937067s ago: executing program 1 (id=971): r0 = syz_open_dev$usbfs(0x0, 0x20000007d, 0x0) dup3(0xffffffffffffffff, r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000000)=0x97b, 0x4) r1 = syz_open_dev$evdev(&(0x7f0000002080), 0x0, 0x0) ioctl$EVIOCGKEY(r1, 0x40104593, &(0x7f0000000000)=""/14) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) close(r4) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'gretap0\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x1, 0x700, 0x4, 0x5, {{0x5, 0x4, 0x3, 0x0, 0x14, 0x65, 0x0, 0x6, 0x2f, 0x0, @broadcast, @rand_addr=0x64010100}}}}) socket$packet(0x11, 0x3, 0x300) sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b036812e0ff64000200475400f6a13bb10000000800894f4820", 0x100a6, 0x0, &(0x7f0000000140), 0x14) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r6}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r6, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7}) close(r5) 8m56.022445387s ago: executing program 1 (id=978): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) syz_open_dev$evdev(0x0, 0x4, 0x200000) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r3, 0x0, 0x2, 0x0) syz_clone(0x4001100, 0x0, 0x0, 0x0, 0x0, 0x0) 8m50.6899351s ago: executing program 1 (id=981): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getrlimit(0x6, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x24}}, 0x4) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c8, &(0x7f0000000100)) 8m34.963706006s ago: executing program 33 (id=981): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getrlimit(0x6, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x24}}, 0x4) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c8, &(0x7f0000000100)) 5m41.363478754s ago: executing program 4 (id=1276): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x800}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0) r5 = dup(r3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r5, 0x0) ioctl$SG_GET_KEEP_ORPHAN(r5, 0x2288, &(0x7f0000000240)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) fadvise64(r3, 0x18, 0x0, 0x4) write$binfmt_register(r5, &(0x7f0000000540)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x4d, 0x3a, '/dev/urandom\x00', 0x3a, '/dev/nullb0\x00', 0x3a, './file0', 0x3a, [0x4f, 0x4f, 0x4f, 0x50, 0x43, 0x46]}, 0x46) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x201, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x60810}, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc4c85513, 0x0) 5m38.705580042s ago: executing program 4 (id=1282): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) ioctl$TIOCGPTPEER(r3, 0x5441, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r4, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r5, &(0x7f00000001c0)={0x2, 0x2, @local}, 0x10) r6 = accept(r4, 0x0, 0x0) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) recvmmsg$unix(r6, &(0x7f0000002800), 0x4000000000001e7, 0x40010000, 0x0) close_range(r7, 0xffffffffffffffff, 0x0) 5m36.289187003s ago: executing program 4 (id=1286): syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) fsopen(&(0x7f0000000000)='bpf\x00', 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) shutdown(r0, 0x1) sched_setscheduler(0x0, 0x1, 0x0) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000001140)=0x8000000) close_range(r4, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 5m34.986213838s ago: executing program 4 (id=1287): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000240)="b9", 0x1}], 0x1}}], 0x2, 0x0) 5m32.90991917s ago: executing program 4 (id=1290): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) 5m31.159321277s ago: executing program 4 (id=1292): creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) ftruncate(0xffffffffffffffff, 0xc17a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 5m15.865384432s ago: executing program 34 (id=1292): creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) ftruncate(0xffffffffffffffff, 0xc17a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 52.93809935s ago: executing program 2 (id=1675): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) ioperm(0x0, 0x3, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(&(0x7f0000000540)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f00000005c0)='vxfs\x00', 0x0, 0x0) r5 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r5, 0x0, 0x0) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 46.079891461s ago: executing program 2 (id=1683): syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) fsopen(&(0x7f0000000000)='bpf\x00', 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r0, 0x1) sched_setscheduler(0x0, 0x1, 0x0) r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000001140)=0x8000000) close_range(r2, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 44.741169448s ago: executing program 2 (id=1685): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x800}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, 0x0, &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = dup(r3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r5, 0x0) ioctl$SG_GET_KEEP_ORPHAN(r5, 0x2288, &(0x7f0000000240)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) fadvise64(r3, 0x18, 0x0, 0x4) write$binfmt_register(r5, &(0x7f0000000540)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x4d, 0x3a, '/dev/urandom\x00', 0x3a, '/dev/nullb0\x00', 0x3a, './file0', 0x3a, [0x4f, 0x4f, 0x4f, 0x50, 0x43, 0x46]}, 0x46) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x201, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x60810}, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc4c85513, 0x0) 41.937795146s ago: executing program 2 (id=1688): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x800}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = dup(r3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r5, 0x0) ioctl$SG_GET_KEEP_ORPHAN(r5, 0x2288, &(0x7f0000000240)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) fadvise64(r3, 0x18, 0x0, 0x4) write$binfmt_register(r5, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x201, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x60810}, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc4c85513, 0x0) 40.622995365s ago: executing program 2 (id=1689): openat(0xffffffffffffff9c, 0x0, 0x2026e3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, 0xffffffffffffffff, 0xce9e1000) unshare(0x22020400) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, 0x0) r1 = openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0) write$binfmt_register(r1, &(0x7f0000000040)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x53, 0x3a, '\xd3-\'!!', 0x3a, '', 0x3a, './file/file0', 0x3a, [0x43, 0x4f]}, 0x33) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00'}) read$midi(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x101000) r3 = io_uring_setup(0x25f3, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, 0x257}) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001640), 0x0, 0x0, 0x0, 0xffffffc3}, 0x0) io_uring_enter(r3, 0x2000000, 0x2, 0xf, &(0x7f0000000000), 0x18) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20000000) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[], 0x6f4}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020f6936eca9779fb34b0efe7207b1af8ff00000000bfa100000000000007010000f8ffffff0900000008000000b7030000000000008500000010000000850000007d0000009500001400000000ae58abb8b59158bf8f6f61af94c05da2b9e5135b01000000000000006978c4e7410aa279b833d57be025ff0e491c5dd5999f48bab69214560d0f3daa9abe1a57f27895c35b420622cc0c0c22fe312a4bbd1e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setreuid(0xee01, 0x0) 36.332710142s ago: executing program 2 (id=1693): r0 = openat(0xffffffffffffff9c, 0x0, 0x2026e3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8) mkdirat(r0, &(0x7f0000000240)='./file/file0\x00', 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, 0xffffffffffffffff, 0xce9e1000) unshare(0x22020400) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, 0x0) openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00'}) read$midi(0xffffffffffffffff, 0x0, 0x0) r3 = io_uring_setup(0x25f3, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, 0x257}) io_uring_enter(r3, 0x2000000, 0x2, 0xf, &(0x7f0000000000), 0x18) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20000000) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[], 0x6f4}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020f6936eca9779fb34b0efe7207b1af8ff00000000bfa100000000000007010000f8ffffff0900000008000000b7030000000000008500000010000000850000007d0000009500001400000000ae58abb8b59158bf8f6f61af94c05da2b9e5135b01000000000000006978c4e7410aa279b833d57be025ff0e491c5dd5999f48bab69214560d0f3daa9abe1a57f27895c35b420622cc0c0c22fe312a4bbd1e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setreuid(0xee01, 0x0) 21.119650434s ago: executing program 35 (id=1693): r0 = openat(0xffffffffffffff9c, 0x0, 0x2026e3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8) mkdirat(r0, &(0x7f0000000240)='./file/file0\x00', 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, 0xffffffffffffffff, 0xce9e1000) unshare(0x22020400) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, 0x0) openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00'}) read$midi(0xffffffffffffffff, 0x0, 0x0) r3 = io_uring_setup(0x25f3, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, 0x257}) io_uring_enter(r3, 0x2000000, 0x2, 0xf, &(0x7f0000000000), 0x18) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20000000) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[], 0x6f4}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020f6936eca9779fb34b0efe7207b1af8ff00000000bfa100000000000007010000f8ffffff0900000008000000b7030000000000008500000010000000850000007d0000009500001400000000ae58abb8b59158bf8f6f61af94c05da2b9e5135b01000000000000006978c4e7410aa279b833d57be025ff0e491c5dd5999f48bab69214560d0f3daa9abe1a57f27895c35b420622cc0c0c22fe312a4bbd1e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setreuid(0xee01, 0x0) 16.798453324s ago: executing program 6 (id=1718): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x24}}, 0x4) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r4, 0x400452c8, &(0x7f0000000100)) 13.863102141s ago: executing program 0 (id=1721): r0 = syz_open_dev$usbfs(0x0, 0x20000007d, 0x0) dup3(0xffffffffffffffff, r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000000)=0x97b, 0x4) r1 = syz_open_dev$evdev(&(0x7f0000002080), 0x0, 0x0) ioctl$EVIOCGKEY(r1, 0x40104593, &(0x7f0000000000)=""/14) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, 0x0, 0x0) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) close(r4) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'gretap0\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x1, 0x700, 0x4, 0x5, {{0x5, 0x4, 0x3, 0x0, 0x14, 0x65, 0x0, 0x6, 0x2f, 0x0, @broadcast, @rand_addr=0x64010100}}}}) socket$packet(0x11, 0x3, 0x300) r6 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r6, &(0x7f0000000180)="0b036812e0ff64000200475400f6a13bb10000000800894f4820", 0x100a6, 0x0, &(0x7f0000000140), 0x14) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r7}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r7, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7}) close(r5) 12.738437431s ago: executing program 0 (id=1722): creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) ftruncate(0xffffffffffffffff, 0xc17a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x4c, 0x7, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x14}, 0x4000000) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000040000000900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x001\t\x00'/28], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1, 0x0, r7, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) open(&(0x7f0000000340)='./file0\x00', 0x0, 0x69) openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0) 11.289941382s ago: executing program 0 (id=1724): creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) ftruncate(0xffffffffffffffff, 0xc17a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x4c, 0x7, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x14}, 0x4000000) truncate(&(0x7f0000000240)='./file0\x00', 0x206b12) unshare(0x22020400) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000040000000900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x001\t\x00'/28], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1, 0x0, r7, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) open(&(0x7f0000000340)='./file0\x00', 0x0, 0x69) openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0) 9.194361422s ago: executing program 6 (id=1727): syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) fsopen(&(0x7f0000000000)='bpf\x00', 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sched_setaffinity(0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) shutdown(r0, 0x1) sched_setscheduler(0x0, 0x1, 0x0) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000001140)=0x8000000) close_range(r4, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 7.750507417s ago: executing program 6 (id=1728): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x11, 0x10012, 0xffffffffffffffff, 0x654b3000) write$cgroup_type(0xffffffffffffffff, &(0x7f00000000c0), 0x9) r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r4, &(0x7f0000000380)='./bus\x00') setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@int=0x2, 0x4) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000400)=0xf) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') sync_file_range(0xffffffffffffffff, 0x7, 0x6, 0x4) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3000080, &(0x7f0000000200)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRES8], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=") socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r6, &(0x7f0000000040), 0xfea0) 7.393079487s ago: executing program 5 (id=1729): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08800, &(0x7f0000000140)=ANY=[], 0x1, 0x67c, &(0x7f0000000580)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqa0XlFa9xO2h6BBKcA+h0Iuw5Vh4rQRJKUoorfp+7SF/QHrQodBLC70bUuip7S30JnoogUIvOemmMrOz0sp6ya6sF6v5fMzsPDPP6/x25hnNLmYDfG7NXk/zUYrMXn99tdzeWJ9qbaxPXaizW0nKdCNptlcpFpPio+RW2ku+WO6syxcH9fPBwsztjz/d+KS91ayXqnzjsHq9WauXjCUZqNd7DR6pvTsHtne4ue1UsX2EZcCudQIHZ21rj7V+qj/hdQs8DYr2fXOP0eRikuH674DUs0PjdEd3/Pqa5QAAAOCcemYzm1nNpbMeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwnxe5ko14XYyk6v/8/1FWsTN9unNVg+7J1Yb+9j05/IAAAAAAAAABw7L68mc2s5lJne6v9zf7L1evl6vULeTfLmc9SbmQ1c1nJSpYykWS0q6Gh1bmVlaWJHmpO7ltz8mjj/+PRqgEAAAAAAADA/5ufZ3bn+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgaFMlAe1Utlzvp0TSaSYaTDJXl1pJ/dNLnRLHfzkenPw4AAAB4IsNHqPPMZjazmkud7a2ieua/Wj0vD+fdLGYlC1lJK/O5Wz9Dl0/9jY31qdbG+tTDjfWpquMfbrW12/n2f/saRtVi2p897N/zi1WJkdzLQrXnRu5Ug7mbRlWz9GI9nu1ldyc/K8c08lqtx5HdrddlZ7896FOE49Dot8JoVWlwOyLj9djKhp49PBKf+e40D+1pIo3tT34uH9JT55CKPmN+sVMvya8fi/lr//79D3ps5gRsR6KRKhKTXWff1cNjnnzlz394835r8cH9e8vXT+w0Oi2PnxNTXZF44VxHotln+fEqEle2t2fz3Xw/1zOWN7KUhfwoc1nJfOqZMXP1+Vy+jnZFKdkTqVu7tt74rJEM1e9LexbtZUxjuVCl5vJyVfdSFlLk7dzNfF6t/k1mIt/IdKYz0/UOXznwHa6OrZppG/1d9de+mp1L/TflTN1bveSvvRbsX/uWWsb12a64ds+5o1Ve956dKD3Xw/2oz7mx+aU6Ufbxi6PcNk7M45GY6IrE84dH4nfVtbHcWnywdH/unQPaX3ts+5XBnfSvTvLO3LfyfHkuw/VMsvvsKPOe355ldsdrqP7GpZ3X2JN3pcoris6V+r19rtQy4jNV6av7tjRZ5b2wN2+gHvk//9WVt+vvrbz9t7OJJwB9uvi1i0Mj/xn5+8iHI78cuT/y+vB3LnzzwktDGfzL4Lea4wOvNF4q/pQP85Od538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODolt97/8FcqzW/tH+icXDW8SaK+od8DirTzEhOYRinmSiStWNvOWd/XD0kOj8i+KTtvHnrqTicc50YSFLv+Wmyc/7Ub9FRflwUOBdurjx85+bye+9/feHh3Fvzb80vDk5Pz4zPTL86dfPeQmt+vP161qMETsLO3wNnPRIAAAAAAAAAAACgV6fxPw26uhs7w0MFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzqnZ62kOpsjE+I3xcntjfapVLp30TslmkkYjKX6cFB8lt9JeMtrVXHFQPx8szNz++NONT3baanbKNw6r15u1eslYkoF6vcfQ0dq7c1B7PSu2j7AM2LVO4OCs/S8AAP//tyUHyQ==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xa}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r3}, 0x10) set_mempolicy_home_node(&(0x7f0000124000/0x2000)=nil, 0x2000, 0x3, 0x0) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x320c81c, &(0x7f0000000380)=ANY=[@ANYBLOB="636865636b3d7374726963742c6d61703d61636f726e2c686964652c6e6f726f636b2c636865636b3d72656c617865642c6e6f6a6f6c6965742c6d6f64653d3078303030303030303030303030303030302c626c6f636b3d3078303030303030303030303030303430302c00ef49cf86458fe7d77ad665fd54ecde2920ecf341fdc99e3dd3bbb43add61fbd65ef0936a80c2f39e63"], 0x1, 