last executing test programs: 8.012795015s ago: executing program 3 (id=670): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'veth0_to_hsr\x00', 0x0}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000000002eeed88696", @ANYRES32=r0], 0x20}}, 0x0) 7.20616985s ago: executing program 3 (id=676): r0 = socket(0x2, 0x4001, 0x0) setsockopt$sock_int(r0, 0xffff, 0x800, &(0x7f0000000100), 0x3) 6.232756229s ago: executing program 3 (id=681): r0 = open(&(0x7f00000000c0)='./file0\x00', 0x615, 0x1a8) setrlimit(0x6, &(0x7f00000000c0)={0x0, 0x7}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r0, 0x0) mlockall(0x1) 5.895120316s ago: executing program 4 (id=683): open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0) mount$cgroup(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)={[{@subsystem='devices'}]}) mount$cgroup(0x20000000, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 5.74790406s ago: executing program 4 (id=684): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount$9p_unix(0x0, &(0x7f0000002740)='./file0\x00', 0x0, 0x100000, 0x0) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1058, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000700)='./file0\x00', 0x80045, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0) 5.600067375s ago: executing program 4 (id=685): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000400)={0x0, 0x4, 0x30}, 0xc) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="7cd21fc863", 0x5}], 0x1) sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x34000}], 0x1}, 0x0) 5.367408959s ago: executing program 4 (id=687): r0 = semget(0x2, 0x1, 0x630) semctl$IPC_RMID(r0, 0x0, 0x0) r1 = syz_open_dev$midi(&(0x7f00000000c0), 0x5, 0xe8f1e6d11d6b959d) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r1, 0xc0385720, &(0x7f0000000100)={0x1}) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)=[0x869, 0x6, 0xff, 0xa6]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) unshare(0x42000000) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'lo\x00', {0x2, 0x0, @remote}}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x1c, 0x20, 0x203, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x4}}, 0x1c}}, 0x0) 4.976285045s ago: executing program 0 (id=689): pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) sendto$inet(r1, &(0x7f0000002640)="01a5", 0x2, 0x0, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0x2, 0x4) 4.595462504s ago: executing program 3 (id=691): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x8002, 0x0) write$tun(r0, 0x0, 0x9a) 4.414501172s ago: executing program 2 (id=692): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(0x0, r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000d40)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r1, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f0000000d80)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}]}, 0x24}}, 0x4) 4.18784931s ago: executing program 4 (id=694): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) syz_fuse_handle_req(r0, &(0x7f00000041c0)="7ed2c42ad1b04ce3792cda19c56ce9c81ae16fb01de77f95f775f064b2d612b46878f0f4a0a6f2849f980da1b22329cba96651402f92b1a1e6a59690f7d3c2b83f46342ce56b30111f6dfd123712c00727f907272fce27d40232206a8a7e8fcc150d5a765bac8a3782c384442eaf7db71af25f723953337cf47202b7f3024c9806c0e34f946fbe2bfc8704eebd86cb87c064db095bc2992179479f918597c51ec08d10ddc4297e5b2393283743ae791551e1b69baec8ff6eb755ac3651f92ab58fcd167b7572856cda043426b0fc8900e72cbe576d3888cc8e8c60b97c72fb16860da7fd00bd9fdf528cf0feaf4b51d8234c9a6d629c66b9ea5cf119c2b84f819d3d1a8cf75b9983e5e8fcc9dfe0d68ad096b651d07eaa7ab1a7aae8fc5731c0b24949a8387809114b4001656bf23ee28e639c5adcc443cf2b596030964214c56ffd72725893cfa5ddf147110bd0d5faccf7458dc39569439a2a0cdb82854883999424c5b100acf18d8b473efdc9601165ef1de86b3aa4803e9c9b9a5b7626b3cffe385fbfd19980423e93ebb380ae39aecc96cd32082fd30aeda93f84e216708c76af3a75818ea3d0ef0df84a9ec975e71bdc891f73e71fad39230a72f9f9ab536e935b7e512ecc2d8a3856758eb14133334a1cc9b2656e352855ecdf29ce6598e5365c22beb2000004a740354ce862ccf59e33a2d0f2a3b8ee3679610bc0546ac9f7e9d1a73bfbc27907165f4cbdce5e89ac865c5d249b68a1747c992eb2aecc3abdec090b8803f647788987a1e049b458bff0931e4d438de03a775407096b7a4a8c9f4bd2101beab30240ee86f8e67d210bc3bb1b5cd82892c7853bf1b453cc9021163e0f79e26f7544d2476b4d6264094441ad3195a4667ef0fa150f7dc88956e4bd8f5ebe44194c3e4dbe8442d01a213e68f171737f25d9cf8abe7539ed80e3f87c3863194f4107ffe05244e93d69949edf089d5691d5f15a9777d96bdf8241923736aaaa69e3317e51b9f0b1149eb2e1ccaeb2cd233e30422b58c227b8021782de8c88dd62f53a171372abb08ec973ef911ebbe02b48a0952cd8fb6ba9efddd3625c202b1636e1257927da2111352164a6b1d115f2516faf580f89024c9c740421f9e2caffa09dc82478232e9adb8b922b2491d7168f5600f5fc83b766565c56bfad32fe9fd07edfeac3a6df2db815b7ef3bb18bfb78dbccc5f83e08952397ad031e549f41c1255ca666117c85ea82e2f294e88a2b8a1a5d4029792b00acaeb17cbab642e1e467e45bec53f20c2c26b0c082d32de99e797cd490d24ab2ce8c9397fcc01750716deada5b937005e5c570bc12a1a6b37a4ee281669ac783d18d5950dfb58ee31c1c305761d7ead0cea02afd72db2ae9067eccdac7e0a48112d612a19d47321062d11bf5ab06fcd68499e5b5e6bc5ce84f9e799bf5881b3d0479ae6513ad5eb11a5598dfcba17053c4cb67f3d54340d9505aeb987321857480c87ce3f7e09d437c89c525e7c1cb367fe791ced45e500028f589a74d4688c78011e7b4ead692d81a37973642e5e6845bf48ff98f9fd5b78e06f740f583fa49f6affe889776ad4e7480f12b12b60c661fcf1e0a6143ef08e335a1f5d519c048c0a86eebfe1dec807203a3e5e10ac2e0586b9e459b08f9d0c21fde3962f6bf6d56b8c5fc9292ee189da1ba6b5a88b8c7d3d94f4fb3589940e238f226cb0fe73c9606dcafcb8c841529be202aedb4fd2c8c16cf06817559f5620c174567de9f7427b25eba5c301f433644cc8a5e0ab0bea2513f031310c757e9315bd96be4f47db97d151d18000b9df04e7fcbe0dfc684d1a259b702693e34a274ed0fb93781f39456039d9d80ad240acfaba4892535242761942b95c503db73beb41de80f79ce4d02c51d57b2c0463a3f09fc53fed5523b70a30670ca02da78b0647031ae8ed5612f56eb1abbb50c98b4801f1b17942f6b5a56af59ad68febd24d901b51403a9db23f017ec2b428fa5ab591a1904b49bd452d3937dd6347cd773f9a0699970193daf2b4c7899a8c94ea109a1df422477820da801ae1d8e67f36966b3a9631edc5f81dd6ea3529a5a653edf59374895d1be79f9719856b70f2f86fe4aa419b4a9db3e928abcc4573e5c4668049959ebcb9bd773e08d8a1abdbcb2195c5da9bc7e4a36e83bc42a6139c4d40bb66ddbead9432a3927bfbeb485ecd3d0e666a86398122bf2386c914d5b51d2cc4ee6a3085094bf547678c76ab4a3d7a973852da647fb39023272c7d665ad8eb46024e5e5fe6732b7acd9b39a0fe5b4dbff846e3bd9cbe9d5b6b3ce7b1d3011902f12a20153a1c8222c2f5a940667834cf440a08b14f8e73e4e8ff7f0e588824ac0c2804a83906cf2c5763d2c6a852f53a761a1cb34acbb07bd6a0fae4fb36fa93b854f1dcc0ecca8bbeb4e5036d045e2ff24d98c1a2780963f775c6c02e7e5947869b5c93dab7e8b3eb2935b7d8f0734b472f89155792d65f78e84d72912d36ce05466fa0d1579832e92b6941a5e3b7fcbfa58c6418461d406737ca2b75e771d73e516718f589a859c935d6b4372b7fad7c6541781e01fd905b343d4dd430cfdbd9a63d4f0aee13174aec686af676818332d86182f02f279b1a6980ba0f86f62087d35eb48983a3d16433a1fc09609681f4418629f7b7c50d0ade5518a5d657fbbdf4bf30c7c24a1d81ff2031d921d214966939595aaa566bfaddd7f9fd51228d51976c5b3758d12d31393d263a43ca033cf3b4e9885568a4977368467aa8f2ba6a536f307a550c277886cea27ff17dfdbe914257ffb65b8c276a15be8ea5165fd16b909f7757e30f0ece05a2927c0e7498d6d5ea5619c96786af5230029e9214db8269365a84dc0e2cec200ae9c0b74d579c48037bc40c5fcc73b80e3bc67dd5e0d1ed0484f2c62822401e39621c52ac6d603f2d111350928ee2eb8d0825110321f5c26d6fada90725c6b5204644256a1d74f0daf2e416bee390605e3f6d06cb18c1852b30776d2073bc156c85311ccbfb139b4367f81750140a474e494a1c0d5fa2ff2a6c9b5a40f8f616b3d5e2e4be56442e305376f5d0e6a6c4d54f05e6c08ed6ee32955ff1bdf87189122767e85ad03bfbec0ec78bf859beaf880f2589cc418b53ab5cb3d0264fc11456a1b868fb014e010bff07a07754603891a399047f17dea68c6481d91e71d0aa8c26b3745a69ea2cd02deb3ccc0e7ddc6e3ac7180a9cad8f0ef1253610cb6965fa9307c9082ee845b4021af0a2af27d12b41e4647f92497918e0365fbb14a177150299e6702389939f8c9e66cdade9004ca7bb53e947ca0409d4f9d74bcbc49ac48d7b706832ab0b19f045fd21ff6339565d8d022ab08d15c2229b26ffea5ce20631e759c66095359d614db7c4683de79b53f7185b1d523c90cd1041d095face8e69c8f79862a12b0d2c5a3bb5853643faf495bece649383391e769e40cd4f11cb5bc0891998e059ee61cceb0c27792b88a92d88603e3ee0857fa2a8e03c0bbaa8f895a78e1dc7b54b5321b0db04a4e9ca3cf9a426efb08ed8de49253276849211b385ad9ae841380136caedd3fc49daa7dd4930d5e1c6355438ff086e054ba406a1f4ca450e5197076459c9dd9433bfe0a385b2236b9e28b0091e3269297dca512cbfd21300e49178cf3bc287153a5005ca28e9c7dbb4291ae76fad759ba39ba2b8a63ffcc01db45a13ae616deb1df4ad532f905beaabe165aedc442a0e2f7e232714ca59b7089081963efaf363925b1ddcbfcd4aa85da9ba903765ea04766749a7a69375cb5c7f4da42db2d0c38187c6b37adc198e350e8abac561517c3a668a3f1a0fdc33557e862d252581d13dad4128628b91eb1e1b9a55ceed5ec83ce5b0c9c5f98383c972587d9702bcfa7349f3f3049307210cf211e6bd62b9d11b58bfad21b80a6b1de0d25fc42a0bd94b69d127aa563c61d673dd512878e655756bf20fb5a41101edb2342bc4f7522ca4c3a33c3bc10bd061fce3bb4480199ea88a51990c70b3716c9a17c7b98596d9621f7dea213ef9f1b77105faa85a4467cfb676c94e7343a2089446f6243bbbf36811c669d0b0ccaa4f2ca57f59cf2cc7511887a51c37bf44306ff3709f7ef341df4ab0078b846ca3301170c7f5ea1f94eab76da7b32fe0d44bed365906f513d314b30f050b9fdb4fdf6654378b697e956e46054223d30ec4994f0ec0a7e750c4a580c4174134c0695927a12144151fdeb343df388228fc3710bb7cd80d93458cafd839a7d21116e5b06a4f68bf67a8b7b8f1a3ccea9d05a85c1a2e6c1272f7f015164d556be02cadee46ff48ee04e75aeb06b5a1a0c3ef1ccbb4d59a4c34a05f810e052f9825d24ff27321e6c4b5235dd74dbc48d3c9eed385ad50157c2f84be8872c75b4d236063f0356860ecebfc1b6b83d30397bc174b29b8a7c0d88c468e326783c00a146509e75ccd460e9230f7977ec3cb2425bf2e314680ff492753607731bc1d674f935d6ce06901a308a8711c20677fe9ae855144a8e0bc9a7d0f49f4f08186817b0b94fd56d496067c80b76eb77bb534f85ff8f4397a02a8e9448c9a1b9924d27fcdbab5feeddb14d1f57032d8a7d8e1aafbc8f9eacdd01c4788a239c1108ef5ccc159e0db4ba44de7a7cbf3f97fe03b57ec6364fe0e7d2b903b2a3f8fb52e99042b3ab6d6c4e3dd73ef2256af4567554823821c7464247e6fe624f83c2f282d42aefd38560aa4879afcdd4531c7cb192bb9abc24af0b8f981af96a7db30c0ebdaeaebc5a7841d7825f0a017382fe903478e7e54d2953c8ae8c537754cab7d59c42dedcef719c049bed1cbea347749741b2652cc1b88923d50bee5cb4aaaff9c2ff6111b2501c58f62c60bead8cac89e1ab10ff784b8228739d20a808a1a88aed3904cc25a938906ded4cf007bb9c009c52d0439444d08d1b26ff8c935115c6601a29f15a9b8d3c1c5b0959521c0a55c91b40e1aa96f8d5a1813c4baf2d0335d5e5e2bea7aa2b3ba2bdc7369a768c3bed6a11d47173442a961babc8f02fe7b701697cbc9c93599d69a25a96044c1d901a7c8b489b5a77cdb2e3894b31ab6969c25b17ca9bd95b8399e4e9968c764a1512989cfb8a53e1837cd27acb58ed999ec20016a0601b3a020924968984b982b6de1734705e413a680702605b6648d9bc93ff57cc5541b73317233b04e3aee4c3138e0f9a2a49155f4ea1e62d9ff541f7f566b18c5ee024d4750be962377937ec97b038bce7b3a7