0x54e, &(0x7f0000001040)="$eJzs3VFv0+YawPHHpYWeHAkdnXOEUFXgpZwjFakEJ4GgiCvPeZO+4NiR7aD2ClU0RRUpTJRJa282btgmbR+C232IfSO0+90w2U5KS5u4pbSpqv8v2vzGfuz3ed3ID25jWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFhu3bZLlnjG7yyp4dx6GLQ+ve2vvW+G3N4zGdGviJX8J9PTcjWbdfW/nxZfSf43J7PZu1mZTibTsv3PK/96+J/JicH6IxI+FZtb2y9Wer3u63EncoKuXRq+rKl9EwWm5TS1MlGgatWqfXexEamG8XS0HMW6pdxQO3EQqnn3tirVahWli8tBx2/WHU8PZj64U7btqnpUbGsnjAL/7qNi5C4azzN+M41JFicxD5IP4mMTq1g7LaXW1nvdSt4AkqDSYYLKIyNEVNkul0ulcrlUvV+7/8C2J/fNsD8j+yLG/6HFeH3FozdwPBP9+i+eGPGlI0uiDny5UpdQAmkNWd43qP//v6tH9ru7/g+q/NVPi2ckrf/Xs3fXh9X/Ibmc3mtTtmRbXsiK9KQnXXk99oxO99UULb4YiSQQIy1x0jmqP0dJTapSFVueyqI0JBIlDTHiiZZIliWSWHT6iXIlFC2OxBJIKErmxZXboqQkNalJRZRoKcqyBNIRX5pSFyfdypqsp/u9IsoaluNOUGnoMAqDz11XyiNGS/3H8X3V4zdwHB8H9R8AAAAAAJxbVvrb9+T8f0qupa2G8bQ97rQAAAAAAMBXlP7lfzaZTCWta2Jx/g8AAAAAwHljpdfYWSJSkBtZa02s9HIpfgkAAAAAAMA5kf79/3oySe+BckOsndulcP4PAAAAAMA58XPuPfaj9iXrjz8lDKest+2l/1kbThLnbFzI1rvw+Rbjxox1ub+RZPLXx8zkpKtnreksaOcmmB/6k7W8PKyDEvjxMAk8rE7238mvcjOLubmaTVcHS7JeCg3j6aIbeA9L4jiXJ2K9FH/3cv17SYf/i9+6bMnaeq9bfPaqt5rm8jbZytuN/g0U991HcUQub9L7LaTXXBw44qn0Qox+v4WsX3v3+Cey1SeO0Oc7mcti5vp3vC3sHf900mepOGz0/SxKxxz5O7mVxdyav5VNDsiinJdFeXcWX7QvDpFFJS+LyjGzAIBxWcupQtb+wv8FR7kvq+5yxOr+TuazmPmZ9MA6OXPAEd3OO6Lbx6xuv+97BtKwGpv0+9tnVfV9ssL7of1GXtlKduGFNxvfypXNre076xsrz7vPuy/L5UrVvmfb98sylQ6jP6H2AAAOkPuMnY+X8iKsezln1f/e+UpBUZ7JK+nJqiykVxuk3zg4cKuFXV9DWMg5ay2kZTJ7wsvCiLO6i+lVDoPtlkfG7s2hcvI/CAAATtFcTh228v+FYC3knHfvreWjz44Lu57WBgAAToYOP1iF+CcrDE37aalWKznxolZh4D5Woak3tTJ+rEN30fGbWrXDIA7cwEsaT0xdRyrqtNtBGKtGEKp2EJml9Mnvqv/o90i3HD82btT2tBNp5QZ+7LixqpvIVe3ON56JFnWYrhy1tWsaxnViE/gqCjqhq4tKRVrvCjR17cemYZKmr9qhaTnhsnoSeJ2WVnUduaFpx0G2wUFfxm8EYSvdbHHcOxsAgDNic2v7xUqv1319qMY/jhK80xj3GAEAwF5UaQAAAAAAAAAAAAAAAAAAAAAAzr6jXclH4+w0Lh7qJ/ioH3Wi+QxuBX0Wdsu5bKQPuhCR0+w099Dxw8kckQCclr8DAAD//+mYTN4=") r4 = socket$inet6_sctp(0xa, 0x801, 0x84) shutdown(r4, 0x1) getsockopt$bt_hci(r4, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b) openat2(0xffffffffffffffff, 0x0, 0x0, 0x0) 7.002037491s ago: executing program 0 (id=1730): socket$netlink(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) write$cgroup_int(r3, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$tipc(r4, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x40, 0x1, 0x4}}, 0x10) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r5 = socket(0x10, 0x803, 0x0) setreuid(0x0, 0xee01) getresuid(&(0x7f0000000080), &(0x7f0000000000), 0x0) setfsuid(0x0) setfsuid(0x0) fcntl$setlease(r5, 0x400, 0x2) syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2) 6.466124581s ago: executing program 5 (id=1731): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) r0 = syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) pipe(0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0xc) r5 = semget$private(0x0, 0x4000000009, 0x0) semop(r5, &(0x7f00000002c0)=[{0x1, 0x85, 0x800}, {0x1, 0x8698, 0x1000}], 0x2) semctl$GETALL(r5, 0x0, 0xd, &(0x7f00000003c0)=""/68) semctl$SETALL(r5, 0x0, 0x11, &(0x7f0000000440)=[0x5e83, 0x2, 0x0]) syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB='dots,dots,dots,nodots,dots,nodots,dots,quiet,nodots,dots,showexec,dots,dots,umask=00000000000000000077777,nfs,dots,tz,errors=continue,nodots,check\x00\x00\x00\x00\x00\x00\x00\x00dots,dots,\x00\x00\x00\x00\x00'], 0xfd, 0x1bf, &(0x7f0000000680)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") write$binfmt_misc(r1, &(0x7f0000001000), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0) setsockopt$sock_int(r1, 0x1, 0x1d, &(0x7f0000000400), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) 4.977746941s ago: executing program 5 (id=1732): socket$netlink(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) write$cgroup_int(r3, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$tipc(r4, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r5 = socket(0x10, 0x803, 0x0) setreuid(0x0, 0xee01) getresuid(&(0x7f0000000080), &(0x7f0000000000), &(0x7f00000000c0)=0x0) setfsuid(0x0) setfsuid(r6) fcntl$setlease(r5, 0x400, 0x2) syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2) 4.474796237s ago: executing program 0 (id=1733): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x11, 0x10012, 0xffffffffffffffff, 0x654b3000) write$cgroup_type(0xffffffffffffffff, &(0x7f00000000c0), 0x9) r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r4, &(0x7f0000000380)='./bus\x00') setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@int=0x2, 0x4) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000400)=0xf) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') sync_file_range(0xffffffffffffffff, 0x7, 0x6, 0x4) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3000080, &(0x7f0000000200)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRES8], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=") socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r6, &(0x7f0000000040), 0xfea0) 3.448609846s ago: executing program 5 (id=1734): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getrlimit(0x6, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c8, &(0x7f0000000100)) 3.166372132s ago: executing program 6 (id=1735): r0 = syz_open_dev$usbfs(0x0, 0x20000007d, 0x0) dup3(0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000002080), 0x0, 0x0) ioctl$EVIOCGKEY(r1, 0x40104593, &(0x7f0000000000)=""/14) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) close(r4) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'gretap0\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x1, 0x700, 0x4, 0x5, {{0x5, 0x4, 0x3, 0x0, 0x14, 0x65, 0x0, 0x6, 0x2f, 0x0, @broadcast, @rand_addr=0x64010100}}}}) socket$packet(0x11, 0x3, 0x300) r6 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r6, &(0x7f0000000180)="0b036812e0ff64000200475400f6a13bb10000000800894f48", 0x19, 0x0, &(0x7f0000000140), 0x14) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r7}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r7, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7}) close(r5) 2.146574948s ago: executing program 6 (id=1736): creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r0 = dup(0xffffffffffffffff) write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18}, 0x18) ftruncate(0xffffffffffffffff, 0xc17a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [], 0x6b}}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x4c, 0x7, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x14}, 0x4000000) truncate(&(0x7f0000000240)='./file0\x00', 0x206b12) unshare(0x22020400) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) open(&(0x7f0000000340)='./file0\x00', 0x0, 0x69) openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0) 1.968386313s ago: executing program 0 (id=1737): creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r0 = dup(0xffffffffffffffff) write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18}, 0x18) ftruncate(0xffffffffffffffff, 0xc17a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [], 0x6b}}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x4c, 0x7, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x14}, 0x4000000) truncate(&(0x7f0000000240)='./file0\x00', 0x206b12) unshare(0x22020400) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000040000000900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x001\t\x00'/28], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) open(&(0x7f0000000340)='./file0\x00', 0x0, 0x69) openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0) 1.932892282s ago: executing program 5 (id=1738): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r4, 0x0) ioctl$SG_GET_KEEP_ORPHAN(r4, 0x2288, &(0x7f0000000240)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fadvise64(r3, 0x18, 0x0, 0x4) write$binfmt_register(r4, &(0x7f0000000540)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x4d, 0x3a, '/dev/urandom\x00', 0x3a, '/dev/nullb0\x00', 0x3a, './file0', 0x3a, [0x4f, 0x4f, 0x4f, 0x50, 0x43, 0x46]}, 0x46) 396.650473ms ago: executing program 6 (id=1739): getgroups(0x2, &(0x7f0000000000)=[0x0, 0x0]) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000740)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,umask=00000000000000000007777,dmask=00000000000000000000152,iocharset=default,gid=', @ANYRESHEX=r0, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYRES8=r0], 0x81, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==") r1 = mq_open(&(0x7f0000001100)='*a%\xff\x00\xf1\fNC\x84\xe0\x99\x1e-\x9a\x0f\x1a\x90\xee\x10\xfeARsO\xae\xd6\x05K\xe2D\x8d\xa4H8\xcf:\a;\xd8\xc7\xc8\\C\xcf\xa7\xcb\xb4\xe4\x8dY\xe3\xa5K&\xe5\xc4\x84v\xfa\xe7\x11\xc4\x99\x10,\xe3M\x80\xd3\xc2\x1c\xb0\x84\xb83', 0x41, 0x0, 0x0) mq_getsetattr(r1, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x42}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x7, 0x4, 0x500, 0x7fffffff, 0x24, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x80) mkdir(0x0, 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') syz_open_dev$ttys(0xc, 0x2, 0x0) r5 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r5, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x100, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0) sendfile(r5, r5, &(0x7f0000000080), 0x7f03) setgroups(0x1, &(0x7f00000001c0)=[0x0]) utimes(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)) 0s ago: executing program 5 (id=1740): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) socket$netlink(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bf38a48bcf94be42dc1c6da8a50073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000080982efea976481ed69ea56d47124a0d1585fbac45b439db498144b2002d622813646c59107515566cdfcd86952cbb70c05135c8f185395a19872121cf1a498adff0ea73a11b203bf13fdea4986dca7160310d43ededed52da4e3000f70fd298c690223516c4dd2b4dd5e9670a77252c7399538497e460db430979b938ac2299d3df5c74664bff58c655a9f76231d136a498e499ae99612ff43fbb3bcd10d8a54d427193eef9124d"], 0x119) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r5, 0x29, 0x31, &(0x7f0000000200)=0x8, 0x4) bind$inet6(r5, &(0x7f0000f65000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x20000002, &(0x7f00000001c0)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r5, 0x29, 0x6, 0x0, &(0x7f0000000080)) setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000380)=0x7fffffff, 0x4) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) r6 = socket$igmp6(0xa, 0x3, 0x2) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e22, 0xc, @empty, 0x2}, 0x1c) ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f0000000300)={@ipv4={'\x00', '\xff\xff', @broadcast}, @mcast2, @rand_addr=' \x01\x00', 0x6cd9, 0x1, 0x4, 0x100, 0x8, 0x20}) sendmsg$NLBL_CIPSOV4_C_ADD(r0, 0x0, 0x0) kernel console output (not intermixed with test programs): t mode [ 763.616420][T10901] bridge_slave_1: entered promiscuous mode [ 763.943344][T11039] FAT-fs (loop6): Directory bread(block 64) failed [ 764.093590][T11039] FAT-fs (loop6): Directory bread(block 65) failed [ 764.268782][T11039] FAT-fs (loop6): Directory bread(block 66) failed [ 764.430687][T11039] FAT-fs (loop6): Directory bread(block 67) failed [ 764.950579][T11039] FAT-fs (loop6): Directory bread(block 68) failed [ 764.957685][T11039] FAT-fs (loop6): Directory bread(block 69) failed [ 764.974069][ T52] bridge_slave_1: left allmulticast mode [ 764.979802][ T52] bridge_slave_1: left promiscuous mode [ 765.053416][T11039] FAT-fs (loop6): Directory bread(block 70) failed [ 765.070919][T11039] FAT-fs (loop6): Directory bread(block 71) failed [ 765.080361][T11039] FAT-fs (loop6): Directory bread(block 72) failed [ 765.087131][T11039] FAT-fs (loop6): Directory bread(block 73) failed [ 765.180977][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 765.874648][ T52] bridge_slave_0: left allmulticast mode [ 765.881055][ T52] bridge_slave_0: left promiscuous mode [ 765.914301][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.700681][T11077] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 767.346855][T11085] loop2: detected capacity change from 0 to 164 [ 767.416168][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 770.262264][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 770.339605][ T52] bond0 (unregistering): Released all slaves [ 772.908349][T11114] loop5: detected capacity change from 0 to 256 [ 773.152078][T11114] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 774.256931][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 774.539111][T11127] CIFS: Unable to determine destination address [ 775.180400][T10901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 775.310776][T10901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 777.078540][T11138] loop4: detected capacity change from 0 to 2048 [ 777.263897][T11138] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=787, location=787 [ 777.275167][T11138] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 777.302410][T11141] loop6: detected capacity change from 0 to 164 [ 777.334638][T11138] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=1043, location=1043 [ 777.413710][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 777.425294][T11138] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=787, location=787 [ 777.492381][T11138] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 777.708618][T11138] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=1043, location=1043 [ 778.080492][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 778.103552][T11138] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1) [ 778.535591][T11138] loop4: detected capacity change from 0 to 8 [ 779.660770][T11138] SQUASHFS error: Failed to initialise xz decompressor [ 779.683874][ T52] team0 (unregistering): Port device team_slave_1 removed [ 779.690382][T11138] squashfs image failed sanity check [ 780.113628][ T52] team0 (unregistering): Port device team_slave_0 removed [ 784.319494][T10901] team0: Port device team_slave_0 added [ 784.505322][T10901] team0: Port device team_slave_1 added [ 784.699639][T11184] loop4: detected capacity change from 0 to 164 [ 784.731405][T11186] loop5: detected capacity change from 0 to 1024 [ 786.145216][T11186] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 786.400502][T10901] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 786.412275][T10901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.833418][T10901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 787.116699][T10901] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 787.184087][T10901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 787.256253][T11200] loop2: detected capacity change from 0 to 256 [ 787.493321][T10901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 787.970063][T11200] FAT-fs (loop2): Directory bread(block 64) failed [ 787.990652][T11200] FAT-fs (loop2): Directory bread(block 65) failed [ 788.017581][T11200] FAT-fs (loop2): Directory bread(block 66) failed [ 788.060607][T11200] FAT-fs (loop2): Directory bread(block 67) failed [ 788.109903][T11200] FAT-fs (loop2): Directory bread(block 68) failed [ 788.133563][T11200] FAT-fs (loop2): Directory bread(block 69) failed [ 788.141285][T11200] FAT-fs (loop2): Directory bread(block 70) failed [ 788.191876][T11200] FAT-fs (loop2): Directory bread(block 71) failed [ 788.203389][T11200] FAT-fs (loop2): Directory bread(block 72) failed [ 788.210032][T11200] FAT-fs (loop2): Directory bread(block 73) failed [ 788.469018][ T5840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.549367][T10901] hsr_slave_0: entered promiscuous mode [ 788.590585][T10901] hsr_slave_1: entered promiscuous mode [ 789.241611][T11213] loop6: detected capacity change from 0 to 256 [ 789.587850][T11213] FAT-fs (loop6): Directory bread(block 64) failed [ 789.594829][T11213] FAT-fs (loop6): Directory bread(block 65) failed [ 789.601470][T11213] FAT-fs (loop6): Directory bread(block 66) failed [ 789.670918][T11213] FAT-fs (loop6): Directory bread(block 67) failed [ 789.678394][T11213] FAT-fs (loop6): Directory bread(block 68) failed [ 789.692568][T11213] FAT-fs (loop6): Directory bread(block 69) failed [ 789.699625][T11213] FAT-fs (loop6): Directory bread(block 70) failed [ 789.726132][T11213] FAT-fs (loop6): Directory bread(block 71) failed [ 789.732851][T11213] FAT-fs (loop6): Directory bread(block 72) failed [ 789.753789][T11213] FAT-fs (loop6): Directory bread(block 73) failed [ 792.341515][T10901] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 792.591502][T11237] loop5: detected capacity change from 0 to 164 [ 792.869539][T10901] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 793.663896][T10901] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 793.780186][T11246] loop0: detected capacity change from 0 to 2048 [ 793.841274][T11246] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=787, location=787 [ 793.856409][T10901] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 793.861407][T11246] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 793.883111][T11246] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=1043, location=1043 [ 793.900784][T11246] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=787, location=787 [ 794.473564][T11246] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 794.561686][T11246] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=1043, location=1043 [ 794.601248][T11246] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1) [ 795.195237][T11246] loop0: detected capacity change from 0 to 8 [ 795.279089][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 796.233611][T10901] 8021q: adding VLAN 0 to HW filter on device bond0 [ 796.351948][T10901] 8021q: adding VLAN 0 to HW filter on device team0 [ 796.388080][T10901] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 796.399101][T10901] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 797.493641][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 797.500820][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 797.510241][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 797.517463][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 797.594025][T11246] SQUASHFS error: xz decompression failed, data probably corrupt [ 797.632631][T11246] SQUASHFS error: Failed to read block 0x108: -5 [ 797.673212][T11246] SQUASHFS error: Unable to read metadata cache entry [106] [ 797.681894][T11246] SQUASHFS error: Unable to read inode 0x11f [ 801.580152][T11296] loop0: detected capacity change from 0 to 1024 [ 803.023880][T11296] EXT4-fs: error -4 creating inode table initialization thread [ 803.226175][T11296] EXT4-fs (loop0): mount failed [ 806.936111][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 806.991749][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 807.507819][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 807.669746][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 807.682829][ T5850] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 807.690604][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 808.353204][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.359764][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.449129][T11371] CIFS: Unable to determine destination address [ 809.832520][ T5850] Bluetooth: hci2: command tx timeout [ 810.561046][T11384] CIFS: Unable to determine destination address [ 811.998544][ T5850] Bluetooth: hci2: command tx timeout [ 812.673305][T11399] sctp: [Deprecated]: syz.0.1308 (pid 11399) Use of int in max_burst socket option deprecated. [ 812.673305][T11399] Use struct sctp_assoc_value instead [ 812.722121][T11399] loop0: detected capacity change from 0 to 64 [ 813.329204][T11402] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 813.933830][ T80] kworker/u8:4: attempt to access beyond end of device [ 813.933830][ T80] loop0: rw=1, sector=65, nr_sectors = 1 limit=64 [ 813.978216][ T80] Buffer I/O error on dev loop0, logical block 65, lost async page write [ 813.999941][ T80] kworker/u8:4: attempt to access beyond end of device [ 813.999941][ T80] loop0: rw=1, sector=66, nr_sectors = 1 limit=64 [ 814.093531][ T5850] Bluetooth: hci2: command tx timeout [ 814.296757][ T80] Buffer I/O error on dev loop0, logical block 66, lost async page write [ 814.807620][ T80] kworker/u8:4: attempt to access beyond end of device [ 814.807620][ T80] loop0: rw=1, sector=67, nr_sectors = 1 limit=64 [ 815.214535][T11409] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 815.235437][ T80] Buffer I/O error on dev loop0, logical block 67, lost async page write [ 815.306384][T11346] chnl_net:caif_netlink_parms(): no params data found [ 815.333923][ T80] kworker/u8:4: attempt to access beyond end of device [ 815.333923][ T80] loop0: rw=1, sector=68, nr_sectors = 1 limit=64 [ 815.388074][ T80] Buffer I/O error on dev loop0, logical block 68, lost async page write [ 815.396865][ T80] kworker/u8:4: attempt to access beyond end of device [ 815.396865][ T80] loop0: rw=1, sector=72, nr_sectors = 1 limit=64 [ 815.423387][ T80] Buffer I/O error on dev loop0, logical block 72, lost async page write [ 815.431996][ T80] kworker/u8:4: attempt to access beyond end of device [ 815.431996][ T80] loop0: rw=1, sector=73, nr_sectors = 1 limit=64 [ 815.446700][ T80] Buffer I/O error on dev loop0, logical block 73, lost async page write [ 815.455941][ T80] kworker/u8:4: attempt to access beyond end of device [ 815.455941][ T80] loop0: rw=1, sector=76, nr_sectors = 1 limit=64 [ 815.469318][ T80] Buffer I/O error on dev loop0, logical block 76, lost async page write [ 815.478553][ T80] kworker/u8:4: attempt to access beyond end of device [ 815.478553][ T80] loop0: rw=1, sector=77, nr_sectors = 1 limit=64 [ 815.491952][ T80] Buffer I/O error on dev loop0, logical block 77, lost async page write [ 815.500849][ T80] kworker/u8:4: attempt to access beyond end of device [ 815.500849][ T80] loop0: rw=1, sector=78, nr_sectors = 88 limit=64 [ 816.166804][ T5850] Bluetooth: hci2: command tx timeout [ 816.944690][T11438] loop2: detected capacity change from 0 to 1024 [ 817.658958][ T3528] bridge_slave_1: left allmulticast mode [ 817.665548][ T3528] bridge_slave_1: left promiscuous mode [ 817.671402][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 818.180314][T10137] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 818.201520][ T3528] bridge_slave_0: left allmulticast mode [ 818.201994][T10137] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 818.217872][T10137] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 818.233901][T10137] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 818.264308][T10137] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 818.264641][ T3528] bridge_slave_0: left promiscuous mode [ 818.277263][T10137] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 818.315516][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 820.060404][T11455] loop2: detected capacity change from 0 to 1024 [ 820.431531][T11455] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 820.446887][T10137] Bluetooth: hci4: command tx timeout [ 822.501182][T10137] Bluetooth: hci4: command tx timeout [ 822.961462][ T5831] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 824.610398][T10137] Bluetooth: hci4: command tx timeout [ 825.506455][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 825.529634][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 825.552564][ T3528] bond0 (unregistering): Released all slaves [ 825.599064][T11489] loop0: detected capacity change from 0 to 256 [ 825.626667][T11489] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 826.860715][T10137] Bluetooth: hci4: command tx timeout [ 826.895522][ T29] audit: type=1800 audit(2000000659.019:63): pid=11496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1328" name="file1" dev="loop0" ino=1048661 res=0 errno=0 [ 826.946495][ T3528] hsr_slave_0: left promiscuous mode [ 827.089236][ T3528] hsr_slave_1: left promiscuous mode [ 827.099387][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 827.161005][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 828.002418][T11507] sctp: [Deprecated]: syz.2.1332 (pid 11507) Use of int in max_burst socket option deprecated. [ 828.002418][T11507] Use struct sctp_assoc_value instead [ 828.057609][T11507] loop2: detected capacity change from 0 to 64 [ 828.897011][T11508] loop5: detected capacity change from 0 to 256 [ 829.003990][T11508] exfat: Bad value for 'gid' [ 829.008672][T11508] exfat: Bad value for 'gid' [ 829.281645][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.281645][ T12] loop2: rw=1, sector=65, nr_sectors = 1 limit=64 [ 829.295299][ T12] Buffer I/O error on dev loop2, logical block 65, lost async page write [ 829.305140][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.305140][ T12] loop2: rw=1, sector=66, nr_sectors = 1 limit=64 [ 829.319584][ T12] Buffer I/O error on dev loop2, logical block 66, lost async page write [ 829.328468][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.328468][ T12] loop2: rw=1, sector=67, nr_sectors = 1 limit=64 [ 829.342020][ T12] Buffer I/O error on dev loop2, logical block 67, lost async page write [ 829.350826][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.350826][ T12] loop2: rw=1, sector=68, nr_sectors = 1 limit=64 [ 829.364250][ T12] Buffer I/O error on dev loop2, logical block 68, lost async page write [ 829.373426][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.373426][ T12] loop2: rw=1, sector=72, nr_sectors = 1 limit=64 [ 829.387067][ T12] Buffer I/O error on dev loop2, logical block 72, lost async page write [ 829.395675][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.395675][ T12] loop2: rw=1, sector=73, nr_sectors = 1 limit=64 [ 829.409201][ T12] Buffer I/O error on dev loop2, logical block 73, lost async page write [ 829.418184][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.418184][ T12] loop2: rw=1, sector=76, nr_sectors = 1 limit=64 [ 829.433150][ T12] Buffer I/O error on dev loop2, logical block 76, lost async page write [ 829.441780][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.441780][ T12] loop2: rw=1, sector=77, nr_sectors = 1 limit=64 [ 829.455069][ T12] Buffer I/O error on dev loop2, logical block 77, lost async page write [ 829.463900][ T12] kworker/u8:1: attempt to access beyond end of device [ 829.463900][ T12] loop2: rw=1, sector=78, nr_sectors = 88 limit=64 [ 831.080873][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 832.089016][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 834.625973][T11539] loop5: detected capacity change from 0 to 256 [ 834.706451][T11539] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 835.775024][T11346] bridge0: port 1(bridge_slave_0) entered blocking state [ 835.782381][T11346] bridge0: port 1(bridge_slave_0) entered disabled state [ 835.790096][T11346] bridge_slave_0: entered allmulticast mode [ 835.797535][T11346] bridge_slave_0: entered promiscuous mode [ 835.863139][T11346] bridge0: port 2(bridge_slave_1) entered blocking state [ 835.909272][T11346] bridge0: port 2(bridge_slave_1) entered disabled state [ 835.994186][T11346] bridge_slave_1: entered allmulticast mode [ 836.002222][T11346] bridge_slave_1: entered promiscuous mode [ 836.385827][T11556] CIFS: Unable to determine destination address [ 836.987587][T11346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 837.216694][T11559] sctp: [Deprecated]: syz.2.1344 (pid 11559) Use of int in max_burst socket option deprecated. [ 837.216694][T11559] Use struct sctp_assoc_value instead [ 837.295959][T11346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 837.392890][T11559] loop2: detected capacity change from 0 to 64 [ 837.664940][T11346] team0: Port device team_slave_0 added [ 837.730238][T11346] team0: Port device team_slave_1 added [ 837.825711][T11346] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 837.832988][T11346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 837.863584][T11346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 837.879355][T11346] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 837.887095][T11346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 837.921301][T11346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 838.698113][T11346] hsr_slave_0: entered promiscuous mode [ 838.721590][T11346] hsr_slave_1: entered promiscuous mode [ 838.759751][T11445] chnl_net:caif_netlink_parms(): no params data found [ 840.354297][ T52] kworker/u8:3: attempt to access beyond end of device [ 840.354297][ T52] loop2: rw=1, sector=65, nr_sectors = 1 limit=64 [ 840.443790][ T52] Buffer I/O error on dev loop2, logical block 65, lost async page write [ 840.452383][ T52] kworker/u8:3: attempt to access beyond end of device [ 840.452383][ T52] loop2: rw=1, sector=66, nr_sectors = 1 limit=64 [ 840.595582][ T52] Buffer I/O error on dev loop2, logical block 66, lost async page write [ 840.646770][ T52] kworker/u8:3: attempt to access beyond end of device [ 840.646770][ T52] loop2: rw=1, sector=67, nr_sectors = 1 limit=64 [ 840.739405][ T3528] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 840.827224][ T52] Buffer I/O error on dev loop2, logical block 67, lost async page write [ 840.995778][ T52] kworker/u8:3: attempt to access beyond end of device [ 840.995778][ T52] loop2: rw=1, sector=68, nr_sectors = 1 limit=64 [ 841.153856][ T52] Buffer I/O error on dev loop2, logical block 68, lost async page write [ 841.162476][ T52] kworker/u8:3: attempt to access beyond end of device [ 841.162476][ T52] loop2: rw=1, sector=72, nr_sectors = 1 limit=64 [ 841.183587][ T52] Buffer I/O error on dev loop2, logical block 72, lost async page write [ 841.192299][ T52] kworker/u8:3: attempt to access beyond end of device [ 841.192299][ T52] loop2: rw=1, sector=73, nr_sectors = 1 limit=64 [ 841.229299][ T52] Buffer I/O error on dev loop2, logical block 73, lost async page write [ 841.243674][ T52] kworker/u8:3: attempt to access beyond end of device [ 841.243674][ T52] loop2: rw=1, sector=76, nr_sectors = 1 limit=64 [ 841.257411][ T52] Buffer I/O error on dev loop2, logical block 76, lost async page write [ 841.266145][ T52] kworker/u8:3: attempt to access beyond end of device [ 841.266145][ T52] loop2: rw=1, sector=77, nr_sectors = 1 limit=64 [ 841.279685][ T52] Buffer I/O error on dev loop2, logical block 77, lost async page write [ 841.289834][ T52] kworker/u8:3: attempt to access beyond end of device [ 841.289834][ T52] loop2: rw=1, sector=78, nr_sectors = 88 limit=64 [ 841.423434][T11605] CIFS: Unable to determine destination address [ 846.429541][ T3528] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 846.651148][ T3528] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 847.891007][T11445] bridge0: port 1(bridge_slave_0) entered blocking state [ 847.898476][T11445] bridge0: port 1(bridge_slave_0) entered disabled state [ 847.906662][T11445] bridge_slave_0: entered allmulticast mode [ 847.914583][T11445] bridge_slave_0: entered promiscuous mode [ 847.929461][T11445] bridge0: port 2(bridge_slave_1) entered blocking state [ 847.937357][T11445] bridge0: port 2(bridge_slave_1) entered disabled state [ 847.944857][T11445] bridge_slave_1: entered allmulticast mode [ 847.952301][T11445] bridge_slave_1: entered promiscuous mode [ 849.043358][T11659] sctp: [Deprecated]: syz.2.1362 (pid 11659) Use of int in max_burst socket option deprecated. [ 849.043358][T11659] Use struct sctp_assoc_value instead [ 849.067873][T11659] loop2: detected capacity change from 0 to 64 [ 849.210831][ T3528] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 849.359583][T11445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 849.556456][T11445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 851.310532][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.310532][ T80] loop2: rw=1, sector=65, nr_sectors = 1 limit=64 [ 851.341274][ T80] Buffer I/O error on dev loop2, logical block 65, lost async page write [ 851.360554][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.360554][ T80] loop2: rw=1, sector=66, nr_sectors = 1 limit=64 [ 851.413317][ T80] Buffer I/O error on dev loop2, logical block 66, lost async page write [ 851.446019][T11445] team0: Port device team_slave_0 added [ 851.463425][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.463425][ T80] loop2: rw=1, sector=67, nr_sectors = 1 limit=64 [ 851.486279][T11445] team0: Port device team_slave_1 added [ 851.579170][ T80] Buffer I/O error on dev loop2, logical block 67, lost async page write [ 851.637268][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.637268][ T80] loop2: rw=1, sector=68, nr_sectors = 1 limit=64 [ 851.732884][ T80] Buffer I/O error on dev loop2, logical block 68, lost async page write [ 851.834017][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.834017][ T80] loop2: rw=1, sector=72, nr_sectors = 1 limit=64 [ 851.847964][ T80] Buffer I/O error on dev loop2, logical block 72, lost async page write [ 851.857003][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.857003][ T80] loop2: rw=1, sector=73, nr_sectors = 1 limit=64 [ 851.873023][ T80] Buffer I/O error on dev loop2, logical block 73, lost async page write [ 851.881848][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.881848][ T80] loop2: rw=1, sector=76, nr_sectors = 1 limit=64 [ 851.895182][ T80] Buffer I/O error on dev loop2, logical block 76, lost async page write [ 851.903850][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.903850][ T80] loop2: rw=1, sector=77, nr_sectors = 1 limit=64 [ 851.917124][ T80] Buffer I/O error on dev loop2, logical block 77, lost async page write [ 851.926084][ T80] kworker/u8:4: attempt to access beyond end of device [ 851.926084][ T80] loop2: rw=1, sector=78, nr_sectors = 88 limit=64 [ 851.992936][T11445] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 852.009884][T11445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 852.147329][T11445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 853.412174][T11445] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 853.419498][T11445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 853.521968][T11445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 853.783980][T11700] loop5: detected capacity change from 0 to 2048 [ 853.855891][T11700] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=787, location=787 [ 853.893578][T11700] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 853.918981][T11700] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=1043, location=1043 [ 853.963819][T11700] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=787, location=787 [ 854.018086][T11700] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 854.066990][T11700] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=1043, location=1043 [ 854.124905][T11700] UDF-fs: warning (device loop5): udf_fill_super: No partition found (1) [ 854.224047][T11700] loop5: detected capacity change from 0 to 8 [ 854.258877][T11445] hsr_slave_0: entered promiscuous mode [ 854.267087][T11445] hsr_slave_1: entered promiscuous mode [ 854.276051][T11445] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 854.285108][T11445] Cannot create hsr debugfs directory [ 854.424559][T11700] SQUASHFS error: xz decompression failed, data probably corrupt [ 854.491617][ T3528] bridge_slave_1: left allmulticast mode [ 854.508554][T11700] SQUASHFS error: Failed to read block 0x108: -5 [ 854.523433][ T3528] bridge_slave_1: left promiscuous mode [ 854.538523][T11700] SQUASHFS error: Unable to read metadata cache entry [106] [ 854.548786][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 854.569849][T11700] SQUASHFS error: Unable to read inode 0x11f [ 854.998375][ T3528] bridge_slave_0: left allmulticast mode [ 855.031479][ T3528] bridge_slave_0: left promiscuous mode [ 855.054404][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 858.691872][T11730] loop5: detected capacity change from 0 to 164 [ 861.797957][T11753] sctp: [Deprecated]: syz.0.1383 (pid 11753) Use of int in max_burst socket option deprecated. [ 861.797957][T11753] Use struct sctp_assoc_value instead [ 861.900085][T11753] loop0: detected capacity change from 0 to 64 [ 861.935117][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 861.957886][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 861.989367][ T3528] bond0 (unregistering): Released all slaves [ 862.920837][ T3528] IPVS: stopping master sync thread 6569 ... [ 862.928337][ T29] audit: type=1326 audit(2000000695.039:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 863.500381][ T29] audit: type=1326 audit(2000000695.039:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 863.552514][T11346] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 863.642870][ T29] audit: type=1326 audit(2000000695.039:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 863.762875][ T29] audit: type=1326 audit(2000000695.039:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 863.939792][ T29] audit: type=1326 audit(2000000695.039:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 864.057868][ T29] audit: type=1326 audit(2000000695.039:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 864.143506][ T29] audit: type=1326 audit(2000000695.039:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 864.273968][ T29] audit: type=1326 audit(2000000695.039:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 864.993377][ T29] audit: type=1326 audit(2000000695.039:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 865.037366][ T29] audit: type=1326 audit(2000000695.039:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.6.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 867.576422][T11790] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 869.570373][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 869.593163][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 869.628071][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 869.719126][ T6156] kworker/u8:10: attempt to access beyond end of device [ 869.719126][ T6156] loop0: rw=1, sector=65, nr_sectors = 1 limit=64 [ 869.766355][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 869.772914][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 869.832727][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 869.833396][ T6156] Buffer I/O error on dev loop0, logical block 65, lost async page write [ 869.860679][ T6156] kworker/u8:10: attempt to access beyond end of device [ 869.860679][ T6156] loop0: rw=1, sector=66, nr_sectors = 1 limit=64 [ 869.887635][ T5850] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 869.901611][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 869.951105][ T6156] Buffer I/O error on dev loop0, logical block 66, lost async page write [ 869.978572][ T6156] kworker/u8:10: attempt to access beyond end of device [ 869.978572][ T6156] loop0: rw=1, sector=67, nr_sectors = 1 limit=64 [ 870.033824][ T6156] Buffer I/O error on dev loop0, logical block 67, lost async page write [ 870.043616][ T6156] kworker/u8:10: attempt to access beyond end of device [ 870.043616][ T6156] loop0: rw=1, sector=68, nr_sectors = 1 limit=64 [ 870.060751][ T6156] Buffer I/O error on dev loop0, logical block 68, lost async page write [ 870.593453][ T6156] kworker/u8:10: attempt to access beyond end of device [ 870.593453][ T6156] loop0: rw=1, sector=72, nr_sectors = 1 limit=64 [ 870.620123][ T6156] Buffer I/O error on dev loop0, logical block 72, lost async page write [ 870.643613][ T6156] kworker/u8:10: attempt to access beyond end of device [ 870.643613][ T6156] loop0: rw=1, sector=73, nr_sectors = 1 limit=64 [ 870.694843][ T6156] Buffer I/O error on dev loop0, logical block 73, lost async page write [ 870.733377][ T6156] kworker/u8:10: attempt to access beyond end of device [ 870.733377][ T6156] loop0: rw=1, sector=76, nr_sectors = 1 limit=64 [ 870.756668][ T6156] Buffer I/O error on dev loop0, logical block 76, lost async page write [ 870.765413][ T6156] kworker/u8:10: attempt to access beyond end of device [ 870.765413][ T6156] loop0: rw=1, sector=77, nr_sectors = 1 limit=64 [ 870.779355][ T6156] Buffer I/O error on dev loop0, logical block 77, lost async page write [ 870.788939][ T6156] kworker/u8:10: attempt to access beyond end of device [ 870.788939][ T6156] loop0: rw=1, sector=78, nr_sectors = 88 limit=64 [ 870.944232][ T3528] hsr_slave_0: left promiscuous mode [ 870.993568][ T3528] hsr_slave_1: left promiscuous mode [ 871.318375][ T3528] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 872.277629][ T5850] Bluetooth: hci2: command tx timeout [ 872.317542][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 873.291226][ T3528] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 873.299541][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 873.770684][T11830] sctp: [Deprecated]: syz.2.1395 (pid 11830) Use of int in max_burst socket option deprecated. [ 873.770684][T11830] Use struct sctp_assoc_value instead [ 873.797742][T11830] loop2: detected capacity change from 0 to 64 [ 873.978953][ T3528] veth1_macvtap: left promiscuous mode [ 874.123631][ T3528] veth0_macvtap: left promiscuous mode [ 874.132318][ T3528] veth1_vlan: left promiscuous mode [ 874.158322][ T3528] veth0_vlan: left promiscuous mode [ 874.335557][ T5850] Bluetooth: hci2: command tx timeout [ 875.625121][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.625121][T10634] loop2: rw=1, sector=65, nr_sectors = 1 limit=64 [ 875.638810][T10634] Buffer I/O error on dev loop2, logical block 65, lost async page write [ 875.647542][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.647542][T10634] loop2: rw=1, sector=66, nr_sectors = 1 limit=64 [ 875.675740][T10634] Buffer I/O error on dev loop2, logical block 66, lost async page write [ 875.685241][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.685241][T10634] loop2: rw=1, sector=67, nr_sectors = 1 limit=64 [ 875.699029][T10634] Buffer I/O error on dev loop2, logical block 67, lost async page write [ 875.707741][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.707741][T10634] loop2: rw=1, sector=68, nr_sectors = 1 limit=64 [ 875.739116][T10634] Buffer I/O error on dev loop2, logical block 68, lost async page write [ 875.755209][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.755209][T10634] loop2: rw=1, sector=72, nr_sectors = 1 limit=64 [ 875.807857][T10634] Buffer I/O error on dev loop2, logical block 72, lost async page write [ 875.827893][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.827893][T10634] loop2: rw=1, sector=73, nr_sectors = 1 limit=64 [ 875.855467][T10634] Buffer I/O error on dev loop2, logical block 73, lost async page write [ 875.864607][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.864607][T10634] loop2: rw=1, sector=76, nr_sectors = 1 limit=64 [ 875.880459][T10634] Buffer I/O error on dev loop2, logical block 76, lost async page write [ 875.911690][T10634] kworker/u8:12: attempt to access beyond end of device [ 875.911690][T10634] loop2: rw=1, sector=77, nr_sectors = 1 limit=64 [ 875.928289][T10634] Buffer I/O error on dev loop2, logical block 77, lost async page write [ 876.130575][T10634] kworker/u8:12: attempt to access beyond end of device [ 876.130575][T10634] loop2: rw=1, sector=78, nr_sectors = 88 limit=64 [ 877.636928][ T5850] Bluetooth: hci2: command tx timeout [ 879.683546][ T5850] Bluetooth: hci2: command tx timeout [ 879.726891][T11866] loop6: detected capacity change from 0 to 1024 [ 879.806214][T10137] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 879.820471][T10137] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 879.831759][T10137] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 879.840278][T10137] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 879.849415][T10137] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 879.857052][T10137] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 880.404657][T11866] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 882.140445][T11885] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 882.615250][T10137] Bluetooth: hci6: command tx timeout [ 882.786579][ T6874] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 884.647159][T10137] Bluetooth: hci6: command tx timeout [ 885.503812][T11901] sctp: [Deprecated]: syz.6.1411 (pid 11901) Use of int in max_burst socket option deprecated. [ 885.503812][T11901] Use struct sctp_assoc_value instead [ 886.205441][T11898] loop6: detected capacity change from 0 to 64 [ 886.249618][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 886.726107][T10137] Bluetooth: hci6: command tx timeout [ 886.993651][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 888.803463][T10137] Bluetooth: hci6: command tx timeout [ 890.955695][T11928] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 893.117651][T11807] chnl_net:caif_netlink_parms(): no params data found [ 899.046786][T11985] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 900.642724][T11807] bridge0: port 1(bridge_slave_0) entered blocking state [ 900.869832][T11807] bridge0: port 1(bridge_slave_0) entered disabled state [ 902.077520][T12009] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 902.078795][T11807] bridge_slave_0: entered allmulticast mode [ 902.094635][T11807] bridge_slave_0: entered promiscuous mode [ 902.167910][T11862] chnl_net:caif_netlink_parms(): no params data found [ 902.355513][T11807] bridge0: port 2(bridge_slave_1) entered blocking state [ 902.362755][T11807] bridge0: port 2(bridge_slave_1) entered disabled state [ 902.423534][T11807] bridge_slave_1: entered allmulticast mode [ 902.430696][T11807] bridge_slave_1: entered promiscuous mode [ 904.427045][T11807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 904.662083][T12040] loop0: detected capacity change from 0 to 256 [ 904.672359][T12040] msdos: Bad value for 'tz' [ 905.403309][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 905.403332][ T29] audit: type=1326 audit(2000000736.659:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.442111][T12044] loop0: detected capacity change from 0 to 512 [ 905.449439][ T29] audit: type=1326 audit(2000000736.659:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.474509][T12045] CIFS: Unable to determine destination address [ 905.486273][ T29] audit: type=1326 audit(2000000736.669:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.539957][ T29] audit: type=1326 audit(2000000736.669:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.570149][T12044] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 905.616467][ T29] audit: type=1326 audit(2000000736.669:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.649669][ T29] audit: type=1326 audit(2000000736.669:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.672853][ T29] audit: type=1326 audit(2000000736.669:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.695922][ T29] audit: type=1326 audit(2000000736.669:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.718614][ T29] audit: type=1326 audit(2000000736.669:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 905.741223][ T29] audit: type=1326 audit(2000000736.679:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12033 comm="syz.0.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 906.369959][T12044] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1442: invalid indirect mapped block 4294967295 (level 0) [ 906.400849][T11807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 906.475120][T11862] bridge0: port 1(bridge_slave_0) entered blocking state [ 906.513820][T11862] bridge0: port 1(bridge_slave_0) entered disabled state [ 906.528826][T12044] EXT4-fs (loop0): Remounting filesystem read-only [ 906.728997][T11862] bridge_slave_0: entered allmulticast mode [ 906.736417][T11862] bridge_slave_0: entered promiscuous mode [ 906.793738][T12044] EXT4-fs (loop0): 1 orphan inode deleted [ 906.804256][T12044] EXT4-fs (loop0): 1 truncate cleaned up [ 906.863158][T12044] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 907.183990][T11807] team0: Port device team_slave_0 added [ 907.225384][T11807] team0: Port device team_slave_1 added [ 907.588841][T12058] loop5: detected capacity change from 0 to 256 [ 907.596256][T12058] exfat: Bad value for 'gid' [ 907.601435][T12058] exfat: Bad value for 'gid' [ 908.798599][T11862] bridge0: port 2(bridge_slave_1) entered blocking state [ 908.807762][T11862] bridge0: port 2(bridge_slave_1) entered disabled state [ 908.819416][T11862] bridge_slave_1: entered allmulticast mode [ 908.851095][T12069] loop5: detected capacity change from 0 to 256 [ 908.858539][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 908.876286][T12069] exfat: Bad value for 'gid' [ 908.877913][T11862] bridge_slave_1: entered promiscuous mode [ 908.903426][T12069] exfat: Bad value for 'gid' [ 911.192530][T11807] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 911.203405][T11807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 911.623316][T11807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 911.703901][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 911.703924][ T29] audit: type=1326 audit(2000000743.829:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 911.751891][ T29] audit: type=1326 audit(2000000743.829:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 911.824839][T12086] loop0: detected capacity change from 0 to 256 [ 911.832809][T12086] msdos: Bad value for 'tz' [ 912.763472][T11807] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 912.770591][T11807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 912.953426][T12084] loop6: detected capacity change from 0 to 256 [ 912.957688][ T29] audit: type=1326 audit(2000000743.829:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 912.960896][T12084] msdos: Bad value for 'tz' [ 912.986689][ T29] audit: type=1326 audit(2000000743.829:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 913.025392][ T29] audit: type=1326 audit(2000000743.829:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 913.050964][ T29] audit: type=1326 audit(2000000743.829:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 913.074642][ T29] audit: type=1326 audit(2000000743.829:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 913.097553][ T29] audit: type=1326 audit(2000000743.829:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 913.120705][ T29] audit: type=1326 audit(2000000743.829:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 913.144700][ T29] audit: type=1326 audit(2000000743.839:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.0.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 913.171380][T11807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 913.778613][T12089] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 914.137496][T11862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 915.118615][T11862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 916.324885][T11807] hsr_slave_0: entered promiscuous mode [ 916.331502][T11807] hsr_slave_1: entered promiscuous mode [ 916.349335][T11807] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 916.373392][T11807] Cannot create hsr debugfs directory [ 916.590062][T12115] loop5: detected capacity change from 0 to 1024 [ 916.625549][T12115] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 916.655179][T11862] team0: Port device team_slave_0 added [ 916.668296][T11862] team0: Port device team_slave_1 added [ 918.017495][ T5840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 919.504598][T12141] loop5: detected capacity change from 0 to 512 [ 920.063782][T12141] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 920.226022][T12141] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.1459: invalid indirect mapped block 4294967295 (level 0) [ 920.285339][T11862] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 920.325224][T11862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 920.358708][T12141] EXT4-fs (loop5): Remounting filesystem read-only [ 920.384908][T12155] loop2: detected capacity change from 0 to 1024 [ 920.386666][T12141] EXT4-fs (loop5): 1 orphan inode deleted [ 920.441352][T12141] EXT4-fs (loop5): 1 truncate cleaned up [ 920.448616][T12141] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 920.461241][T11862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 920.475509][T11862] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 920.496490][T12155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 920.520102][T11862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 920.597600][T11862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 922.377667][ T5840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.566926][ T5831] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 923.049099][T12173] loop0: detected capacity change from 0 to 256 [ 923.058902][T12173] msdos: Bad value for 'tz' [ 923.114802][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 923.114853][ T29] audit: type=1326 audit(2000000755.049:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 923.416833][ T29] audit: type=1326 audit(2000000755.049:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 923.725901][ T29] audit: type=1326 audit(2000000755.049:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 923.758139][ T29] audit: type=1326 audit(2000000755.059:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 923.784744][ T29] audit: type=1326 audit(2000000755.059:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 923.807595][ T29] audit: type=1326 audit(2000000755.059:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 924.733652][ T29] audit: type=1326 audit(2000000755.059:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 924.820897][ T29] audit: type=1326 audit(2000000755.059:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 924.870113][T11862] hsr_slave_0: entered promiscuous mode [ 924.904910][T11862] hsr_slave_1: entered promiscuous mode [ 924.914810][T11862] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 924.922405][T11862] Cannot create hsr debugfs directory [ 924.943322][ T29] audit: type=1326 audit(2000000755.059:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 925.109438][ T29] audit: type=1326 audit(2000000755.059:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12166 comm="syz.0.