de504214e7eb22407fc0e8eb1455fe5951e83553d8e538db244b62ec9f56a1b7c155d5d1736944bb3e46edf0461068a4b9b02ba07679d003572252fd3d596a9020b153637c7513f27f4efef20ee83ab0285f2892ff52262b9d1e2bf92c4cb273d20b975d163eb2dfa4eba7b9e642bbd3acf3a192963fab83373d00f9bf543cbde732b16bfb4f9699458df528ea37790cc4ec09e7b6d6ae3a83187eebb57678da1ffc230786a79566a7e22836aab04598c0fdf991b96256f14e1d8936668147edf405bbc88e84d7a312f892c3a1dcad7e11a7fa27ca50bcbe2e3fcb201f1297899e327972bec7d631b9ee036194fad4918f0f1c7639491ba7d3b29022d53b6a6fbdef6f7566164487f59b466c9235288a2a3d5a44886ae9b375f8a7cd383da9c607dd3bada8a29d0d77672a3edc11f3a653ae729474bbdedbfcf0ab19b2fe998b7ac59e87552028c9c6578464af8e76c2864c11121009219dd32a5efd6a596b6324c680d19ba0fbb019d722f71fd68443e0c0588764d1dab37cf7bceb4e2b1248efd3f22e26e75472e35166f1545ae178da423c0bbd175aec6360cdd7d2812f4fae46295596e4d9e40f68fb3c9360a2b47dddc35aa2fd34d05411f3fca71df5702edba8c182e94a0ef2b89945d2f9dae556965f52ccdba267bd8f84db5ffc537b30f431455976b92680895695bcf86e1b22821b0fff3511eb44518afeece8dc580e6189e7ce26e3ba6ad4c93083f0766c79e185f8fa2099fa660dcfb6cbd36f91922c9eb6aad143a646744f73237af4dddd2b184091568760210676c468252653f4f5949f346afcd5d062a1387892236d0186ae01bfcf5814617790414b62355513c961f9fd324aa05dbc16725368b3bc4b591a58b7d47c1ffb7bc4c24ec18e4598b692cbf0a88c18f969e702fbb7d0ccf81a7468a7f7ebac94364fa44bbeeb022a2da5b980d109d93b6252dcc00c3158aed7d928a8bc1077023a62288845d474c0143ada9854dcd9bcfbcbd93e62f1a163d06e3f012d6c814cf3b2589a0fb7c21708025ba26375e7f5b3b76e12d90918683adbe81c08b03c3fff740c0c35d38d17468aa1b7959bb9cd6c8735ae32819c5607f34249251832d7f30b30b2cbde6a7235a9137dd1c3abf3f8d07192795280388c546806678f71e511956e86ba03930f579ed7076787404f24680bbf3cb6b562106bcee85012d08861857673e202e05c70fb151803564dafa7e4237674ed5f936e0dea63e7e5bf98058a4eaffc2eba998707c2fb54e1f38626b9a0d34267e1f40a4b0787ce848909a583990194434a9197a1c989d0c0b204199bfe32c281714e3c3fb6c2a26fdd049a5fbd352b6f561e2fa874c9a36c294f253281ff0d89b535189b9fab730858d078e71a0451abe07455ff9527569f50d3b2e406b37b8891045413c072fc4fd848c28b89ef4228b85e919072ccf6ecc0a53a3b086caeea506bdba02c9eeb66efcbc0682e52a3a2b078ffc9752b93330bea7039de2a8db03401d28775ef1f39803b77d42f6de6f482756ad1addebf8d10fa3ca75267f4d526162a669d0d1952cb91da2354f39b95c417ebf83af5cb0a7ca452910867ea4f7cc2e268f635b1febc5b7f5daff7e5057f8b3124b8bba68e2b34e879adc8a4da0ce6b2c7981883b403fafdea21c6f9955bd789a9807183a455ecaaddfc2c250244d040996098e1e5222a945ae7616817953bb0353ce90c42cc991a0db325e8e7bbb039885f4845c368a513e781428d53226cc7e48b48388c02c2b77be2d1d51da3fbe8bda78c12023487225730c59e7db2bfaa0d94917cd68b3a9b9e4b96219bd68f37ba382edc6eeffb0763c44e4023aa64a5b539817bc522eb969aa79143450580e73ecaa398157ffe9dc9d3ede14fc83d032d29d964072e34f2e6e60877fe5dbd5152edb58ffccc0f6f48b4873a82ed6ca0cc1e32a8d21f38180fd2877538ebcc0a2e415f0dfde170b08244d34554c1b26bf6e6c8f85df2b52bf0f02949663e0bdf9a2b1f4b18743dca57ff68cc37e963848ace00a0c304276208aa5e7caff86c435792d084542cb6712151de2f065fb4cc55b164ef2f95c90eb7d05b4ec7ab03489a9924ceccdbd12469bcb054a38142b7fb83b42a394a8e5eb4bbc3a96f482db8cf6b5acdc295a746517d77141faf3b9cb247774dc5064e22218af24610cceefe61cf360059db259a58d4760678ba0638ac84dc9a06bd142e8862d2d7f659c2004561ad89d4959bd2b09ff93c24ba5b807c652043e8e832e3a37c4f7573541c50c3a026283c4ff1bf7cd629302f5def4dc31ee4a24fa1074b77b563728bedc90dcd6b0a99989de0a04761762925b1ea95805ad59218e852aa8eacd1847a559339e1e5050279986a8a5b5dd71ecbdba8dd8d79eaac5b13b0e41cbef43ef24d14ca2197e7526c55de4bb7fc45f341c6e4647d4c5eda01f97e4879883b2dacc8411dc38a6362ac8a1426beafb561ce53dd28005540b2fa00c34bd132618a61893409501407692d344779807ab5590546d1d73840effe22ae3f85427ea37958f0efd4fd4b295d6fef9aa80982f30adb4b7d243b4adc78cdf2f6324d7ebc5ec128f38e98f4ca9f03abd1fcafcbef25f96221a78c8e9a3a8c974d17b5827416e01fa3192708782278700b8a13681bcd2832ff2ae5551cfdb477ea8f0b13f8c507be94aa86f1fb52924ba96b10c5f5861cf0937e474fe7cfbb84347a48d9a5bb2fa698286023f2ea1216851b7d7b8e204db759c163ba490c31ae8b517163d5d57b882dfacb4308e7796b83f998a4f8762b5eeee0e85440b972a46eed1e3e717ede0dd112a6dc5a5cbc71a9018c4dce90ef5e3437038b83c05562b60417e7f81ca0d93377531fa0582638ca1a4a39fe9973c40ebeee50b5cb6d55974f23dff764517289296908c5432bd92060d721ada9d90dbd4485613a58f338fd527965d1bab5df9317bd6019a8549f175feffed260df04e0ee114c1f04e9920a85b872745e6d261af012e65b5ccf34dd9f942c9693c51bbc56609f563e29c6922c1505af2b9a173160fa1b5575d8d91143638219707f0df7402e638c010fa77932cde29dece0dff0d8e0f4d9bb645757e4194115ca768b26148e8066dbd345f92997cdf1017469081c618ae3855c226e07289a9404326ad6f019afe5588981b7fbaefb168363f46cbc4cf3edd8575245b64f9468972fc9a3516d7b6f72450e1c37ae5dd248e58398151c098efd59bfec1162ee05c4f748b7c0f13eccfc6bd71ce7d93f77f0e6878f2f55bea321204ba04e4b69d2382b35d60676c8e3c63ca92199e9134f59721a2a80cee9c4e7e3075fbc012fc69f0e9307946dfd1214a918eae892508833ea130d300319b54c38310b8a006dcc79a53ffd523101e57e0b0fb9201d37a6ef84b4f0b9a189fdc52dc46f9cae08108b76173c6daad6942268cf0b5fc120e0db99729b8f35f9038fade1a328fdbd08964e01867c667a2e6553b26e0c678d58f6e919a44e1d06a3df4bdecf0c92b29a1a347394ed717d8797fc47b2791a205f9cc3c7145de2150177a432ecc7c1a4823274f773b30b33c2a95d8bcc8e8ff550983dc7f103745f668189ca299ab33c7e1f003f44fbcf6616bfabe4105d7537c4814d24438203fa254668efd0b58bd2b5a34fd5687884967815c68f39be8dbde7b146fc487de3d0249f38e5abaee7b8a33eb8a6522e0c52a91a49990c77a3fa4b6679410b5bb40e56394c7433352290e9fcf8f8d2e581b8e422a1d0802e69f7d21deb2e68675bf64410572b709141cbe17ffc41f9761bdce2f0fe2b17e90280c3c56b0a2ff9cdc47fe8c17f2ffb5d9481c0df7961addc54feec21b7675c9b711c75bd69f29863c2d7fe9930510338fd211e12a56f05ed7444cca5de0be51241de353166d38e08c7f260700e8a16fb3491dfaaba0843c06f17111e1d64baaa5e90631164cf53a7e5ee2701b470e5d0a5bfc62364dc8083db3b39c683f4c167a53ef289085ba686b2ec72e119ec38f8093cf7eb23155d31e852aec81fea7eb1a1551998bb91b46b726fcf670c458853f655167be94db5f9524369ad541d590cb90089c150bb6f379a4f03d935ab6e65a9be43af3001fc99800bc210695b0c749a80d084882827a324da046e421fcc973c2ffe53c235de2f3ebc81ba79c55aa49125539927c2c85fe0c3c6f85ee71818c81fd159739e9df7dfd82900ac67c14ce6c86bd3edaa64c691a0371d2d4167ca68ebc1b4bbbc23994840e20e53516e3bdeeda5d3025f118fea3a7291157bb9ed22cd544c6dd37e649de95b307c6d4c37dc102b51464a3d3cc3ffc4f3c2466278b2f5de6597e136ced64a41d96fc1d773289ba9e0c8b2fa8627ba87189690867402bf73661df6cd230e4ae9b99392075957a5ffbeff81f8723360f6e1b5e7ab2234d4ca100b6f9ce72d1ccc5b349bd47ea38f92de6decc2155fd4cc34d7eed0968ad901c8064c8bd54e59fae7ea9320a6292a0b68f2b204f6bfc773b1e01fe7de2a3dd0a5ec00adbe1c39a193a701ac897fee76fa9c3f18ae53def4676527ac1247cfddfaec56ce1a09fa0d6004d58b13642f981264ce52ac4e19259d34e18a5136e2c064a5d22b1cabb442079e5bab5f9c85d7f01c22171ade59970d7fe593391c5ee9e7cc787bed72da399ea8fe7d39b0e8385f7c67a043e485abda5f77cbe0b89cf0a5b3f326913ab0217b5a1fe2d39427b348573044f8a5d5e4722a73f9d49447ae4f50cea06ecbf46065237ca2c75237f0d93aabff94166ebbf744aa8e3ceb3750bac643416789457f14466f910ab297e62ee05f1782d6541d81cb196b7a3d6ab3f7bbed709e50999b4f28995576d47c620a24acd23ec1c03b14d4238b29e220152f7e4fe4ed496e8f939c5ed0893443d58c37a16b1f2deca1add92f54a3de96695f4852386bf1bd8b4984bf336613d1912db65b8d69690cd4420b733b34d1a7dfc8136068d3b710298ff9405524d20666488ccd7650f6b02285266af3e88f9ad99a26fb5256d7601310d2da89245e70f811a994d85bb138d29786c11746598141abfd195f801c0d86584221c4b1a82470dd4f17bab73271ce4ebdc2e94abf56dc6e047bca8d3988e337c499aed8c1391ab1af615d8ba93e8575e1dd69c595a7835eacb8109c7e719e376590e16a4c16889604047f04674e38425ba8e743ff91fc7e0f172eedcc182e8d42a28c9416e74b7caab5749859d7b231dfae0d573547e27f00f1d0e088aa7acfa6db7de3cfe2df15b076c2174e3f50447a4881045dfe54e1fbd489993bf947d549adadf8337174d64c0a67983fbef163375555bd3f159998794231dbc264f4bfd52b1a655fdd0fd27b1857279a2bc209aee01e8062a2ac5349398c92899744c986d3f472d6059575da3fa9a634ccc778387fecd1f43c6be46777afe156be99d76d11d47b76f194a67a50c5ad9941aaba39cc72fa93698916af7b34656c75796caa682185d09747f9911c95a8e6d095631c58d3cb37ab20e6292a4fd065e2dc2d745e171aaecd0600c54dfcf4212a4bfeaf307099063cbb3b892b96bab588c992613d7c7c6bb3d953ae5410d4c3b18b59003c7721dbc4379b4a4a243f8cb93dd5ad8276608f26201c2bff86e64f43a2bf793517681a1f9ca659f1de4b5ccd5496b40c52349c442c354112565fee597b12efb427eb63e6692fc3bda9b831da0e1afc8dcb2a3aa21fbd444c80f39cfd78c8e26155fd86740c8e225f06a0962abe5f687e6953c3382ee3f4b559b97f2a451df9db76d3084065ddc713aa9b63c0154b386be600a285692140f5e019ed2b01a44ba946a52355baa806e2247dbec3d0a4fb8ff14500fab216e425cb2a158efa9fd79e50b020a9316ef4e3726d08fae1683da67c323c2fbdc97b01860109387a62ef8ba4709cf079041925ce1801a8828d1f73e119be76190b5344e3c82c83d787544a883cd34721dece78e2495ca7e850f2af14395af675e6fda7d5cd7e122f1eb317480c071284cdd53b9c0457ed7b074f5a9f647fa3b5a1aad9f6459a9510af3f9c4f52c698c23c4c6f0022781ce7bdb57c493ed3ae6213e437560290e30cedc90ae400711c2220ae142c099d17cd1fa45f4424df658abc04e47754e0e66f38a7ea83c751181a2ab77d4e95b3c6008ecba7d4aa457d16b2e82fabea5a55244da18d2926153b1ee36471d1a37de2ead7d0650ea582332735c05d0abfa881cd7e841a0f53e8ad4dfb4f70b855c259588172cb1027b5b51f0cad9e89a739d07319e82977716ea71325412ae3ddc0a210e774c3061a623096f354dfd36759ac63bb5a926e7582478cc987", 0x2000, &(0x7f0000000a00)={&(0x7f0000000180)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f000000c200)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c8cfe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d9da697cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b80952fae37863708041eadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc111ae8ed6e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c17ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034612aa0c151345546b876b53e9f2c06e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2d852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f076767ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9d9ebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79e0f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f7b976e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba178fb03a467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb4771620124d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0ceb6216fc081e8d84d8b0a503196dc50599b22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e112f4f046d87feec3be04461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83e4cb29fb954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afa92fd0291fa96b05daa6beb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ef2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdf12c2287bfb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802144f1dfbc114cee5ba322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462d9f9182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf319e37199e98486a8d145ce2d996c1909402744cce63664a75e480b197c345360321e830e5572d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fd0874dfa502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89d2b8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a80373686534", 