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 926.239811][T12190] loop2: detected capacity change from 0 to 1024 [ 926.410859][T12190] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 927.068128][T12207] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 927.077585][T12207] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 927.157361][T12207] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 927.912723][T12207] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 927.925792][T12207] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 927.933582][T12207] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 928.128512][ T5831] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 928.281152][T12225] CIFS: Unable to determine destination address [ 930.006136][T12207] Bluetooth: hci4: command tx timeout [ 930.890349][T12243] loop6: detected capacity change from 0 to 512 [ 931.064091][T12243] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 931.158569][T12243] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.1475: invalid indirect mapped block 4294967295 (level 0) [ 931.222020][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.228545][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 931.290364][T12243] EXT4-fs (loop6): Remounting filesystem read-only [ 931.397449][T12243] EXT4-fs (loop6): 1 orphan inode deleted [ 931.403551][T12243] EXT4-fs (loop6): 1 truncate cleaned up [ 931.410549][T12243] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 932.667572][T12207] Bluetooth: hci4: command tx timeout [ 933.296269][ T6874] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 934.747155][T10137] Bluetooth: hci4: command tx timeout [ 935.188532][T12291] loop5: detected capacity change from 0 to 1024 [ 935.213867][ T3528] bridge_slave_1: left allmulticast mode [ 935.240526][ T3528] bridge_slave_1: left promiscuous mode [ 935.266374][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 935.357065][T12291] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 936.284696][ T3528] bridge_slave_0: left allmulticast mode [ 936.506802][ T3528] bridge_slave_0: left promiscuous mode [ 936.523468][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 936.606729][ T5840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 936.812024][T10137] Bluetooth: hci4: command tx timeout [ 937.990111][ T3528] bridge_slave_1: left allmulticast mode [ 938.000977][ T3528] bridge_slave_1: left promiscuous mode [ 938.177287][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 939.042724][T12322] loop2: detected capacity change from 0 to 1024 [ 939.151814][T12328] loop5: detected capacity change from 0 to 256 [ 939.199543][ T3528] bridge_slave_0: left allmulticast mode [ 939.206863][ T3528] bridge_slave_0: left promiscuous mode [ 939.212718][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 939.280259][T12328] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 939.344176][T12207] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 939.359337][T12322] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 939.367093][T12207] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 939.384024][T12207] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 939.396994][T12207] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 939.408164][T12207] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 939.416051][T12207] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 940.675409][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 940.675434][ T29] audit: type=1800 audit(2000000772.809:147): pid=12341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1490" name="file1" dev="loop5" ino=1048667 res=0 errno=0 [ 941.257927][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 941.642703][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 941.948744][T12207] Bluetooth: hci2: command tx timeout [ 942.015040][ T3528] bond0 (unregistering): Released all slaves [ 942.044485][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 942.119275][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 942.285245][ T3528] bond0 (unregistering): Released all slaves [ 943.304473][ T5831] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 943.522274][T12201] chnl_net:caif_netlink_parms(): no params data found [ 943.718246][T12368] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 944.421862][T12207] Bluetooth: hci2: command tx timeout [ 944.834436][ T29] audit: type=1326 audit(2000000776.179:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 945.020464][ T29] audit: type=1326 audit(2000000776.189:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 946.458912][ T29] audit: type=1326 audit(2000000777.569:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 946.486146][T12207] Bluetooth: hci2: command tx timeout [ 946.933400][T12386] loop2: detected capacity change from 0 to 256 [ 946.940459][T12386] msdos: Bad value for 'tz' [ 947.177543][ T29] audit: type=1326 audit(2000000777.569:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.377228][ T29] audit: type=1326 audit(2000000777.569:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.473353][ T29] audit: type=1326 audit(2000000777.569:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.523248][ T29] audit: type=1326 audit(2000000777.569:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.563292][ T29] audit: type=1326 audit(2000000777.569:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.613307][ T29] audit: type=1326 audit(2000000777.569:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.653257][ T29] audit: type=1326 audit(2000000777.569:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12373 comm="syz.2.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.703287][ T29] audit: type=1326 audit(2000000778.999:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12382 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 947.763575][ T29] audit: type=1326 audit(2000000778.999:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12382 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 948.608908][T12398] CIFS: Unable to determine destination address [ 949.301316][T12207] Bluetooth: hci2: command tx timeout [ 949.353323][ T3528] hsr_slave_0: left promiscuous mode [ 950.773322][ T3528] hsr_slave_1: left promiscuous mode [ 950.842815][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 950.937441][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 951.158110][T12405] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 953.458088][ T3528] hsr_slave_0: left promiscuous mode [ 955.176307][ T3528] hsr_slave_1: left promiscuous mode [ 955.736447][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 955.779217][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 958.263474][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 958.263540][ T29] audit: type=1326 audit(2000000789.969:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.343290][ T29] audit: type=1326 audit(2000000789.969:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.423321][ T29] audit: type=1326 audit(2000000789.969:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.468167][ T29] audit: type=1326 audit(2000000789.969:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.550334][ T29] audit: type=1326 audit(2000000789.969:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.585595][ T29] audit: type=1326 audit(2000000789.969:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.693149][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 958.743341][ T29] audit: type=1326 audit(2000000789.969:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.797163][ T29] audit: type=1326 audit(2000000789.969:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.832394][ T29] audit: type=1326 audit(2000000789.969:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.858551][ T29] audit: type=1326 audit(2000000789.969:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a81b85d29 code=0x7ffc0000 [ 958.896839][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 960.597617][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 960.630068][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 962.837145][T12468] loop2: detected capacity change from 0 to 256 [ 962.847698][T12468] msdos: Bad value for 'tz' [ 963.724480][T12474] loop0: detected capacity change from 0 to 1024 [ 963.852396][T12474] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 965.744463][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 966.534279][T12201] bridge0: port 1(bridge_slave_0) entered blocking state [ 966.567770][T12201] bridge0: port 1(bridge_slave_0) entered disabled state [ 966.593350][T12201] bridge_slave_0: entered allmulticast mode [ 966.647064][T12201] bridge_slave_0: entered promiscuous mode [ 967.226176][T12201] bridge0: port 2(bridge_slave_1) entered blocking state [ 967.243508][T12201] bridge0: port 2(bridge_slave_1) entered disabled state [ 967.250819][T12201] bridge_slave_1: entered allmulticast mode [ 967.274146][T12201] bridge_slave_1: entered promiscuous mode [ 967.924159][T12331] chnl_net:caif_netlink_parms(): no params data found [ 967.965609][T12201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 968.207445][T12201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 969.141197][T12516] CIFS: Unable to determine destination address [ 971.093658][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 971.093712][ T29] audit: type=1326 audit(2000000803.169:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 971.129808][T12534] input: syz1 as /devices/virtual/input/input24 [ 971.928829][ T29] audit: type=1326 audit(2000000803.169:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 972.032433][T12201] team0: Port device team_slave_0 added [ 972.099256][ T29] audit: type=1326 audit(2000000803.169:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 972.296903][T12541] CIFS: Unable to determine destination address [ 972.316236][ T29] audit: type=1326 audit(2000000803.169:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 972.963352][ T29] audit: type=1326 audit(2000000803.169:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 973.170041][ T29] audit: type=1326 audit(2000000803.169:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 973.191942][T12201] team0: Port device team_slave_1 added [ 973.241432][ T29] audit: type=1326 audit(2000000803.169:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 973.381283][ T29] audit: type=1326 audit(2000000803.169:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 973.404062][ T29] audit: type=1326 audit(2000000803.169:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 973.426813][ T29] audit: type=1326 audit(2000000803.169:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.6.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 974.656327][T12201] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 974.663734][T12201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 974.690115][T12201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 974.704338][T12201] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 974.711782][T12201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 974.738013][T12201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 976.670077][T12560] CIFS: Unable to determine destination address [ 977.109954][T12201] hsr_slave_0: entered promiscuous mode [ 977.403851][T12201] hsr_slave_1: entered promiscuous mode [ 977.760463][T12331] bridge0: port 1(bridge_slave_0) entered blocking state [ 977.772171][T12331] bridge0: port 1(bridge_slave_0) entered disabled state [ 978.585029][T12331] bridge_slave_0: entered allmulticast mode [ 978.593942][T12331] bridge_slave_0: entered promiscuous mode [ 978.794489][T12331] bridge0: port 2(bridge_slave_1) entered blocking state [ 978.826474][T12331] bridge0: port 2(bridge_slave_1) entered disabled state [ 978.877330][T12331] bridge_slave_1: entered allmulticast mode [ 978.903442][T12331] bridge_slave_1: entered promiscuous mode [ 982.793576][T12331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 983.793521][T12609] CIFS: Unable to determine destination address [ 984.235978][T12331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 985.301354][T12617] loop5: detected capacity change from 0 to 1024 [ 985.332598][T12331] team0: Port device team_slave_0 added [ 985.375307][T12331] team0: Port device team_slave_1 added [ 985.494365][T12622] loop6: detected capacity change from 0 to 64 [ 985.769271][T12617] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 986.295218][T11103] kworker/u8:15: attempt to access beyond end of device [ 986.295218][T11103] loop6: rw=1, sector=65, nr_sectors = 1 limit=64 [ 986.349765][T11103] Buffer I/O error on dev loop6, logical block 65, lost async page write [ 986.403790][T11103] kworker/u8:15: attempt to access beyond end of device [ 986.403790][T11103] loop6: rw=1, sector=66, nr_sectors = 1 limit=64 [ 986.417701][T11103] Buffer I/O error on dev loop6, logical block 66, lost async page write [ 986.426240][T11103] kworker/u8:15: attempt to access beyond end of device [ 986.426240][T11103] loop6: rw=1, sector=67, nr_sectors = 1 limit=64 [ 986.439574][T11103] Buffer I/O error on dev loop6, logical block 67, lost async page write [ 986.448719][T11103] kworker/u8:15: attempt to access beyond end of device [ 986.448719][T11103] loop6: rw=1, sector=68, nr_sectors = 1 limit=64 [ 986.462051][T11103] Buffer I/O error on dev loop6, logical block 68, lost async page write [ 986.470617][T11103] kworker/u8:15: attempt to access beyond end of device [ 986.470617][T11103] loop6: rw=1, sector=72, nr_sectors = 1 limit=64 [ 986.471233][T12331] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 986.509719][T11103] Buffer I/O error on dev loop6, logical block 72, lost async page write [ 986.741299][T11103] kworker/u8:15: attempt to access beyond end of device [ 986.741299][T11103] loop6: rw=1, sector=73, nr_sectors = 1 limit=64 [ 987.103415][T12331] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 987.173625][T11103] Buffer I/O error on dev loop6, logical block 73, lost async page write [ 987.182341][T11103] kworker/u8:15: attempt to access beyond end of device [ 987.182341][T11103] loop6: rw=1, sector=76, nr_sectors = 1 limit=64 [ 987.302139][T12331] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 987.323339][T11103] Buffer I/O error on dev loop6, logical block 76, lost async page write [ 987.331924][T11103] kworker/u8:15: attempt to access beyond end of device [ 987.331924][T11103] loop6: rw=1, sector=77, nr_sectors = 1 limit=64 [ 987.352484][T12331] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 987.359685][T12331] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 987.410920][T11103] Buffer I/O error on dev loop6, logical block 77, lost async page write [ 987.413273][T12331] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 987.492517][T11103] kworker/u8:15: attempt to access beyond end of device [ 987.492517][T11103] loop6: rw=1, sector=78, nr_sectors = 88 limit=64 [ 987.528632][ T5840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 987.637766][T12331] hsr_slave_0: entered promiscuous mode [ 987.954742][T12331] hsr_slave_1: entered promiscuous mode [ 988.986038][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 988.986076][ T29] audit: type=1326 audit(2000000820.399:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 989.014937][ T29] audit: type=1326 audit(2000000820.399:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 989.658169][T12649] loop5: detected capacity change from 0 to 256 [ 989.665281][T12649] msdos: Bad value for 'tz' [ 989.892106][ T29] audit: type=1326 audit(2000000820.399:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 989.925325][ T29] audit: type=1326 audit(2000000820.399:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 989.947910][ T29] audit: type=1326 audit(2000000820.399:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 989.970803][ T29] audit: type=1326 audit(2000000820.399:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 989.993646][ T29] audit: type=1326 audit(2000000820.399:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 990.016656][ T29] audit: type=1326 audit(2000000820.399:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 990.039159][ T29] audit: type=1326 audit(2000000820.399:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12640 comm="syz.5.1553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 