0x2000, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) utimes(&(0x7f0000000140)='./file0\x00', 0x0) 3.869177952s ago: executing program 0 (id=695): r0 = socket$inet6(0xa, 0x805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec) 3.868899291s ago: executing program 1 (id=696): r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 3.708111484s ago: executing program 3 (id=697): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000400)={0x0, 0x4, 0x30}, 0xc) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="7cd21fc863", 0x5}], 0x1) sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x34000}], 0x1}, 0x0) 3.407855575s ago: executing program 0 (id=698): r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) umount2(0x0, 0x0) umount2(0x0, 0x0) 3.383283709s ago: executing program 2 (id=699): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x13}) 3.259614466s ago: executing program 3 (id=700): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000480)={'batadv0\x00', 0x0}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x301240, 0x0) fchmod(r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32], 0x20}, 0x1, 0xc00000000000000}, 0x0) write$binfmt_misc(r6, &(0x7f0000000080), 0xd) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r7}, 0x10) r8 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$SO_TIMESTAMP(r8, 0x1, 0x41, &(0x7f0000000000)=0xff, 0x4) connect$inet6(r8, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) recvmmsg(r8, &(0x7f0000002280)=[{{0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000001f00)=""/90, 0x5a}}], 0x1, 0x0, 0x0) r9 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r9, &(0x7f0000002200), 0x10) sendto$packet(r0, &(0x7f0000000100)="030600ffffffba000840000086dd600630", 0x11, 0x0, &(0x7f0000000000)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 2.706846341s ago: executing program 4 (id=701): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000240)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==") syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000000)='./file0/../file0/file0\x00', 0x0, 0x2879c03, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1adc51, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x2885013, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000004680)={0x2020}, 0x204f) 2.459803022s ago: executing program 1 (id=702): r0 = open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x2}, 0x1c) fcntl$setlease(r0, 0x400, 0x0) lchown(0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x33, &(0x7f0000000080)=0x6, 0x4) getsockopt$inet6_buf(r1, 0x29, 0x6, 0x0, 0x0) gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)) syz_mount_image$fuse(0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00') r2 = socket$inet(0x2, 0x2, 0x1) clock_settime(0x1, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000480)='bridge0\x00', 0x10) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup(0x20000000, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)) sendmsg$inet(r2, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000180)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x0) 2.324716761s ago: executing program 2 (id=703): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000000002eeed88696", @ANYRES32], 0x20}}, 0x0) 1.890435358s ago: executing program 0 (id=704): syz_emit_ethernet(0x50, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @random="6578bb0e6928", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x8, 0x42, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev}, {0x0, 0x4e21, 0x2e, 0x0, @wg=@data={0x4, 0x0, 0x0, "4155c160cca13db0cb9a14122bede33cc996e5f68d49"}}}}}}, 0x0) 1.828291032s ago: executing program 2 (id=705): pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) sendto$inet(r1, &(0x7f0000002640)="01a5", 0x2, 0x0, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0x2, 0x4) 1.753253955s ago: executing program 1 (id=706): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0x1d, 0x0, 0x20) 1.223701841s ago: executing program 2 (id=707): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0x0, 0xffff}}}, 0x24}}, 0x8040) 1.223366569s ago: executing program 1 (id=708): r0 = socket$inet6(0xa, 0x805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec) 1.062252028s ago: executing program 0 (id=709): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(0x0, r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000d40)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r1, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f0000000d80)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}]}, 0x24}}, 0x4) 644.010662ms ago: executing program 1 (id=710): semget(0x2, 0x1, 0x630) 457.476332ms ago: executing program 2 (id=711): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0x9, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) add_key$keyring(&(0x7f0000000400), 0x0, 0x0, 0x0, 0xfffffffffffffffe) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000980)=@tcp}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000080), &(0x7f0000000040)='%pI4 \x00'}, 0x20) bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000340)={r2, &(0x7f0000000400), 0x0}, 0x20) 313.039056ms ago: executing program 0 (id=712): sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) r3 = dup(r2) ioctl$PPPIOCCONNECT(r3, 0x40047435, &(0x7f00000002c0)=0x2) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00)) sendmmsg(r0, &(0x7f0000001dc0)=[{{0x0, 0x0, &(0x7f0000000380)}}], 0x1, 0x0) 0s ago: executing program 1 (id=713): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000007400)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=@newchain={0x24, 0x2e, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): [ 286.716019][ T5577] dump_stack_lvl+0x216/0x2d0 [ 286.721017][ T5577] dump_stack+0x1e/0x30 [ 286.725563][ T5577] should_fail_ex+0x748/0x7f0 [ 286.730558][ T5577] should_failslab+0x17f/0x210 [ 286.735607][ T5577] kmem_cache_alloc_lru_noprof+0xec/0xb30 [ 286.741650][ T5577] ? kmsan_internal_poison_memory+0x49/0x90 [ 286.747870][ T5577] ? shmem_alloc_inode+0x5a/0xd0 [ 286.753163][ T5577] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 286.759354][ T5577] shmem_alloc_inode+0x5a/0xd0 [ 286.764481][ T5577] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 286.770269][ T5577] alloc_inode+0x86/0x460 [ 286.774932][ T5577] new_inode+0x38/0x480 [ 286.779395][ T5577] ? kmsan_get_metadata+0x13e/0x1c0 [ 286.784895][ T5577] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 286.791168][ T5577] shmem_get_inode+0x6f2/0x1940 [ 286.796372][ T5577] __shmem_file_setup+0x249/0x4d0 [ 286.801759][ T5577] shmem_file_setup+0x61/0x80 [ 286.806741][ T5577] __se_sys_memfd_create+0x8a3/0x1260 [ 286.812409][ T5577] ? ksys_write+0x416/0x4c0 [ 286.817228][ T5577] ? kmsan_get_metadata+0x13e/0x1c0 [ 286.822752][ T5577] __ia32_sys_memfd_create+0x6b/0xa0 [ 286.828538][ T5577] ia32_sys_call+0x1d0d/0x40d0 [ 286.833662][ T5577] __do_fast_syscall_32+0xb0/0x110 [ 286.839095][ T5577] ? irqentry_exit+0x16/0x60 [ 286.843990][ T5577] do_fast_syscall_32+0x38/0x80 [ 286.849174][ T5577] do_SYSENTER_32+0x1f/0x30 [ 286.854040][ T5577] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 286.860737][ T5577] RIP: 0023:0xf7fc4579 [ 286.865072][ T5577] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 286.885152][ T5577] RSP: 002b:00000000f574637c EFLAGS: 00000206 ORIG_RAX: 0000000000000164 [ 286.893890][ T5577] RAX: ffffffffffffffda RBX: 00000000f73213e8 RCX: 0000000000000000 [ 286.902118][ T5577] RDX: 00000000f725fe2e RSI: 00000000f5746420 RDI: 0000000000000040 [ 286.910356][ T5577] RBP: 0000000020000200 R08: 0000000000000000 R09: 0000000000000000 [ 286.918610][ T5577] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 286.926849][ T5577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 286.935091][ T5577] [ 287.040497][ T5579] netlink: 20 bytes leftover after parsing attributes in process `syz.0.69'. [ 287.886298][ T5587] loop3: detected capacity change from 0 to 2048 [ 288.275888][ T5587] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 288.422598][ T5587] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 289.018942][ T5243] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 289.297794][ T5243] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 289.307600][ T5243] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.324310][ T5243] usb 5-1: Product: syz [ 289.329046][ T5243] usb 5-1: Manufacturer: syz [ 289.333919][ T5243] usb 5-1: SerialNumber: syz [ 289.390276][ T5243] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 289.438052][ T5603] loop1: detected capacity change from 0 to 2048 [ 289.688644][ T5242] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 289.696000][ T5603] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.909385][ T5613] FAULT_INJECTION: forcing a failure. [ 289.909385][ T5613] name failslab, interval 1, probability 0, space 0, times 0 [ 289.925534][ T5613] CPU: 1 UID: 0 PID: 5613 Comm: syz.3.81 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 289.936476][ T5613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 289.946825][ T5613] Call Trace: [ 289.950350][ T5613] [ 289.953507][ T5613] dump_stack_lvl+0x216/0x2d0 [ 289.958655][ T5613] dump_stack+0x1e/0x30 [ 289.963191][ T5613] should_fail_ex+0x748/0x7f0 [ 289.968351][ T5613] should_failslab+0x17f/0x210 [ 289.973452][ T5613] kmem_cache_alloc_lru_noprof+0xec/0xb30 [ 289.979581][ T5613] ? kmsan_internal_poison_memory+0x49/0x90 [ 289.985851][ T5613] ? shmem_alloc_inode+0x5a/0xd0 [ 289.991179][ T5613] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 289.997674][ T5613] shmem_alloc_inode+0x5a/0xd0 [ 290.002798][ T5613] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 290.008631][ T5613] alloc_inode+0x86/0x460 [ 290.013415][ T5613] new_inode+0x38/0x480 [ 290.017921][ T5613] ? kmsan_get_metadata+0x13e/0x1c0 [ 290.023437][ T5613] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 290.029573][ T5613] shmem_get_inode+0x6f2/0x1940 [ 290.034814][ T5613] __shmem_file_setup+0x249/0x4d0 [ 290.040228][ T5613] shmem_file_setup+0x61/0x80 [ 290.045338][ T5613] __se_sys_memfd_create+0x8a3/0x1260 [ 290.051053][ T5613] ? ksys_write+0x416/0x4c0 [ 290.055912][ T5613] ? kmsan_get_metadata+0x13e/0x1c0 [ 290.061618][ T5613] __ia32_sys_memfd_create+0x6b/0xa0 [ 290.067334][ T5613] ia32_sys_call+0x1d0d/0x40d0 [ 290.072509][ T5613] __do_fast_syscall_32+0xb0/0x110 [ 290.078028][ T5613] ? irqentry_exit+0x16/0x60 [ 290.082956][ T5613] do_fast_syscall_32+0x38/0x80 [ 290.088158][ T5613] do_SYSENTER_32+0x1f/0x30 [ 290.093008][ T5613] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 290.099687][ T5613] RIP: 0023:0xf7f8f579 [ 290.104038][ T5613] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 290.124008][ T5613] RSP: 002b:00000000f571637c EFLAGS: 00000206 ORIG_RAX: 0000000000000164 [ 290.132869][ T5613] RAX: ffffffffffffffda RBX: 00000000f72f13e8 RCX: 0000000000000000 [ 290.141224][ T5613] RDX: 00000000f722fe2e RSI: 00000000f5716420 RDI: 0000000000000040 [ 290.149653][ T5613] RBP: 00000000200011c0 R08: 0000000000000000 R09: 0000000000000000 [ 290.157908][ T5613] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 290.166154][ T5613] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 290.174423][ T5613] [ 290.793734][ T5242] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 290.804686][ T5242] ath9k_htc: Failed to initialize the device [ 290.870297][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 290.877362][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.105909][ T5184] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.167537][ T25] usb 5-1: USB disconnect, device number 3 [ 291.300088][ T25] usb 5-1: ath9k_htc: USB layer deinitialized [ 292.045920][ T5620] loop3: detected capacity change from 0 to 8 [ 292.193606][ T5620] SQUASHFS error: Unable to read inode 0x11f [ 293.454698][ T5634] loop2: detected capacity change from 0 to 128 [ 293.524003][ T5634] msdos: Unknown parameter '0xffffffffffffffff' [ 293.939721][ T5640] Zero length message leads to an empty skb [ 293.995597][ T5636] loop0: detected capacity change from 0 to 1024 [ 294.239168][ T5636] syz.0.91: attempt to access beyond end of device [ 294.239168][ T5636] loop0: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 294.253687][ T5636] Buffer I/O error on dev loop0, logical block 100663296, async page read [ 294.262798][ T5636] syz.0.91: attempt to access beyond end of device [ 294.262798][ T5636] loop0: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 294.276922][ T5636] Buffer I/O error on dev loop0, logical block 100663296, async page read [ 294.805599][ T5645] loop4: detected capacity change from 0 to 512 [ 295.272504][ T5645] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 295.344447][ T5645] EXT4-fs (loop4): orphan cleanup on readonly fs [ 295.358822][ T5645] EXT4-fs error (device loop4): ext4_quota_enable:7049: comm syz.4.92: Bad quota inum: 3, type: 1 [ 295.527596][ T5645] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=3). Please run e2fsck to fix. [ 295.583563][ T5645] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 295.593325][ T5645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 295.674784][ T5656] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 295.706723][ T5659] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 295.715776][ T3072] Bluetooth: hci5: Frame reassembly failed (-84) [ 295.793578][ T5190] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.865222][ T5656] loop2: detected capacity change from 0 to 16 [ 296.342718][ T5671] loop1: detected capacity change from 0 to 256 [ 296.352379][ T5671] vfat: Unknown parameter 'nnonumtail' [ 296.442272][ T5656] erofs: (device loop2): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 296.455223][ T5656] erofs: (device loop2): mounted with root inode @ nid 36. [ 296.836346][ T5656] erofs: (device loop2): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36 [ 296.848085][ T5656] syz.2.97: attempt to access beyond end of device [ 296.848085][ T5656] loop2: rw=0, sector=131072, nr_sectors = 1 limit=16 [ 296.863123][ T5656] erofs: (device loop2): z_erofs_read_folio: read error -5 @ 0 of nid 36 [ 297.708938][ T5185] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 297.800648][ T5689] syz.4.108 uses obsolete (PF_INET,SOCK_PACKET) [ 297.950747][ T5689] tmpfs: Unknown parameter 'usrquotaaller1' [ 298.059444][ T5691] netlink: 16 bytes leftover after parsing attributes in process `syz.1.110'. [ 298.515246][ T5696] loop3: detected capacity change from 0 to 512 [ 298.892941][ T5696] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 298.968734][ T5696] EXT4-fs (loop3): orphan cleanup on readonly fs [ 298.975476][ T5696] EXT4-fs error (device loop3): ext4_quota_enable:7049: comm syz.3.109: Bad quota inum: 3, type: 1 [ 299.079200][ T5696] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=3). Please run e2fsck to fix. [ 299.102103][ T5696] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 299.111193][ T5696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 299.411124][ T5708] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 299.699810][ T5189] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.845784][ T5715] loop0: detected capacity change from 0 to 64 [ 300.755520][ T5719] loop2: detected capacity change from 0 to 64 [ 300.821687][ T5725] netlink: 16 bytes leftover after parsing attributes in process `syz.3.124'. [ 300.847513][ T5242] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 300.931988][ T5728] [U]  [ 300.969528][ T5719] hfs: unable to open extent tree [ 300.974961][ T5719] hfs: can't find a HFS filesystem on dev loop2 [ 301.077676][ T5242] usb 5-1: device descriptor read/64, error -71 [ 301.637627][ T5242] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 302.151491][ T3006] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.240647][ T5737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 302.351649][ T5737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 302.488146][ T3006] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.941200][ T3006] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.951888][ T5185] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 302.954231][ T5185] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 302.964684][ T5743] loop3: detected capacity change from 0 to 512 [ 302.974444][ T5185] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 302.989572][ T5185] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 303.048693][ T5743] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 303.080741][ T5743] EXT4-fs (loop3): orphan cleanup on readonly fs [ 303.087608][ T5743] EXT4-fs error (device loop3): ext4_quota_enable:7049: comm syz.3.129: Bad quota inum: 3, type: 1 [ 303.102657][ T5743] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=3). Please run e2fsck to fix. [ 303.120715][ T5185] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 303.149818][ T5185] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 303.154969][ T5242] usb 5-1: device descriptor read/64, error -71 [ 303.162964][ T5743] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 303.172445][ T5743] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 303.175283][ T3006] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 303.274802][ T5242] usb usb5-port1: attempt power cycle [ 303.628195][ T5242] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 303.671473][ T5189] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.708011][ T5242] usb 5-1: device descriptor read/8, error -71 [ 303.924982][ T5751] netlink: '+}[@': attribute type 1 has an invalid length. [ 304.406005][ T5754] loop3: detected capacity change from 0 to 256 [ 304.445419][ T3006] bridge_slave_1: left allmulticast mode [ 304.452370][ T3006] bridge_slave_1: left promiscuous mode [ 304.459263][ T3006] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.599007][ T3006] bridge_slave_0: left allmulticast mode [ 304.605067][ T3006] bridge_slave_0: left promiscuous mode [ 304.612060][ T3006] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.712450][ T5759] netlink: 4 bytes leftover after parsing attributes in process `syz.0.135'. [ 305.023610][ T5754] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 305.308870][ T5185] Bluetooth: hci4: command tx timeout [ 305.421011][ T3006] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 305.499302][ T3006] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 305.598401][ T3006] bond0 (unregistering): Released all slaves [ 305.610166][ T5769] xt_TCPMSS: Only works on TCP SYN packets [ 305.875202][ T5744] chnl_net:caif_netlink_parms(): no params data found [ 306.183189][ T5769] loop3: detected capacity change from 0 to 1024 [ 306.302426][ T5769] hfsplus: bad catalog entry type [ 306.668419][ T5761] netlink: 16 bytes leftover after parsing attributes in process `syz.1.136'. [ 306.751258][ T5244] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 306.928158][ T5244] usb 5-1: Using ep0 maxpacket: 8 [ 306.948239][ T4390] hfsplus: b-tree write err: -5, ino 4 [ 306.952132][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 306.965380][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 306.977920][ T5244] usb 5-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 306.987520][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.036241][ T5784] netlink: 32 bytes leftover after parsing attributes in process `syz.0.142'. [ 307.154688][ T5238] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 307.180000][ T5244] usb 5-1: config 0 descriptor?? [ 307.390093][ T5185] Bluetooth: hci4: command tx timeout [ 307.467621][ T5238] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 307.479021][ T5238] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 307.489331][ T5238] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 307.498860][ T5238] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.599249][ T5238] usb 1-1: config 0 descriptor?? [ 307.689810][ T3006] hsr_slave_0: left promiscuous mode [ 307.705142][ T5244] cherry 0003:046A:0027.0001: unknown main item tag 0x0 [ 307.721518][ T5244] cherry 0003:046A:0027.0001: unknown main item tag 0xe [ 307.730696][ T5244] cherry 0003:046A:0027.0001: unknown main item tag 0x5 [ 307.738243][ T5244] cherry 0003:046A:0027.0001: unknown main item tag 0x4 [ 307.752859][ T5244] cherry 0003:046A:0027.0001: ignoring exceeding usage max [ 307.773027][ T5244] cherry 0003:046A:0027.0001: usage index exceeded [ 307.780033][ T5244] cherry 0003:046A:0027.0001: item 0 0 2 0 parsing failed [ 307.951316][ T3006] hsr_slave_1: left promiscuous mode [ 307.972793][ T5244] cherry 0003:046A:0027.0001: probe with driver cherry failed with error -22 [ 307.990365][ T5793] evm: overlay not supported [ 307.999051][ T3006] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 308.007142][ T3006] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 308.107576][ T5784] Cannot find del_set index 0 as target [ 308.124237][ T5791] loop3: detected capacity change from 0 to 512 [ 308.180101][ T3006] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 308.188256][ T3006] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 308.245506][ T1583] usb 5-1: USB disconnect, device number 8 [ 308.324419][ T3006] veth1_macvtap: left promiscuous mode [ 308.331058][ T3006] veth0_macvtap: left promiscuous mode [ 308.338039][ T3006] veth1_vlan: left promiscuous mode [ 308.343867][ T3006] veth0_vlan: left promiscuous mode [ 308.643062][ T5238] kovaplus 0003:1E7D:2D50.0002: unknown main item tag 0x0 [ 308.653127][ T5238] kovaplus 0003:1E7D:2D50.0002: unknown main item tag 0x0 [ 308.663594][ T5238] kovaplus 0003:1E7D:2D50.0002: unknown main item tag 0x0 [ 308.683828][ T5238] kovaplus 0003:1E7D:2D50.0002: unknown main item tag 0x0 [ 308.696708][ T5238] kovaplus 0003:1E7D:2D50.0002: unknown main item tag 0x0 [ 308.747831][ T5791] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 308.789024][ T5791] EXT4-fs (loop3): orphan cleanup on readonly fs [ 308.795755][ T5791] EXT4-fs error (device loop3): ext4_quota_enable:7049: comm syz.3.143: Bad quota inum: 3, type: 1 [ 308.845049][ T5238] kovaplus 0003:1E7D:2D50.