990.069875][T12331] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 990.077576][T12331] Cannot create hsr debugfs directory [ 990.509275][ T3528] bridge_slave_1: left allmulticast mode [ 990.533649][ T3528] bridge_slave_1: left promiscuous mode [ 990.553519][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 990.595587][ T3528] bridge_slave_0: left allmulticast mode [ 990.601295][ T3528] bridge_slave_0: left promiscuous mode [ 990.674333][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 991.804632][ T29] audit: type=1326 audit(2000000823.099:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12655 comm="syz.6.1556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 993.680578][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.692436][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 994.220704][T12207] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 994.336518][ T3528] bridge_slave_1: left allmulticast mode [ 994.353247][ T3528] bridge_slave_1: left promiscuous mode [ 994.359012][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 994.374724][T12207] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 994.390382][T12207] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 994.401246][T12207] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 994.413936][T12207] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 994.422479][T12207] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 994.741791][ T3528] bridge_slave_0: left allmulticast mode [ 994.748376][ T3528] bridge_slave_0: left promiscuous mode [ 994.755256][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 996.491411][T10137] Bluetooth: hci6: command tx timeout [ 997.524477][T12692] input: syz1 as /devices/virtual/input/input26 [ 998.593577][T10137] Bluetooth: hci6: command tx timeout [ 999.054893][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 999.382130][T12708] input: syz1 as /devices/virtual/input/input27 [ 1000.684203][T10137] Bluetooth: hci6: command tx timeout [ 1002.940071][T12207] Bluetooth: hci6: command tx timeout [ 1002.946452][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1002.956535][T12207] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1002.966545][T12207] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1002.975293][T12207] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1002.983393][T12207] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1002.991734][T12207] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1002.999155][T12207] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1003.206173][ T3528] bond0 (unregistering): Released all slaves [ 1003.225252][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1003.310988][T12725] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1003.407360][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1004.935616][ T3528] bond0 (unregistering): Released all slaves [ 1005.242016][T12207] Bluetooth: hci7: command tx timeout [ 1006.530365][T12715] chnl_net:caif_netlink_parms(): no params data found [ 1007.343227][T12207] Bluetooth: hci7: command tx timeout [ 1007.855070][T12665] chnl_net:caif_netlink_parms(): no params data found [ 1008.219911][T12758] loop0: detected capacity change from 0 to 1024 [ 1008.360601][T12758] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1008.400645][ T3528] hsr_slave_0: left promiscuous mode [ 1008.411698][ T3528] hsr_slave_1: left promiscuous mode [ 1008.814066][T12763] sctp: [Deprecated]: syz.5.1576 (pid 12763) Use of int in max_burst socket option deprecated. [ 1008.814066][T12763] Use struct sctp_assoc_value instead [ 1008.839028][T12763] loop5: detected capacity change from 0 to 64 [ 1008.859863][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1009.471692][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1009.511060][T12207] Bluetooth: hci7: command tx timeout [ 1009.707489][ T3528] hsr_slave_0: left promiscuous mode [ 1009.716538][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1009.726044][ T3528] hsr_slave_1: left promiscuous mode [ 1009.748651][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1009.814049][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1010.270071][T12770] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1011.085603][T12774] sctp: [Deprecated]: syz.0.1578 (pid 12774) Use of int in max_burst socket option deprecated. [ 1011.085603][T12774] Use struct sctp_assoc_value instead [ 1011.110214][T12774] loop0: detected capacity change from 0 to 64 [ 1011.270714][T10634] kworker/u8:12: attempt to access beyond end of device [ 1011.270714][T10634] loop5: rw=1, sector=65, nr_sectors = 1 limit=64 [ 1011.284690][T10634] Buffer I/O error on dev loop5, logical block 65, lost async page write [ 1011.293992][T10634] kworker/u8:12: attempt to access beyond end of device [ 1011.293992][T10634] loop5: rw=1, sector=66, nr_sectors = 1 limit=64 [ 1011.307529][T10634] Buffer I/O error on dev loop5, logical block 66, lost async page write [ 1011.316351][T10634] kworker/u8:12: attempt to access beyond end of device [ 1011.316351][T10634] loop5: rw=1, sector=67, nr_sectors = 1 limit=64 [ 1011.330290][T10634] Buffer I/O error on dev loop5, logical block 67, lost async page write [ 1011.339179][T10634] kworker/u8:12: attempt to access beyond end of device [ 1011.339179][T10634] loop5: rw=1, sector=68, nr_sectors = 1 limit=64 [ 1011.497843][T10634] Buffer I/O error on dev loop5, logical block 68, lost async page write [ 1011.605093][T10634] kworker/u8:12: attempt to access beyond end of device [ 1011.605093][T10634] loop5: rw=1, sector=72, nr_sectors = 1 limit=64 [ 1011.644106][T10137] Bluetooth: hci7: command tx timeout [ 1012.137333][T10634] Buffer I/O error on dev loop5, logical block 72, lost async page write [ 1012.175160][T10634] kworker/u8:12: attempt to access beyond end of device [ 1012.175160][T10634] loop5: rw=1, sector=73, nr_sectors = 1 limit=64 [ 1012.234043][T10634] Buffer I/O error on dev loop5, logical block 73, lost async page write [ 1012.253128][T10634] kworker/u8:12: attempt to access beyond end of device [ 1012.253128][T10634] loop5: rw=1, sector=76, nr_sectors = 1 limit=64 [ 1012.266451][T10634] Buffer I/O error on dev loop5, logical block 76, lost async page write [ 1012.277357][T10634] kworker/u8:12: attempt to access beyond end of device [ 1012.277357][T10634] loop5: rw=1, sector=77, nr_sectors = 1 limit=64 [ 1012.291230][T10634] Buffer I/O error on dev loop5, logical block 77, lost async page write [ 1012.300062][T10634] kworker/u8:12: attempt to access beyond end of device [ 1012.300062][T10634] loop5: rw=1, sector=78, nr_sectors = 88 limit=64 [ 1012.484189][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 1014.561354][ T6579] kworker/u8:11: attempt to access beyond end of device [ 1014.561354][ T6579] loop0: rw=1, sector=65, nr_sectors = 1 limit=64 [ 1014.754762][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 1014.754811][ T29] audit: type=1326 audit(2000000846.889:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1015.256927][ T6579] Buffer I/O error on dev loop0, logical block 65, lost async page write [ 1015.284021][ T29] audit: type=1326 audit(2000000846.889:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1015.333254][ T6579] Buffer I/O error on dev loop0, logical block 66, lost async page write [ 1015.344668][ T29] audit: type=1326 audit(2000000846.929:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1015.406756][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 1015.724490][ T29] audit: type=1326 audit(2000000846.929:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1015.747371][ T29] audit: type=1326 audit(2000000846.929:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1015.773378][ T29] audit: type=1326 audit(2000000846.929:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1015.803710][ T29] audit: type=1326 audit(2000000846.929:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1016.145835][ T29] audit: type=1326 audit(2000000846.929:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1016.168519][ T29] audit: type=1326 audit(2000000846.929:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1016.191434][ T29] audit: type=1326 audit(2000000846.939:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.6.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f56f8b85d63 code=0x7ffc0000 [ 1016.318521][T12799] loop6: detected capacity change from 0 to 256 [ 1016.388915][T12801] loop0: detected capacity change from 0 to 256 [ 1016.573915][T12801] FAT-fs (loop0): Directory bread(block 64) failed [ 1016.582027][T12801] FAT-fs (loop0): Directory bread(block 65) failed [ 1016.590446][T12801] FAT-fs (loop0): Directory bread(block 66) failed [ 1016.952945][T12801] FAT-fs (loop0): Directory bread(block 67) failed [ 1016.960741][T12801] FAT-fs (loop0): Directory bread(block 68) failed [ 1016.969330][T12801] FAT-fs (loop0): Directory bread(block 69) failed [ 1016.981676][T12799] FAT-fs (loop6): Directory bread(block 64) failed [ 1016.984201][T12801] FAT-fs (loop0): Directory bread(block 70) failed [ 1016.993250][T12799] FAT-fs (loop6): Directory bread(block 65) failed [ 1017.482883][T12801] FAT-fs (loop0): Directory bread(block 71) failed [ 1017.493684][T12801] FAT-fs (loop0): Directory bread(block 72) failed [ 1017.512348][T12799] FAT-fs (loop6): Directory bread(block 66) failed [ 1017.520262][T12801] FAT-fs (loop0): Directory bread(block 73) failed [ 1017.527396][T12799] FAT-fs (loop6): Directory bread(block 67) failed [ 1017.534866][T12799] FAT-fs (loop6): Directory bread(block 68) failed [ 1017.541439][T12799] FAT-fs (loop6): Directory bread(block 69) failed [ 1017.558379][T12808] loop5: detected capacity change from 0 to 256 [ 1017.565664][T12808] msdos: Bad value for 'tz' [ 1017.607715][T12799] FAT-fs (loop6): Directory bread(block 70) failed [ 1017.636577][T12799] FAT-fs (loop6): Directory bread(block 71) failed [ 1017.647090][T12799] FAT-fs (loop6): Directory bread(block 72) failed [ 1017.656893][T12799] FAT-fs (loop6): Directory bread(block 73) failed [ 1019.373681][T12818] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1022.105816][T12834] loop6: detected capacity change from 0 to 128 [ 1025.581450][T12856] CIFS: Unable to determine destination address [ 1025.792185][T12859] loop0: detected capacity change from 0 to 512 [ 1025.814428][T12859] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1027.213555][T12859] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1602: invalid indirect mapped block 4294967295 (level 0) [ 1027.241181][T12859] EXT4-fs (loop0): Remounting filesystem read-only [ 1027.256835][T12859] EXT4-fs (loop0): 1 orphan inode deleted [ 1027.312254][T12859] EXT4-fs (loop0): 1 truncate cleaned up [ 1027.319111][T12859] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1027.490084][T12868] CIFS: Unable to determine destination address [ 1027.929071][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 1027.968273][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1028.773208][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 1029.516501][T12880] loop2: detected capacity change from 0 to 512 [ 1029.605880][T12880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1029.618568][T12880] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1030.325092][ T5831] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1030.743786][T12890] loop6: detected capacity change from 0 to 128 [ 1032.727393][T12894] input: syz1 as /devices/virtual/input/input29 [ 1034.323870][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 1034.323923][ T29] audit: type=1326 audit(2000000866.449:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1034.726450][T12908] loop0: detected capacity change from 0 to 256 [ 1034.745517][T12908] msdos: Bad value for 'tz' [ 1034.904543][ T29] audit: type=1326 audit(2000000866.449:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1035.505751][ T29] audit: type=1326 audit(2000000866.489:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1035.727538][ T29] audit: type=1326 audit(2000000866.489:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1036.088572][ T29] audit: type=1326 audit(2000000866.489:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1036.114064][ T29] audit: type=1326 audit(2000000866.489:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1036.263846][ T29] audit: type=1326 audit(2000000866.489:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1036.292290][ T29] audit: type=1326 audit(2000000866.499:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fbd20185d29 code=0x7ffc0000 [ 1037.073056][T12715] bridge0: port 1(bridge_slave_0) entered blocking state [ 1037.103487][T12715] bridge0: port 1(bridge_slave_0) entered disabled state [ 1037.111178][T12715] bridge_slave_0: entered allmulticast mode [ 1037.154522][T12715] bridge_slave_0: entered promiscuous mode [ 1037.489279][T12928] loop0: detected capacity change from 0 to 512 [ 1037.607513][T12932] loop6: detected capacity change from 0 to 512 [ 1038.231609][T12928] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1038.567390][T12932] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1038.580662][T12932] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1038.753451][T12928] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1617: invalid indirect mapped block 4294967295 (level 0) [ 1038.850918][T12715] bridge0: port 2(bridge_slave_1) entered blocking state [ 1038.932278][T12715] bridge0: port 2(bridge_slave_1) entered disabled state [ 1038.939849][T12928] EXT4-fs (loop0): Remounting filesystem read-only [ 1038.952690][T12928] EXT4-fs (loop0): 1 orphan inode deleted [ 1039.012194][ T6874] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1039.069262][T12928] EXT4-fs (loop0): 1 truncate cleaned up [ 1039.237828][T12715] bridge_slave_1: entered allmulticast mode [ 1039.250656][T12928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1039.325143][T12942] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1039.414986][T12715] bridge_slave_1: entered promiscuous mode [ 1039.658967][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1039.990063][T12948] input: syz1 as /devices/virtual/input/input30 [ 1040.954018][T12955] loop5: detected capacity change from 0 to 128 [ 1041.256258][T12715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1043.234134][T12665] bridge0: port 1(bridge_slave_0) entered blocking state [ 1043.241682][T12665] bridge0: port 1(bridge_slave_0) entered disabled state [ 1043.289882][T12665] bridge_slave_0: entered allmulticast mode [ 1043.766018][T12964] input: syz1 as /devices/virtual/input/input31 [ 1044.366674][T12665] bridge_slave_0: entered promiscuous mode [ 1045.046884][T12715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1045.364115][T12665] bridge0: port 2(bridge_slave_1) entered blocking state [ 1045.371334][T12665] bridge0: port 2(bridge_slave_1) entered disabled state [ 1045.378954][T12665] bridge_slave_1: entered allmulticast mode [ 1045.386844][T12665] bridge_slave_1: entered promiscuous mode [ 1046.745371][T12979] loop5: detected capacity change from 0 to 256 [ 1047.520079][T12979] FAT-fs (loop5): Directory bread(block 64) failed [ 1047.527961][T12979] FAT-fs (loop5): Directory bread(block 65) failed [ 1048.200452][T12979] FAT-fs (loop5): Directory bread(block 66) failed [ 1048.242201][T12715] team0: Port device team_slave_0 added [ 1048.263364][T12979] FAT-fs (loop5): Directory bread(block 67) failed [ 1048.270035][T12979] FAT-fs (loop5): Directory bread(block 68) failed [ 1048.280684][T12979] FAT-fs (loop5): Directory bread(block 69) failed [ 1048.287571][T12979] FAT-fs (loop5): Directory bread(block 70) failed [ 1048.298893][T12665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1048.337610][T12979] FAT-fs (loop5): Directory bread(block 71) failed [ 1048.344357][T12979] FAT-fs (loop5): Directory bread(block 72) failed [ 1048.350904][T12979] FAT-fs (loop5): Directory bread(block 73) failed [ 1048.362447][T12715] team0: Port device team_slave_1 added [ 1048.605721][T12715] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1048.616145][T12715] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1048.674608][T12715] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1048.688577][T12715] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1048.695682][T12715] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1048.721963][T12715] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1049.411587][T12715] hsr_slave_0: entered promiscuous mode [ 1049.799880][T12994] loop0: detected capacity change from 0 to 512 [ 1049.885964][T12715] hsr_slave_1: entered promiscuous mode [ 1049.920725][T12994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1049.933571][T12994] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1049.983334][T12715] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1049.990973][T12715] Cannot create hsr debugfs directory [ 1051.224630][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1051.629413][T12715] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1051.664708][T12207] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1051.676697][T13011] loop2: detected capacity change from 0 to 256 [ 1051.713081][T12207] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1051.840559][T13011] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1051.853406][T12207] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1051.885364][T13009] loop5: detected