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0 [ 308.852826][ T5791] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=3). Please run e2fsck to fix. [ 308.877695][ T5238] usb 1-1: USB disconnect, device number 2 [ 309.021757][ T5791] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 309.030851][ T5791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 309.467726][ T5185] Bluetooth: hci4: command tx timeout [ 309.800201][ T3006] team0 (unregistering): Port device team_slave_1 removed [ 309.829206][ T5189] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.834177][ T3006] team0 (unregistering): Port device team_slave_0 removed [ 310.627558][ T1583] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 310.817608][ T1583] usb 1-1: device descriptor read/64, error -71 [ 311.174416][ T1583] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 311.301417][ T5820] loop3: detected capacity change from 0 to 256 [ 311.337473][ T1583] usb 1-1: device descriptor read/64, error -71 [ 311.449065][ T1583] usb usb1-port1: attempt power cycle [ 311.549668][ T5185] Bluetooth: hci4: command tx timeout [ 311.600721][ T5820] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 311.678004][ T5244] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 311.878240][ T5244] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 311.889100][ T5244] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 311.898500][ T5244] usb 5-1: config 1 has no interface number 0 [ 311.905006][ T5244] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 311.952373][ T5744] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.957906][ T5244] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 311.960652][ T5744] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.969471][ T5244] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 311.977039][ T5744] bridge_slave_0: entered allmulticast mode [ 311.984658][ T5244] usb 5-1: Product: syz [ 311.993985][ T5744] bridge_slave_0: entered promiscuous mode [ 311.995721][ T5244] usb 5-1: Manufacturer: syz [ 312.007087][ T5244] usb 5-1: SerialNumber: syz [ 312.009472][ T1583] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 312.053713][ T5827] loop1: detected capacity change from 0 to 128 [ 312.078448][ T5744] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.086256][ T5744] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.092103][ T5244] usb 5-1: selecting invalid altsetting 1 [ 312.094282][ T5744] bridge_slave_1: entered allmulticast mode [ 312.109517][ T5744] bridge_slave_1: entered promiscuous mode [ 312.329941][ T1583] usb 1-1: device descriptor read/8, error -71 [ 312.376925][ T5827] FAT-fs (loop1): error, clusters badly computed (2 != 0) [ 312.384828][ T5827] FAT-fs (loop1): Filesystem has been set read-only [ 312.577420][ T1583] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 312.618748][ T1583] usb 1-1: device descriptor read/8, error -71 [ 312.688667][ T5744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 312.734334][ T1583] usb usb1-port1: unable to enumerate USB device [ 312.736563][ T5244] usb 5-1: selecting invalid altsetting 1 [ 312.747649][ T5244] cdc_ncm 5-1:1.1: bind() failure [ 312.846183][ T5744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 312.944956][ T5821] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 313.029742][ T5821] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 313.212904][ T5832] netlink: 16 bytes leftover after parsing attributes in process `syz.3.153'. [ 313.283477][ T5744] team0: Port device team_slave_0 added [ 313.358042][ T5744] team0: Port device team_slave_1 added [ 313.692033][ T5744] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 313.701456][ T5744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.728044][ C0] vkms_vblank_simulate: vblank timer overrun [ 313.736034][ T5744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.916945][ T5744] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 313.925768][ T5744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.952920][ T5744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 314.220827][ T5847] netlink: 4 bytes leftover after parsing attributes in process `syz.0.155'. [ 314.530912][ T5851] loop3: detected capacity change from 0 to 512 [ 314.580450][ T5744] hsr_slave_0: entered promiscuous mode [ 314.634789][ T5851] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 314.651534][ T5744] hsr_slave_1: entered promiscuous mode [ 314.698069][ T5744] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 314.709426][ T5744] Cannot create hsr debugfs directory [ 314.740345][ T5244] usb 5-1: USB disconnect, device number 9 [ 314.759223][ T5851] EXT4-fs (loop3): orphan cleanup on readonly fs [ 314.765962][ T5851] EXT4-fs error (device loop3): ext4_quota_enable:7049: comm syz.3.156: Bad quota inum: 3, type: 1 [ 314.827924][ T5851] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=3). Please run e2fsck to fix. [ 314.916947][ T5851] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 314.926234][ T5851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 315.226021][ T5860] FAULT_INJECTION: forcing a failure. [ 315.226021][ T5860] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 315.239996][ T5860] CPU: 0 UID: 0 PID: 5860 Comm: syz.4.158 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 315.250946][ T5860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 315.261284][ T5860] Call Trace: [ 315.264814][ T5860] [ 315.267972][ T5860] dump_stack_lvl+0x216/0x2d0 [ 315.273018][ T5860] dump_stack+0x1e/0x30 [ 315.277514][ T5860] should_fail_ex+0x748/0x7f0 [ 315.282555][ T5860] should_fail+0x2a/0x40 [ 315.287144][ T5860] should_fail_usercopy+0x2e/0x40 [ 315.292539][ T5860] _copy_from_user+0x33/0x160 [ 315.297576][ T5860] vt_event_wait_ioctl+0x52/0x710 [ 315.302977][ T5860] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 315.309113][ T5860] ? kmsan_get_metadata+0x13e/0x1c0 [ 315.314634][ T5860] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 315.321157][ T5860] vt_ioctl+0x180c/0x2fe0 [ 315.325861][ T5860] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 315.332001][ T5860] ? vt_ioctl+0x81/0x2fe0 [ 315.336691][ T5860] vt_compat_ioctl+0x472/0x990 [ 315.342015][ T5860] ? kmsan_get_metadata+0x13e/0x1c0 [ 315.347529][ T5860] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 315.353669][ T5860] ? __pfx_vt_compat_ioctl+0x10/0x10 [ 315.359337][ T5860] tty_compat_ioctl+0x801/0xce0 [ 315.364540][ T5860] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 315.370684][ T5860] ? __pfx_tty_compat_ioctl+0x10/0x10 [ 315.376422][ T5860] __se_compat_sys_ioctl+0x785/0x1080 [ 315.382148][ T5860] ? fput+0x286/0x320 [ 315.386450][ T5860] ? ksys_write+0x405/0x4c0 [ 315.391314][ T5860] ? ksys_write+0x416/0x4c0 [ 315.396159][ T5860] ? kmsan_get_metadata+0x13e/0x1c0 [ 315.401694][ T5860] __ia32_compat_sys_ioctl+0x93/0xe0 [ 315.407448][ T5860] ia32_sys_call+0x32a2/0x40d0 [ 315.412600][ T5860] __do_fast_syscall_32+0xb0/0x110 [ 315.418086][ T5860] ? irqentry_exit+0x16/0x60 [ 315.423035][ T5860] do_fast_syscall_32+0x38/0x80 [ 315.428248][ T5860] do_SYSENTER_32+0x1f/0x30 [ 315.433115][ T5860] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 315.439898][ T5860] RIP: 0023:0xf741d579 [ 315.444244][ T5860] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 315.464198][ T5860] RSP: 002b:00000000f570656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 315.472983][ T5860] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000560e [ 315.481259][ T5860] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 315.489533][ T5860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 315.497801][ T5860] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 315.506060][ T5860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 315.514438][ T5860] [ 315.517940][ C0] vkms_vblank_simulate: vblank timer overrun [ 315.527774][ T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 315.590122][ T5189] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.763476][ T25] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 315.774227][ T25] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 315.784156][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.973382][ T25] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 316.220661][ T5857] fuse: Unknown parameter 'ÿ0x000000000000000b' [ 316.573840][ T5870] loop4: detected capacity change from 0 to 256 [ 316.666954][ T5868] loop0: detected capacity change from 0 to 1024 [ 316.730610][ T5870] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 316.767480][ T5868] hfsplus: Filesystem is marked locked, mounting read-only. [ 317.063679][ T25] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71 [ 317.072694][ T25] stv0680 2-1:4.0: STV(e): camera ping failed!! [ 317.082980][ T5868] hfsplus: filesystem is marked locked, leaving read-only. [ 317.187654][ T25] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 