capacity change from 0 to 2048 [ 1051.912230][T13009] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=787, location=787 [ 1052.038019][T12715] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1053.660101][T13009] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1053.714893][T12715] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1053.722167][T12207] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1053.888776][T12207] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1053.897115][T12207] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1053.934558][T13024] input: syz1 as /devices/virtual/input/input32 [ 1053.943957][T13009] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=1043, location=1043 [ 1053.980518][T13009] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=787, location=787 [ 1054.006151][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.012572][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.035529][T12715] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1054.052457][T13009] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1054.113801][T13009] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=1043, location=1043 [ 1054.145582][ T3528] bridge_slave_1: left allmulticast mode [ 1054.151283][ T3528] bridge_slave_1: left promiscuous mode [ 1054.159779][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 1054.181199][T13009] UDF-fs: warning (device loop5): udf_fill_super: No partition found (1) [ 1054.319487][ T3528] bridge_slave_0: left allmulticast mode [ 1054.357775][ T3528] bridge_slave_0: left promiscuous mode [ 1054.424691][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 1055.825355][ T3528] bridge_slave_1: left allmulticast mode [ 1055.831061][ T3528] bridge_slave_1: left promiscuous mode [ 1055.888861][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 1056.003531][T12207] Bluetooth: hci2: command tx timeout [ 1056.020145][ T3528] bridge_slave_0: left allmulticast mode [ 1056.043233][ T3528] bridge_slave_0: left promiscuous mode [ 1056.069279][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 1056.219298][ T3528] bridge_slave_1: left allmulticast mode [ 1056.373217][ T3528] bridge_slave_1: left promiscuous mode [ 1056.379284][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 1056.471446][T13045] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1056.540040][T13044] loop6: detected capacity change from 0 to 512 [ 1056.801101][T13044] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1056.814188][T13044] ext4 filesystem being mounted at /239/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1057.168226][ T3528] bridge_slave_0: left allmulticast mode [ 1057.176878][ T6874] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1057.253030][ T3528] bridge_slave_0: left promiscuous mode [ 1057.259489][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 1058.705452][T12207] Bluetooth: hci2: command tx timeout [ 1060.743009][T12207] Bluetooth: hci2: command tx timeout [ 1061.516619][T13079] loop0: detected capacity change from 0 to 256 [ 1061.902647][T13079] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1062.129034][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1062.165921][ T3528] bond0 (unregistering): Released all slaves [ 1062.180023][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1062.191397][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1062.202393][ T3528] bond0 (unregistering): Released all slaves [ 1062.953429][T12207] Bluetooth: hci2: command tx timeout [ 1062.959654][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1063.013697][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1063.264298][T13091] CIFS: Unable to determine destination address [ 1063.986699][ T3528] bond0 (unregistering): Released all slaves [ 1067.484910][T13112] loop6: detected capacity change from 0 to 512 [ 1067.492826][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1067.526816][T10137] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1068.338963][T10137] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1068.442658][T10137] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1068.455936][T13112] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1068.470335][T13112] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1068.550571][T10137] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1068.951239][T13118] loop2: detected capacity change from 0 to 1024 [ 1068.971178][T10137] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1068.984125][ T6874] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1069.226395][ T3528] hsr_slave_0: left promiscuous mode [ 1069.452895][ T3528] hsr_slave_1: left promiscuous mode [ 1069.563667][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1069.619174][T13129] loop6: detected capacity change from 0 to 1024 [ 1069.655146][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1069.766291][ T3528] hsr_slave_0: left promiscuous mode [ 1069.835502][T13129] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1069.987122][ T3528] hsr_slave_1: left promiscuous mode [ 1070.168111][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1070.260070][ T3528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1070.694688][T13140] loop2: detected capacity change from 0 to 256 [ 1071.062680][T13140] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1071.394138][T12207] Bluetooth: hci4: command tx timeout [ 1071.848989][T13146] loop5: detected capacity change from 0 to 256 [ 1072.730114][T13146] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1073.446693][T12207] Bluetooth: hci4: command tx timeout [ 1074.044695][ T29] audit: type=1800 audit(2000000906.179:310): pid=13156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1666" name="file1" dev="loop5" ino=1048675 res=0 errno=0 [ 1074.778984][T13165] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1076.263877][T12207] Bluetooth: hci4: command tx timeout [ 1076.574304][T13174] loop2: detected capacity change from 0 to 128 [ 1076.626072][T13176] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1078.324879][T12207] Bluetooth: hci4: command tx timeout [ 1079.526324][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 1080.607512][ T6874] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1080.616663][T13190] CIFS: Unable to determine destination address [ 1081.645142][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 1082.433263][T13204] CIFS: Unable to determine destination address [ 1083.624181][T13206] CIFS: Unable to determine destination address [ 1084.896877][ T29] audit: type=1326 audit(2000000917.019:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13210 comm="syz.6.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1085.731919][ T29] audit: type=1326 audit(2000000917.019:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13210 comm="syz.6.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1085.758418][ T29] audit: type=1326 audit(2000000917.029:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13210 comm="syz.6.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f56f8b85d29 code=0x7ffc0000 [ 1087.647507][T13230] sctp: [Deprecated]: syz.0.1684 (pid 13230) Use of int in max_burst socket option deprecated. [ 1087.647507][T13230] Use struct sctp_assoc_value instead [ 1087.672390][T13230] loop0: detected capacity change from 0 to 64 [ 1087.966410][ T3528] team0 (unregistering): Port device team_slave_1 removed [ 1088.332854][ T6009] bio_check_eod: 8 callbacks suppressed [ 1088.332879][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1088.332879][ T6009] loop0: rw=1, sector=65, nr_sectors = 1 limit=64 [ 1088.397281][ T6009] buffer_io_error: 6 callbacks suppressed [ 1088.397301][ T6009] Buffer I/O error on dev loop0, logical block 65, lost async page write [ 1088.417133][ T3528] team0 (unregistering): Port device team_slave_0 removed [ 1088.425261][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1088.425261][ T6009] loop0: rw=1, sector=66, nr_sectors = 1 limit=64 [ 1088.894110][T13237] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1089.389246][ T6009] Buffer I/O error on dev loop0, logical block 66, lost async page write [ 1089.399653][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1089.399653][ T6009] loop0: rw=1, sector=67, nr_sectors = 1 limit=64 [ 1089.412944][ T6009] Buffer I/O error on dev loop0, logical block 67, lost async page write [ 1089.421711][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1089.421711][ T6009] loop0: rw=1, sector=68, nr_sectors = 1 limit=64 [ 1089.435147][ T6009] Buffer I/O error on dev loop0, logical block 68, lost async page write [ 1089.675087][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1089.675087][ T6009] loop0: rw=1, sector=72, nr_sectors = 1 limit=64 [ 1090.516901][ T6009] Buffer I/O error on dev loop0, logical block 72, lost async page write [ 1090.595308][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1090.595308][ T6009] loop0: rw=1, sector=73, nr_sectors = 1 limit=64 [ 1090.620030][ T6009] Buffer I/O error on dev loop0, logical block 73, lost async page write [ 1090.657373][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1090.657373][ T6009] loop0: rw=1, sector=76, nr_sectors = 1 limit=64 [ 1090.674132][ T6009] Buffer I/O error on dev loop0, logical block 76, lost async page write [ 1090.682690][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1090.682690][ T6009] loop0: rw=1, sector=77, nr_sectors = 1 limit=64 [ 1090.698073][ T6009] Buffer I/O error on dev loop0, logical block 77, lost async page write [ 1090.706948][ T6009] kworker/u8:8: attempt to access beyond end of device [ 1090.706948][ T6009] loop0: rw=1, sector=78, nr_sectors = 88 limit=64 [ 1091.116399][T13248] CIFS: Unable to determine destination address [ 1092.916909][T13258] input: syz1 as /devices/virtual/input/input34 [ 1096.416524][T13272] loop0: detected capacity change from 0 to 256 [ 1096.476939][T13272] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1096.527597][T13276] loop5: detected capacity change from 0 to 256 [ 1098.132443][T13286] CIFS: Unable to determine destination address [ 1098.911357][ T29] audit: type=1800 audit(2000000929.909:314): pid=13283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1695" name="file1" dev="loop0" ino=1048677 res=0 errno=0 [ 1099.029053][T13276] FAT-fs (loop5): Directory bread(block 64) failed [ 1099.038518][T13006] chnl_net:caif_netlink_parms(): no params data found [ 1099.091734][T13276] FAT-fs (loop5): Directory bread(block 65) failed [ 1099.202951][T13276] FAT-fs (loop5): Directory bread(block 66) failed [ 1099.209950][T13276] FAT-fs (loop5): Directory bread(block 67) failed [ 1099.473900][T13276] FAT-fs (loop5): Directory bread(block 68) failed [ 1099.480969][T13276] FAT-fs (loop5): Directory bread(block 69) failed [ 1100.359520][T13276] FAT-fs (loop5): Directory bread(block 70) failed [ 1100.381656][T13276] FAT-fs (loop5): Directory bread(block 71) failed [ 1100.399928][T13276] FAT-fs (loop5): Directory bread(block 72) failed [ 1100.474368][T13276] FAT-fs (loop5): Directory bread(block 73) failed [ 1100.487869][T13006] bridge0: port 1(bridge_slave_0) entered blocking state [ 1100.505768][T13006] bridge0: port 1(bridge_slave_0) entered disabled state [ 1100.565394][T13006] bridge_slave_0: entered allmulticast mode [ 1100.585125][T13006] bridge_slave_0: entered promiscuous mode [ 1100.728287][T13006] bridge0: port 2(bridge_slave_1) entered blocking state [ 1100.819525][T13006] bridge0: port 2(bridge_slave_1) entered disabled state [ 1100.827857][T13006] bridge_slave_1: entered allmulticast mode [ 1100.836029][T13006] bridge_slave_1: entered promiscuous mode [ 1102.857730][T13006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1103.008270][T13316] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1103.057753][T13006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1103.149832][T13318] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 1104.795602][T13006] team0: Port device team_slave_0 added [ 1104.899692][T13006] team0: Port device team_slave_1 added [ 1104.913895][T13104] chnl_net:caif_netlink_parms(): no params data found [ 1105.290180][T13329] sctp: [Deprecated]: syz.6.1706 (pid 13329) Use of int in max_burst socket option deprecated. [ 1105.290180][T13329] Use struct sctp_assoc_value instead [ 1105.314415][T13329] loop6: detected capacity change from 0 to 64 [ 1105.920134][T10636] kworker/u8:13: attempt to access beyond end of device [ 1105.920134][T10636] loop6: rw=1, sector=65, nr_sectors = 1 limit=64 [ 1105.965453][T10636] Buffer I/O error on dev loop6, logical block 65, lost async page write [ 1105.974703][T10636] kworker/u8:13: attempt to access beyond end of device [ 1105.974703][T10636] loop6: rw=1, sector=66, nr_sectors = 1 limit=64 [ 1105.988514][T10636] Buffer I/O error on dev loop6, logical block 66, lost async page write [ 1105.997935][T10636] kworker/u8:13: attempt to access beyond end of device [ 1105.997935][T10636] loop6: rw=1, sector=67, nr_sectors = 1 limit=64 [ 1106.011454][T10636] Buffer I/O error on dev loop6, logical block 67, lost async page write [ 1106.742106][T10636] kworker/u8:13: attempt to access beyond end of device [ 1106.742106][T10636] loop6: rw=1, sector=68, nr_sectors = 1 limit=64 [ 1106.755849][T10636] Buffer I/O error on dev loop6, logical block 68, lost async page write [ 1106.764545][T10636] kworker/u8:13: attempt to access beyond end of device [ 1106.764545][T10636] loop6: rw=1, sector=72, nr_sectors = 1 limit=64 [ 1106.777885][T10636] Buffer I/O error on dev loop6, logical block 72, lost async page write [ 1106.786482][T10636] kworker/u8:13: attempt to access beyond end of device [ 1106.786482][T10636] loop6: rw=1, sector=73, nr_sectors = 1 limit=64 [ 1106.799798][T10636] Buffer I/O error on dev loop6, logical block 73, lost async page write [ 1106.808930][T10636] kworker/u8:13: attempt to access beyond end of device [ 1106.808930][T10636] loop6: rw=1, sector=76, nr_sectors = 1 limit=64 [ 1106.822660][T10636] Buffer I/O error on dev loop6, logical block 76, lost async page write [ 1106.831230][T10636] kworker/u8:13: attempt to access beyond end of device [ 1106.831230][T10636] loop6: rw=1, sector=77, nr_sectors = 1 limit=64 [ 1106.844582][T10636] Buffer I/O error on dev loop6, logical block 77, lost async page write [ 1106.853366][T10636] kworker/u8:13: attempt to access beyond end of device [ 1106.853366][T10636] loop6: rw=1, sector=78, nr_sectors = 88 limit=64 [ 1107.246263][T13006] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1107.543283][T13006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1107.709745][T13006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1108.174649][T13353] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1110.490461][T13104] bridge0: port 1(bridge_slave_0) entered blocking state [ 1110.507981][T13104] bridge0: port 1(bridge_slave_0) entered disabled state [ 1110.528023][T13104] bridge_slave_0: entered allmulticast mode [ 1110.557129][T13104] bridge_slave_0: entered promiscuous mode [ 1110.589569][T13006] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1110.600995][T13006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1110.673301][T13006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1110.815503][T13104] bridge0: port 2(bridge_slave_1) entered blocking state [ 1110.849411][T13104] bridge0: port 2(bridge_slave_1) entered disabled state [ 1110.922931][T13104] bridge_slave_1: entered allmulticast mode [ 1110.974497][T13104] bridge_slave_1: entered promiscuous mode [ 1111.542770][T13104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1111.679838][T13104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1112.124226][T13104] team0: Port device team_slave_0 added [ 1112.235902][T13104] team0: Port device team_slave_1 added [ 1113.443047][T13368] loop5: detected capacity change from 0 to 1024 [ 1113.486299][T13104] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1113.533661][T13104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1113.681299][T13368] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1113.754445][T13104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1113.891944][T10137] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1113.902999][T10137] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1113.912300][T10137] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1113.921882][T10137] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1114.048752][T10137] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1114.056750][T10137] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1115.054552][T12207] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1115.076846][T12207] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1115.085828][T12207] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1115.098058][T12207] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1115.167241][T13383] CIFS: Unable to determine destination address [ 1115.746745][T13104] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1115.846004][T13104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1115.885669][T12207] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1115.893054][T12207] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1115.993338][T13104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1116.013711][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.021835][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.172977][T10137] Bluetooth: hci2: command tx timeout [ 1116.817958][T13104] hsr_slave_0: entered promiscuous mode [ 1116.849561][T13104] hsr_slave_1: entered promiscuous mode [ 1117.106061][ T5840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1118.181996][T10137] Bluetooth: hci6: command tx timeout [ 1118.254259][T10137] Bluetooth: hci2: command tx timeout [ 1118.962388][T13401] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1120.246067][T10137] Bluetooth: hci6: command tx timeout [ 1121.363558][T10137] Bluetooth: hci2: command tx timeout [ 1121.496090][T13418] loop5: detected capacity change from 0 to 256 [ 1121.512723][T13418] exfat: Bad value for 'gid' [ 1121.517433][T13418] exfat: Bad value for 'gid' [ 1122.594119][T10137] Bluetooth: hci6: command tx timeout [ 1123.093440][T13372] chnl_net:caif_netlink_parms(): no params data found [ 1123.453470][T10137] Bluetooth: hci2: command tx timeout [ 1124.761165][T10137] Bluetooth: hci6: command tx timeout [ 1125.193805][T13451] loop5: detected capacity change from 0 to 1024 [ 1125.736304][T13372] bridge0: port 1(bridge_slave_0) entered blocking state [ 1125.783903][T13372] bridge0: port 1(bridge_slave_0) entered disabled state [ 1125.791643][T13372] bridge_slave_0: entered allmulticast mode [ 1125.890304][T13372] bridge_slave_0: entered promiscuous mode [ 1125.926704][T13372] bridge0: port 2(bridge_slave_1) entered blocking state [ 1125.937899][T10137] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1125.959027][T10137] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1125.968831][T10137] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1125.979704][T10137] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1125.987348][T10137] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1125.994799][T10137] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1126.068966][T13372] bridge0: port 2(bridge_slave_1) entered disabled state [ 1126.103589][T13372] bridge_slave_1: entered allmulticast mode [ 1126.138343][T13372] bridge_slave_1: entered promiscuous mode [ 1126.578813][ T3528] bridge_slave_1: left allmulticast mode [ 1126.610717][ T3528] bridge_slave_1: left promiscuous mode [ 1126.642006][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 1126.739359][ T29] audit: type=1326 audit(2000000958.849:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1126.859745][T13475] loop5: detected capacity change from 0 to 256 [ 1126.870082][T13475] msdos: Bad value for 'tz' [ 1127.094210][ T3528] bridge_slave_0: left allmulticast mode [ 1127.439798][ T3528] bridge_slave_0: left promiscuous mode [ 1127.480462][ T29] audit: type=1326 audit(2000000958.849:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.504974][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 1127.598039][ T3528] bridge_slave_1: left allmulticast mode [ 1127.627923][ T3528] bridge_slave_1: left promiscuous mode [ 1127.666344][ T3528] bridge0: port 2(bridge_slave_1) entered disabled state [ 1127.705034][ T3528] bridge_slave_0: left allmulticast mode [ 1127.710744][ T3528] bridge_slave_0: left promiscuous mode [ 1127.803563][ T29] audit: type=1326 audit(2000000958.849:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.832538][ T29] audit: type=1326 audit(2000000958.849:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.866875][ T3528] bridge0: port 1(bridge_slave_0) entered disabled state [ 1127.874545][ T29] audit: type=1326 audit(2000000958.859:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.897442][ T29] audit: type=1326 audit(2000000958.859:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.920322][ T29] audit: type=1326 audit(2000000958.859:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.942863][ T29] audit: type=1326 audit(2000000958.859:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.965602][ T29] audit: type=1326 audit(2000000958.859:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1127.989293][ T29] audit: type=1326 audit(2000000958.859:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d18f85d29 code=0x7ffc0000 [ 1128.083913][T10137] Bluetooth: hci0: command tx timeout [ 1129.184698][T13487] sctp: [Deprecated]: syz.0.1733 (pid 13487) Use of int in max_burst socket option deprecated. [ 1129.184698][T13487] Use struct sctp_assoc_value instead [ 1129.209284][T13487] loop0: detected capacity change from 0 to 64 [ 1129.547567][T13494] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1130.271342][T10137] Bluetooth: hci0: command tx timeout [ 1130.669983][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1130.680464][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1130.680464][ T6020] loop0: rw=1, sector=65, nr_sectors = 1 limit=64 [ 1130.718049][ T6020] Buffer I/O error on dev loop0, logical block 65, lost async page write [ 1130.727331][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1130.727331][ T6020] loop0: rw=1, sector=66, nr_sectors = 1 limit=64 [ 1130.741616][ T6020] Buffer I/O error on dev loop0, logical block 66, lost async page write [ 1130.750226][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1130.750226][ T6020] loop0: rw=1, sector=67, nr_sectors = 1 limit=64 [ 1130.765417][ T6020] Buffer I/O error on dev loop0, logical block 67, lost async page write [ 1130.781269][ T3528] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1130.787376][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1130.787376][ T6020] loop0: rw=1, sector=68, nr_sectors = 1 limit=64 [ 1130.922115][T13511] 9pnet_fd: Insufficient options for proto=fd [ 1131.773904][ T6020] Buffer I/O error on dev loop0, logical block 68, lost async page write [ 1131.782490][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1131.782490][ T6020] loop0: rw=1, sector=72, nr_sectors = 1 limit=64 [ 1131.823231][ T6020] Buffer I/O error on dev loop0, logical block 72, lost async page write [ 1131.831790][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1131.831790][ T6020] loop0: rw=1, sector=73, nr_sectors = 1 limit=64 [ 1131.845424][ T6020] Buffer I/O error on dev loop0, logical block 73, lost async page write [ 1132.067805][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1132.067805][ T6020] loop0: rw=1, sector=76, nr_sectors = 1 limit=64 [ 1132.093648][ T6020] Buffer I/O error on dev loop0, logical block 76, lost async page write [ 1132.102622][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1132.102622][ T6020] loop0: rw=1, sector=77, nr_sectors = 1 limit=64 [ 1132.149611][ T6020] Buffer I/O error on dev loop0, logical block 77, lost async page write [ 1132.301650][ T3528] bond0 (unregistering): Released all slaves [ 1132.336738][T12207] Bluetooth: hci0: command tx timeout [ 1132.347451][ T6020] kworker/u8:9: attempt to access beyond end of device [ 1132.347451][ T6020] loop0: rw=1, sector=78, nr_sectors = 88 limit=64 [ 1132.560270][T13519] loop6: detected capacity change from 0 to 256 [ 1132.644660][T13519] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1132.666262][ T3528] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1132.747073][T13464] [ 1132.749464][T13464] ============================= [ 1132.754315][T13464] [ BUG: Invalid wait context ] [ 1132.759163][T13464] 6.13.0-rc5-syzkaller #0 Not tainted [ 1132.764533][T13464] ----------------------------- [ 1132.769379][T13464] kworker/0:1/13464 is trying to lock: [ 1132.774843][T13464] ffff8880b873e8d8 (&dev->vblank_time_lock){-.-.}-{3:3}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 1132.785353][T13464] other info that might help us debug this: [ 1132.791234][T13464] context-{5:5} [ 1132.794684][T13464] 4 locks held by kworker/0:1/13464: [ 1132.799964][T13464] #0: ffff88801ac7a948 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 1132.810973][T13464] #1: ffffc9000495fd00 ((work_completion)(&sdp->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 1132.822691][T13464] #2: ffffc90000bc7a30 (&x->wait#10){....}-{2:2}, at: complete+0x28/0x1c0 [ 1132.831350][T13464] #3: ffff88801e6f6418 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0xc2/0x1470 [ 1132.840608][T13464] stack backtrace: [ 1132.844318][T13464] CPU: 0 UID: 0 PID: 13464 Comm: kworker/0:1 Not tainted 6.13.0-rc5-syzkaller #0 [ 1132.853428][T13464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1132.863480][T13464] Workqueue: rcu_gp srcu_invoke_callbacks [ 1132.869216][T13464] Call Trace: [ 1132.872498][T13464] [ 1132.875425][T13464] dump_stack_lvl+0x241/0x360 [ 1132.880124][T13464] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1132.885339][T13464] ? __pfx__printk+0x10/0x10 [ 1132.889947][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1132.895587][T13464] __lock_acquire+0x15a8/0x2100 [ 1132.900456][T13464] lock_acquire+0x1ed/0x550 [ 1132.904966][T13464] ? raw_spin_rq_lock_nested+0x2a/0x140 [ 1132.910534][T13464] ? __pfx_lock_acquire+0x10/0x10 [ 1132.915562][T13464] ? select_task_rq_fair+0x3b4/0x3b60 [ 1132.920941][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1132.926662][T13464] ? select_task_rq_fair+0x792/0x3b60 [ 1132.932040][T13464] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1132.937410][T13464] ? select_task_rq_fair+0x3b4/0x3b60 [ 1132.942787][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1132.948426][T13464] _raw_spin_lock_nested+0x31/0x40 [ 1132.953552][T13464] ? raw_spin_rq_lock_nested+0x2a/0x140 [ 1132.959115][T13464] raw_spin_rq_lock_nested+0x2a/0x140 [ 1132.964507][T13464] try_to_wake_up+0x7e2/0x1470 [ 1132.969277][T13464] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1132.974652][T13464] ? __pfx_try_to_wake_up+0x10/0x10 [ 1132.979856][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1132.985493][T13464] ? _raw_spin_lock_irqsave+0xe1/0x120 [ 1132.990963][T13464] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 1132.996865][T13464] ? srcu_invoke_callbacks+0x2ac/0x490 [ 1133.002339][T13464] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 1133.008175][T13464] complete+0xac/0x1c0 [ 1133.012252][T13464] ? srcu_invoke_callbacks+0x2ac/0x490 [ 1133.017723][T13464] srcu_invoke_callbacks+0x239/0x490 [ 1133.023020][T13464] ? __pfx_lock_acquire+0x10/0x10 [ 1133.028056][T13464] ? __pfx_srcu_invoke_callbacks+0x10/0x10 [ 1133.033886][T13464] ? process_scheduled_works+0x976/0x1840 [ 1133.039607][T13464] process_scheduled_works+0xa68/0x1840 [ 1133.045167][T13464] ? __pfx_process_scheduled_works+0x10/0x10 [ 1133.051151][T13464] ? assign_work+0x364/0x3d0 [ 1133.055745][T13464] worker_thread+0x870/0xd30 [ 1133.060342][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.065980][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.071612][T13464] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1133.077520][T13464] ? __kthread_parkme+0x169/0x1d0 [ 1133.082556][T13464] ? __pfx_worker_thread+0x10/0x10 [ 1133.087672][T13464] kthread+0x2f2/0x390 [ 1133.091756][T13464] ? __pfx_worker_thread+0x10/0x10 [ 1133.096896][T13464] ? __pfx_kthread+0x10/0x10 [ 1133.101516][T13464] ret_from_fork+0x4d/0x80 [ 1133.105950][T13464] ? __pfx_kthread+0x10/0x10 [ 1133.110550][T13464] ret_from_fork_asm+0x1a/0x30 [ 1133.115321][T13464] [ 1133.118354][T13464] BUG: unable to handle page fault for address: fffffbfff3f8171b [ 1133.126079][T13464] #PF: supervisor read access in kernel mode [ 1133.132051][T13464] #PF: error_code(0x0000) - not-present page [ 1133.138031][T13464] PGD 23ffe4067 P4D 23ffe4067 PUD 23ffe3067 PMD 0 [ 1133.144570][T13464] Oops: Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 1133.150808][T13464] CPU: 0 UID: 0 PID: 13464 Comm: kworker/0:1 Not tainted 6.13.0-rc5-syzkaller #0 [ 1133.159924][T13464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1133.169999][T13464] Workqueue: rcu_gp srcu_invoke_callbacks [ 1133.175764][T13464] RIP: 0010:kasan_check_range+0x82/0x290 [ 1133.181427][T13464] Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 [ 1133.201062][T13464] RSP: 0018:ffffc9000495f640 EFLAGS: 00010086 [ 1133.207151][T13464] RAX: 000000000172ce01 RBX: 1ffffffff3f8171b RCX: ffffffff817ac174 [ 1133.215129][T13464] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff9fc0b8d8 [ 1133.223112][T13464] RBP: ffffffffffffffff R08: ffffffff9fc0b8df R09: 1ffffffff3f8171b [ 1133.231190][T13464] R10: dffffc0000000000 R11: fffffbfff3f8171b R12: ffff88802f978ac4 [ 1133.239167][T13464] R13: ffff88802f978000 R14: dffffc0000000001 R15: fffffbfff3f8171c [ 1133.247147][T13464] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1133.256078][T13464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1133.262657][T13464] CR2: fffffbfff3f8171b CR3: 000000005e986000 CR4: 0000000000350ef0 [ 1133.270636][T13464] Call Trace: [ 1133.273913][T13464] [ 1133.276840][T13464] ? __die_body+0x5f/0xb0 [ 1133.281183][T13464] ? page_fault_oops+0x8e4/0xcc0 [ 1133.286139][T13464] ? __pfx_page_fault_oops+0x10/0x10 [ 1133.291444][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.297086][T13464] ? is_prefetch+0x4f6/0x780 [ 1133.301694][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.307337][T13464] ? _printk+0xd5/0x120 [ 1133.311507][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.317146][T13464] ? __pfx_is_prefetch+0x10/0x10 [ 1133.322102][T13464] ? __bad_area_nosemaphore+0x118/0x770 [ 1133.327669][T13464] ? __pfx___bad_area_nosemaphore+0x10/0x10 [ 1133.333580][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.339218][T13464] ? spurious_kernel_fault+0x119/0x5a0 [ 1133.344689][T13464] ? do_kern_addr_fault+0x30/0x80 [ 1133.349728][T13464] ? exc_page_fault+0x5c8/0x8b0 [ 1133.354593][T13464] ? __printk_cpu_sync_put+0x67/0x80 [ 1133.359885][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.365521][T13464] ? asm_exc_page_fault+0x26/0x30 [ 1133.370562][T13464] ? __lock_acquire+0xc94/0x2100 [ 1133.375506][T13464] ? kasan_check_range+0x82/0x290 [ 1133.380542][T13464] __lock_acquire+0xc94/0x2100 [ 1133.385321][T13464] lock_acquire+0x1ed/0x550 [ 1133.389828][T13464] ? raw_spin_rq_lock_nested+0x2a/0x140 [ 1133.395397][T13464] ? __pfx_lock_acquire+0x10/0x10 [ 1133.400432][T13464] ? select_task_rq_fair+0x3b4/0x3b60 [ 1133.405817][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.411458][T13464] ? select_task_rq_fair+0x792/0x3b60 [ 1133.416837][T13464] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1133.422211][T13464] ? select_task_rq_fair+0x3b4/0x3b60 [ 1133.427594][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.433234][T13464] _raw_spin_lock_nested+0x31/0x40 [ 1133.438353][T13464] ? raw_spin_rq_lock_nested+0x2a/0x140 [ 1133.443915][T13464] raw_spin_rq_lock_nested+0x2a/0x140 [ 1133.449301][T13464] try_to_wake_up+0x7e2/0x1470 [ 1133.454072][T13464] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1133.459448][T13464] ? __pfx_try_to_wake_up+0x10/0x10 [ 1133.464652][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.470286][T13464] ? _raw_spin_lock_irqsave+0xe1/0x120 [ 1133.475754][T13464] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 1133.481654][T13464] ? srcu_invoke_callbacks+0x2ac/0x490 [ 1133.487130][T13464] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 1133.492953][T13464] complete+0xac/0x1c0 [ 1133.497026][T13464] ? srcu_invoke_callbacks+0x2ac/0x490 [ 1133.502491][T13464] srcu_invoke_callbacks+0x239/0x490 [ 1133.507785][T13464] ? __pfx_lock_acquire+0x10/0x10 [ 1133.512820][T13464] ? __pfx_srcu_invoke_callbacks+0x10/0x10 [ 1133.518641][T13464] ? process_scheduled_works+0x976/0x1840 [ 1133.524363][T13464] process_scheduled_works+0xa68/0x1840 [ 1133.529926][T13464] ? __pfx_process_scheduled_works+0x10/0x10 [ 1133.535915][T13464] ? assign_work+0x364/0x3d0 [ 1133.540509][T13464] worker_thread+0x870/0xd30 [ 1133.545101][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.550736][T13464] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1133.556369][T13464] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1133.562271][T13464] ? __kthread_parkme+0x169/0x1d0 [ 1133.567298][T13464] ? __pfx_worker_thread+0x10/0x10 [ 1133.572411][T13464] kthread+0x2f2/0x390 [ 1133.576488][T13464] ? __pfx_worker_thread+0x10/0x10 [ 1133.581603][T13464] ? __pfx_kthread+0x10/0x10 [ 1133.586205][T13464] ret_from_fork+0x4d/0x80 [ 1133.590630][T13464] ? __pfx_kthread+0x10/0x10 [ 1133.595229][T13464] ret_from_fork_asm+0x1a/0x30 [ 1133.600013][T13464] [ 1133.603029][T13464] Modules linked in: [ 1133.606929][T13464] CR2: fffffbfff3f8171b [ 1133.611083][T13464] ---[ end trace 0000000000000000 ]--- [ 1133.616530][T13464] RIP: 0010:kasan_check_range+0x82/0x290 [ 1133.622174][T13464] Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 [ 1133.641807][T13464] RSP: 0018:ffffc9000495f640 EFLAGS: 00010086 [ 1133.647895][T13464] RAX: 000000000172ce01 RBX: 1ffffffff3f8171b RCX: ffffffff817ac174 [ 1133.655961][T13464] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff9fc0b8d8 [ 1133.663938][T13464] RBP: ffffffffffffffff R08: ffffffff9fc0b8df R09: 1ffffffff3f8171b [ 1133.671920][T13464] R10: dffffc0000000000 R11: fffffbfff3f8171b R12: ffff88802f978ac4 [ 1133.679901][T13464] R13: ffff88802f978000 R14: dffffc0000000001 R15: fffffbfff3f8171c [ 1133.687915][T13464] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1133.696857][T13464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1133.703452][T13464] CR2: fffffbfff3f8171b CR3: 000000005e986000 CR4: 0000000000350ef0 [ 1133.711440][T13464] Kernel panic - not syncing: Fatal exception in interrupt [ 1133.719079][T13464] Kernel Offset: disabled [ 1133.723423][T13464] Rebooting in 86400 seconds..