317.203124][ T25] stv0680 2-1:4.0: last error: 0, command = 0x0 [ 317.289268][ T25] usb 2-1: USB disconnect, device number 2 [ 317.645688][ T5870] loop4: detected capacity change from 256 to 0 [ 317.718414][ T5874] syz.4.162: attempt to access beyond end of device [ 317.718414][ T5874] loop4: rw=524288, sector=161, nr_sectors = 1 limit=0 [ 317.733651][ T5874] syz.4.162: attempt to access beyond end of device [ 317.733651][ T5874] loop4: rw=524288, sector=162, nr_sectors = 1 limit=0 [ 317.749178][ T5874] syz.4.162: attempt to access beyond end of device [ 317.749178][ T5874] loop4: rw=524288, sector=163, nr_sectors = 1 limit=0 [ 317.765128][ T5874] syz.4.162: attempt to access beyond end of device [ 317.765128][ T5874] loop4: rw=524288, sector=164, nr_sectors = 1 limit=0 [ 317.782704][ T5874] syz.4.162: attempt to access beyond end of device [ 317.782704][ T5874] loop4: rw=524288, sector=165, nr_sectors = 1 limit=0 [ 317.797949][ T5874] syz.4.162: attempt to access beyond end of device [ 317.797949][ T5874] loop4: rw=524288, sector=166, nr_sectors = 1 limit=0 [ 317.811842][ T5874] syz.4.162: attempt to access beyond end of device [ 317.811842][ T5874] loop4: rw=524288, sector=167, nr_sectors = 1 limit=0 [ 318.104220][ T5243] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 318.161499][ T5190] syz-executor: attempt to access beyond end of device [ 318.161499][ T5190] loop4: rw=0, sector=128, nr_sectors = 1 limit=0 [ 318.175368][ T5190] exFAT-fs (loop4): error, failed to access to FAT (entry 0x00000005, err:-5) [ 318.190313][ T5190] exFAT-fs (loop4): Filesystem has been set read-only [ 318.241394][ T5744] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 318.306097][ T5190] syz-executor: attempt to access beyond end of device [ 318.306097][ T5190] loop4: rw=0, sector=161, nr_sectors = 1 limit=0 [ 318.338850][ T5243] usb 1-1: device descriptor read/64, error -71 [ 318.401498][ T5744] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 318.515719][ T5744] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 318.609150][ T5744] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 318.674539][ T5886] netlink: 28 bytes leftover after parsing attributes in process `syz.3.167'. [ 318.690096][ T5886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.167'. [ 318.704618][ T5243] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 318.822434][ T5887] loop3: detected capacity change from 0 to 1024 [ 318.997795][ T5887] hfsplus: request for non-existent node 40 in B*Tree [ 319.010539][ T5887] hfsplus: request for non-existent node 40 in B*Tree [ 319.088578][ T4223] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.444200][ T4223] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.732463][ T4223] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.017737][ T5243] usb 1-1: device descriptor read/64, error -71 [ 320.121403][ T4223] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.245105][ T5894] netlink: 8 bytes leftover after parsing attributes in process `syz.1.168'. [ 320.265836][ T5243] usb usb1-port1: attempt power cycle [ 320.341699][ T5894] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for erspan1 [ 320.378919][ T5187] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 320.425144][ T5187] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 320.435317][ T5187] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 320.459505][ T5187] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 320.474422][ T5187] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 320.484347][ T5187] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 320.591073][ T5744] 8021q: adding VLAN 0 to HW filter on device bond0 [ 320.651439][ T5744] 8021q: adding VLAN 0 to HW filter on device team0 [ 320.750593][ T4301] bridge0: port 1(bridge_slave_0) entered blocking state [ 320.758443][ T4301] bridge0: port 1(bridge_slave_0) entered forwarding state [ 320.774659][ T4301] bridge0: port 2(bridge_slave_1) entered blocking state [ 320.782483][ T4301] bridge0: port 2(bridge_slave_1) entered forwarding state [ 321.097547][ T5243] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 321.136359][ T4223] bridge_slave_1: left allmulticast mode [ 321.145299][ T4223] bridge_slave_1: left promiscuous mode [ 321.152214][ T4223] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.424378][ T4223] bridge_slave_0: left allmulticast mode [ 321.430600][ T4223] bridge_slave_0: left promiscuous mode [ 321.437447][ T4223] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.527526][ T5243] usb 1-1: device not accepting address 9, error -71 [ 322.250339][ T5913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.174'. [ 322.329772][ T5915] netlink: 4 bytes leftover after parsing attributes in process `syz.0.174'. [ 322.468648][ T4223] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 322.539306][ T4223] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 322.582696][ T4223] bond0 (unregistering): Released all slaves [ 322.608117][ T5187] Bluetooth: hci3: command tx timeout [ 324.223346][ T4223] hsr_slave_0: left promiscuous mode [ 324.259677][ T4223] hsr_slave_1: left promiscuous mode [ 324.402441][ T4223] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 324.410611][ T4223] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 324.625064][ T5939] loop1: detected capacity change from 0 to 256 [ 324.693214][ T4223] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 324.701175][ T4223] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 324.711088][ T5187] Bluetooth: hci3: command tx timeout [ 324.737983][ T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 324.778192][ T4223] veth1_macvtap: left promiscuous mode [ 324.784035][ T4223] veth0_macvtap: left promiscuous mode [ 324.790176][ T4223] veth1_vlan: left promiscuous mode [ 324.795990][ T4223] veth0_vlan: left promiscuous mode [ 325.214615][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 325.228709][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 325.241530][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 325.256512][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 325.272552][ T8] usb 4-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 325.283451][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.335535][ T8] usb 4-1: config 0 descriptor?? [ 325.863766][ T5942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 325.956682][ T5942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 326.133627][ T4223] team0 (unregistering): Port device team_slave_1 removed [ 326.186899][ T8] uclogic 0003:5543:0064.0003: item fetching failed at offset 10/11 [ 326.200536][ T8] uclogic 0003:5543:0064.0003: parse failed [ 326.207115][ T8] uclogic 0003:5543:0064.0003: probe with driver uclogic failed with error -22 [ 326.265037][ T4223] team0 (unregistering): Port device team_slave_0 removed [ 326.372020][ T5942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 326.457720][ T1583] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 326.491108][ T5942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 326.640260][ T1583] usb 2-1: device descriptor read/64, error -71 [ 326.765042][ T5251] usb 4-1: USB disconnect, device number 3 [ 326.783364][ T5187] Bluetooth: hci3: command tx timeout [ 326.932460][ T1583] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 327.230249][ T1583] usb 2-1: device descriptor read/64, error -71 [ 327.381187][ T5896] chnl_net:caif_netlink_parms(): no params data found [ 327.498306][ T1583] usb usb2-port1: attempt power cycle [ 327.670375][ T5968] tipc: Started in network mode [ 327.675762][ T5968] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 327.685240][ T5968] tipc: Enabled bearer , priority 10 [ 327.976427][ T5972] loop3: detected capacity change from 0 to 64 [ 328.048858][ T5744] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 328.470224][ T5744] veth0_vlan: entered promiscuous mode [ 328.640774][ T1583] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 328.641340][ T5744] veth1_vlan: entered promiscuous mode [ 328.681278][ T1583] usb 2-1: device descriptor read/8, error -71 [ 328.848066][ T8] tipc: Node number set to 15444650 [ 328.857605][ T5187] Bluetooth: hci3: command tx timeout [ 328.968694][ T1583] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 329.000843][ T5896] bridge0: port 1(bridge_slave_0) entered blocking state [ 329.009080][ T5896] bridge0: port 1(bridge_slave_0) entered disabled state [ 329.017707][ T5896] bridge_slave_0: entered allmulticast mode [ 329.036271][ T5896] bridge_slave_0: entered promiscuous mode [ 329.253492][ T1583] usb 2-1: device descriptor read/8, error -71 [ 329.273018][ T5896] bridge0: port 2(bridge_slave_1) entered blocking state [ 329.281059][ T5896] bridge0: port 2(bridge_slave_1) entered disabled state [ 329.289490][ T5896] bridge_slave_1: entered allmulticast mode [ 329.299103][ T5896] bridge_slave_1: entered promiscuous mode [ 329.397935][ T1583] usb usb2-port1: unable to enumerate USB device [ 329.400046][ T5744] veth0_macvtap: entered promiscuous mode [ 329.458550][ T5744] veth1_macvtap: entered promiscuous mode [ 329.516190][ T5744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.527051][ T5744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.538566][ T5744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.550137][ T5744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.564689][ T5744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.579220][ T5744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.594802][ T5744] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 330.002437][ T5896] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 330.019213][ T5744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.031536][ T5744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.041903][ T5744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.052700][ T5744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.063038][ T5744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.078787][ T5744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.095783][ T5744] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 330.288890][ T5896] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 330.684338][ T5896] team0: Port device team_slave_0 added [ 330.714010][ T5744] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.723996][ T5744] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.733398][ T5744] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.742568][ T5744] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.832524][ T5896] team0: Port device team_slave_1 added [ 331.066122][ T5997] loop0: detected capacity change from 0 to 256 [ 331.444954][ T5896] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 331.448427][ T6011] FAULT_INJECTION: forcing a failure. [ 331.448427][ T6011] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 331.453768][ T5896] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 331.465874][ T6011] CPU: 1 UID: 0 PID: 6011 Comm: syz.1.194 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 331.491717][ T5896] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 331.502146][ T6011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 331.502241][ T6011] Call Trace: [ 331.502301][ T6011] [ 331.502361][ T6011] dump_stack_lvl+0x216/0x2d0 [ 331.502560][ T6011] dump_stack+0x1e/0x30 [ 331.502732][ T6011] should_fail_ex+0x748/0x7f0 [ 331.502933][ T6011] should_fail+0x2a/0x40 [ 331.503105][ T6011] should_fail_usercopy+0x2e/0x40 [ 331.503307][ T6011] _copy_to_user+0x33/0x110 [ 331.503494][ T6011] simple_read_from_buffer+0x199/0x340 [ 331.503680][ T6011] proc_fail_nth_read+0x1e5/0x2c0 [ 331.503887][ T6011] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 331.504081][ T6011] vfs_read+0x29b/0xf60 [ 331.504265][ T6011] ? kmsan_get_metadata+0x13e/0x1c0 [ 331.504424][ T6011] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 331.504658][ T6011] ksys_read+0x24f/0x4c0 [ 331.504844][ T6011] __ia32_sys_read+0x91/0xe0 [ 331.505030][ T6011] ia32_sys_call+0x15e2/0x40d0 [ 331.505246][ T6011] __do_fast_syscall_32+0xb0/0x110 [ 331.505446][ T6011] ? irqentry_exit+0x16/0x60 [ 331.505620][ T6011] do_fast_syscall_32+0x38/0x80 [ 331.505809][ T6011] do_SYSENTER_32+0x1f/0x30 [ 331.505992][ T6011] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 331.506179][ T6011] RIP: 0023:0xf740d579 [ 331.506293][ T6011] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 331.551796][ T5896] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 331.551878][ T5896] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 331.556896][ T6011] RSP: 002b:00000000f56f65a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 331.557064][ T6011] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56f6620 [ 331.557178][ T6011] RDX: 000000000000000f RSI: 00000000f73fbff4 RDI: 0000000000000000 [ 331.557281][ T6011] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 331.557380][ T6011] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 331.561936][ T5896] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 331.567459][ T6011] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 331.567583][ T6011] [ 332.105838][ T6014] loop1: detected capacity change from 0 to 8 [ 332.175426][ T5896] hsr_slave_0: entered promiscuous mode [ 332.185163][ T1583] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 332.211717][ T6014] unable to read inode lookup table [ 332.218176][ T5896] hsr_slave_1: entered promiscuous mode [ 332.232693][ T5896] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 332.240774][ T5896] Cannot create hsr debugfs directory [ 332.467646][ T1583] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 332.477324][ T1583] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.485638][ T1583] usb 4-1: Product: syz [ 332.490230][ T1583] usb 4-1: Manufacturer: syz [ 332.495112][ T1583] usb 4-1: SerialNumber: syz [ 332.802169][ T1583] r8152-cfgselector 4-1: Unknown version 0x0000 [ 332.809548][ T1583] r8152-cfgselector 4-1: config 0 descriptor?? [ 333.012459][ T5251] usb 1-1: new full-speed USB device number 11 using dummy_hcd [ 333.043496][ T6021] FAULT_INJECTION: forcing a failure. [ 333.043496][ T6021] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 333.057681][ T6021] CPU: 0 UID: 0 PID: 6021 Comm: syz.1.197 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 333.068626][ T6021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 333.078965][ T6021] Call Trace: [ 333.082548][ T6021] [ 333.085694][ T6021] dump_stack_lvl+0x216/0x2d0 [ 333.090734][ T6021] dump_stack+0x1e/0x30 [ 333.095226][ T6021] should_fail_ex+0x748/0x7f0 [ 333.100267][ T6021] should_fail+0x2a/0x40 [ 333.104850][ T6021] should_fail_usercopy+0x2e/0x40 [ 333.110247][ T6021] _copy_from_user+0x33/0x160 [ 333.115280][ T6021] do_vfs_ioctl+0x18d5/0x3e80 [ 333.120312][ T6021] ? tomoyo_file_ioctl+0x3f/0x50 [ 333.125600][ T6021] __se_compat_sys_ioctl+0x69d/0x1080 [ 333.131418][ T6021] ? fput+0x286/0x320 [ 333.135710][ T6021] ? ksys_write+0x405/0x4c0 [ 333.140555][ T6021] ? ksys_write+0x416/0x4c0 [ 333.145400][ T6021] ? kmsan_get_metadata+0x13e/0x1c0 [ 333.150931][ T6021] __ia32_compat_sys_ioctl+0x93/0xe0 [ 333.156597][ T6021] ia32_sys_call+0x32a2/0x40d0 [ 333.161746][ T6021] __do_fast_syscall_32+0xb0/0x110 [ 333.167314][ T6021] ? irqentry_exit+0x16/0x60 [ 333.172238][ T6021] do_fast_syscall_32+0x38/0x80 [ 333.177439][ T6021] do_SYSENTER_32+0x1f/0x30 [ 333.182290][ T6021] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 333.188978][ T6021] RIP: 0023:0xf740d579 [ 333.193351][ T6021] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 333.213409][ T6021] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 333.222202][ T6021] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004030582b [ 333.230468][ T6021] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 333.238719][ T6021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 333.246968][ T6021] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 333.255204][ T6021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 333.263472][ T6021] [ 333.280287][ T5251] usb 1-1: device descriptor read/64, error -71 [ 333.557501][ T5251] usb 1-1: new full-speed USB device number 12 using dummy_hcd [ 333.568566][ T6004] netlink: 12 bytes leftover after parsing attributes in process `syz.3.193'. [ 333.778179][ T5251] usb 1-1: device descriptor read/64, error -71 [ 333.899169][ T5251] usb usb1-port1: attempt power cycle [ 334.096404][ T8] r8152-cfgselector 4-1: USB disconnect, device number 4 [ 334.312085][ T5251] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 334.384735][ T5251] usb 1-1: device descriptor read/8, error -71 [ 334.663480][ T5896] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 334.679797][ T5251] usb 1-1: new full-speed USB device number 14 using dummy_hcd [ 334.738532][ T5251] usb 1-1: device descriptor read/8, error -71 [ 334.794817][ T5896] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 334.853337][ T5251] usb usb1-port1: unable to enumerate USB device [ 334.889114][ T5896] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 334.940203][ T5896] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 336.168436][ T5896] 8021q: adding VLAN 0 to HW filter on device bond0 [ 336.381787][ T5896] 8021q: adding VLAN 0 to HW filter on device team0 [ 336.431162][ T3072] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.439058][ T3072] bridge0: port 1(bridge_slave_0) entered forwarding state [ 336.455441][ T3072] bridge0: port 2(bridge_slave_1) entered blocking state [ 336.463305][ T3072] bridge0: port 2(bridge_slave_1) entered forwarding state [ 336.582112][ T6055] loop3: detected capacity change from 0 to 256 [ 336.733785][ T5896] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 336.744624][ T5896] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 339.037510][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 339.241322][ T5896] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 339.248198][ T8] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 339.248388][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.248538][ T8] usb 2-1: Product: syz [ 339.270672][ T8] usb 2-1: Manufacturer: syz [ 339.275571][ T8] usb 2-1: SerialNumber: syz [ 339.392048][ T8] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 339.530439][ T4582] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 339.638546][ T1045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 339.639418][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 339.646554][ T1045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 339.663823][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 340.297979][ T6092] loop0: detected capacity change from 0 to 256 [ 340.634789][ T1583] usb 2-1: USB disconnect, device number 7 [ 340.671046][ T4582] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 340.678948][ T4582] ath9k_htc: Failed to initialize the device [ 340.698805][ T1583] usb 2-1: ath9k_htc: USB layer deinitialized [ 341.202615][ T6105] Bluetooth: MGMT ver 1.23 [ 341.877537][ T5187] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 341.886222][ T5187] Bluetooth: hci2: Injecting HCI hardware error event [ 341.894376][ T5187] Bluetooth: hci2: hardware error 0x00 [ 342.031113][ T5896] veth0_vlan: entered promiscuous mode [ 342.070765][ T6107] loop0: detected capacity change from 0 to 2048 [ 342.073290][ T5896] veth1_vlan: entered promiscuous mode [ 342.231530][ T6117] FAULT_INJECTION: forcing a failure. [ 342.231530][ T6117] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.245230][ T6117] CPU: 0 UID: 0 PID: 6117 Comm: syz.1.220 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 342.256175][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 342.261856][ T5896] veth0_macvtap: entered promiscuous mode [ 342.266375][ T6117] Call Trace: [ 342.266434][ T6117] [ 342.278799][ T6117] dump_stack_lvl+0x216/0x2d0 [ 342.283844][ T6117] dump_stack+0x1e/0x30 [ 342.288341][ T6117] should_fail_ex+0x748/0x7f0 [ 342.291105][ T5896] veth1_macvtap: entered promiscuous mode [ 342.293275][ T6117] should_fail+0x2a/0x40 [ 342.303602][ T6117] should_fail_usercopy+0x2e/0x40 [ 342.308984][ T6117] _copy_from_user+0x33/0x160 [ 342.314130][ T6117] get_compat_msghdr+0x66/0x720 [ 342.319335][ T6117] ? kmsan_get_metadata+0x13e/0x1c0 [ 342.324854][ T6117] ___sys_sendmsg+0x1a4/0x3c0 [ 342.329869][ T6117] ? kmsan_get_metadata+0x13e/0x1c0 [ 342.335387][ T6117] ? kmsan_get_metadata+0x13e/0x1c0 [ 342.340894][ T6117] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 342.347044][ T6117] ? __rcu_read_unlock+0x7b/0xe0 [ 342.352324][ T6117] ? __fget_files+0x4f5/0x5c0 [ 342.357365][ T6117] ? kmsan_get_metadata+0x13e/0x1c0 [ 342.362892][ T6117] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 342.369045][ T6117] __sys_sendmsg+0x252/0x3c0 [ 342.373994][ T6117] ? fput+0x286/0x320 [ 342.378293][ T6117] ? ksys_write+0x405/0x4c0 [ 342.379618][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.383040][ T6117] ? ksys_write+0x416/0x4c0 [ 342.393624][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.398077][ T6117] ? kmsan_get_metadata+0x13e/0x1c0 [ 342.398250][ T6117] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 342.398456][ T6117] ia32_sys_call+0x3aac/0x40d0 [ 342.408366][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.413623][ T6117] __do_fast_syscall_32+0xb0/0x110 [ 342.419222][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.423953][ T6117] ? irqentry_exit+0x16/0x60 [ 342.434558][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.439638][ T6117] do_fast_syscall_32+0x38/0x80 [ 342.450682][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.454224][ T6117] do_SYSENTER_32+0x1f/0x30 [ 342.454394][ T6117] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.454575][ T6117] RIP: 0023:0xf740d579 [ 342.454693][ T6117] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 342.454833][ T6117] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 342.454990][ T6117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200002c0 [ 342.455098][ T6117] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 342.455206][ T6117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.455306][ T6117] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 342.455408][ T6117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.455529][ T6117] [ 342.578396][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.593038][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.609958][ T5896] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 342.710388][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.721334][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.732197][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.743015][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.753272][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.769810][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.781713][ T5896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.792977][ T5896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.808399][ T5896] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 342.860160][ T6107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 342.924943][ T6118] netlink: 32 bytes leftover after parsing attributes in process `syz.3.219'. [ 342.992061][ T5896] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.001460][ T5896] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.010723][ T5896] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.019939][ T5896] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.184724][ T5181] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.418486][ T5251] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 343.659885][ T5251] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 343.671326][ T5251] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 343.681682][ T5251] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 343.693626][ T5251] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.907944][ T5251] usb 4-1: config 0 descriptor?? [ 343.962947][ T6131] loop1: detected capacity change from 0 to 2048 [ 344.007598][ T5187] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 344.063577][ T6126] netlink: 'syz.2.223': attribute type 29 has an invalid length. [ 344.090703][ T6126] loop2: detected capacity change from 0 to 64 [ 344.273002][ T6118] Cannot find del_set index 0 as target [ 344.274721][ T5881] loop1: p1 < > p2 p3 < p5 > p4 [ 344.284228][ T5881] loop1: partition table partially beyond EOD, truncated [ 344.288827][ T6126] MINIX-fs: bad superblock [ 344.294235][ T5881] loop1: p1 start 4278190080 is beyond EOD, truncated [ 344.309655][ T5881] loop1: p2 start 16908800 is beyond EOD, truncated [ 344.338726][ T5881] loop1: p4 start 11326 is beyond EOD, truncated [ 344.345666][ T5881] loop1: p5 start 16908800 is beyond EOD, truncated [ 344.571030][ T5251] usbhid 4-1:0.0: can't add hid device: -71 [ 344.571667][ T5251] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 344.599524][ T5251] usb 4-1: USB disconnect, device number 5 [ 344.734675][ T6131] loop1: p1 < > p2 p3 < p5 > p4 [ 344.734818][ T6131] loop1: partition table partially beyond EOD, truncated [ 344.735997][ T6131] loop1: p1 start 4278190080 is beyond EOD, truncated [ 344.736126][ T6131] loop1: p2 start 16908800 is beyond EOD, truncated [ 345.009415][ T6131] loop1: p4 start 11326 is beyond EOD, truncated [ 345.019374][ T6131] loop1: p5 start 16908800 is beyond EOD, truncated [ 345.092706][ T6138] loop2: detected capacity change from 0 to 256 [ 345.101002][ T6130] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 345.771522][ T6144] FAULT_INJECTION: forcing a failure. [ 345.771522][ T6144] name failslab, interval 1, probability 0, space 0, times 0 [ 345.785132][ T6144] CPU: 1 UID: 0 PID: 6144 Comm: syz.3.227 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 345.796051][ T6144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 345.806439][ T6144] Call Trace: [ 345.809948][ T6144] [ 345.813090][ T6144] dump_stack_lvl+0x216/0x2d0 [ 345.818087][ T6144] dump_stack+0x1e/0x30 [ 345.822535][ T6144] should_fail_ex+0x748/0x7f0 [ 345.827554][ T6144] should_failslab+0x17f/0x210 [ 345.832632][ T6144] __kmalloc_node_noprof+0x177/0xf50 [ 345.838292][ T6144] ? alloc_slab_obj_exts+0xaa/0x2d0 [ 345.843840][ T6144] ? kmsan_get_metadata+0x13e/0x1c0 [ 345.849336][ T6144] alloc_slab_obj_exts+0xaa/0x2d0 [ 345.854681][ T6144] __memcg_slab_post_alloc_hook+0xe40/0x1540 [ 345.860988][ T6144] ? kmsan_get_metadata+0x13e/0x1c0 [ 345.866469][ T6144] kmem_cache_alloc_lru_noprof+0x6f3/0xb30 [ 345.872636][ T6144] ? shmem_alloc_inode+0x5a/0xd0 [ 345.877931][ T6144] shmem_alloc_inode+0x5a/0xd0 [ 345.883020][ T6144] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 345.888804][ T6144] alloc_inode+0x86/0x460 [ 345.893454][ T6144] new_inode+0x38/0x480 [ 345.897937][ T6144] ? kmsan_get_metadata+0x13e/0x1c0 [ 345.903438][ T6144] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 345.909566][ T6144] shmem_get_inode+0x6f2/0x1940 [ 345.914769][ T6144] __shmem_file_setup+0x249/0x4d0 [ 345.920106][ T6144] shmem_file_setup+0x61/0x80 [ 345.925084][ T6144] __se_sys_memfd_create+0x8a3/0x1260 [ 345.930751][ T6144] ? ksys_write+0x416/0x4c0 [ 345.935744][ T6144] ? kmsan_get_metadata+0x13e/0x1c0 [ 345.941250][ T6144] __ia32_sys_memfd_create+0x6b/0xa0 [ 345.946829][ T6144] ia32_sys_call+0x1d0d/0x40d0 [ 345.951938][ T6144] __do_fast_syscall_32+0xb0/0x110 [ 345.957455][ T6144] ? irqentry_exit+0x16/0x60 [ 345.962339][ T6144] do_fast_syscall_32+0x38/0x80 [ 345.967483][ T6144] do_SYSENTER_32+0x1f/0x30 [ 345.972385][ T6144] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.979019][ T6144] RIP: 0023:0xf7f8f579 [ 345.983323][ T6144] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 346.003498][ T6144] RSP: 002b:00000000f571637c EFLAGS: 00000206 ORIG_RAX: 0000000000000164 [ 346.012466][ T6144] RAX: ffffffffffffffda RBX: 00000000f72f13e8 RCX: 0000000000000000 [ 346.020699][ T6144] RDX: 00000000f722fe2e RSI: 00000000f5716420 RDI: 0000000000000040 [ 346.028968][ T6144] RBP: 0000000020002180 R08: 0000000000000000 R09: 0000000000000000 [ 346.037209][ T6144] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 346.045433][ T6144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.053671][ T6144] [ 346.057095][ C1] vkms_vblank_simulate: vblank timer overrun [ 346.716994][ T5384] udevd[5384]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 346.952940][ T4582] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 347.090471][ T6154] netlink: 16 bytes leftover after parsing attributes in process `syz.1.230'. [ 347.146590][ T4582] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 347.156191][ T4582] usb 1-1: config 1 has no interface number 0 [ 347.162948][ T4582] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 347.177618][ T4582] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 347.187013][ T4582] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 14129, setting to 64 [ 347.352783][ T4582] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 347.363086][ T4582] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.374513][ T4582] usb 1-1: Product: syz [ 347.379883][ T4582] usb 1-1: Manufacturer: syz [ 347.384770][ T4582] usb 1-1: SerialNumber: syz [ 347.893926][ T6144] loop3: detected capacity change from 0 to 16384 [ 348.146372][ T6144] REISERFS warning (device loop3): sh-2011 read_super_block: can't find a reiserfs filesystem on (dev loop3, block 16, size 4096) [ 348.163045][ T6144] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 348.593222][ T6169] loop2: detected capacity change from 0 to 2048 [ 348.870057][ T4582] cdc_ncm 1-1:1.1: bind() failure [ 349.365414][ T6169] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 349.391278][ T4582] usb 1-1: USB disconnect, device number 15 [ 349.836763][ T5744] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.691616][ T6194] FAULT_INJECTION: forcing a failure. [ 350.691616][ T6194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 350.706020][ T6194] CPU: 1 UID: 0 PID: 6194 Comm: syz.2.236 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 350.716986][ T6194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 350.727414][ T6194] Call Trace: [ 350.730886][ T6194] [ 350.734002][ T6194] dump_stack_lvl+0x216/0x2d0 [ 350.738996][ T6194] dump_stack+0x1e/0x30 [ 350.743439][ T6194] should_fail_ex+0x748/0x7f0 [ 350.748464][ T6194] should_fail+0x2a/0x40 [ 350.753058][ T6194] should_fail_usercopy+0x2e/0x40 [ 350.758649][ T6194] _copy_from_user+0x33/0x160 [ 350.763698][ T6194] userfaultfd_ioctl+0x200d/0xc060 [ 350.769148][ T6194] ? tomoyo_path_number_perm+0x82d/0x8f0 [ 350.775153][ T6194] ? kmsan_get_metadata+0x13e/0x1c0 [ 350.780801][ T6194] ? kmsan_get_metadata+0x13e/0x1c0 [ 350.786278][ T6194] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 350.792373][ T6194] ? do_vfs_ioctl+0x14fc/0x3e80 [ 350.797537][ T6194] ? kmsan_get_metadata+0x13e/0x1c0 [ 350.803011][ T6194] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 350.808789][ T6194] compat_ptr_ioctl+0x7e/0xe0 [ 350.813762][ T6194] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 350.819429][ T6194] __se_compat_sys_ioctl+0x785/0x1080 [ 350.825110][ T6194] ? fput+0x286/0x320 [ 350.829360][ T6194] ? ksys_write+0x405/0x4c0 [ 350.834164][ T6194] ? ksys_write+0x416/0x4c0 [ 350.838960][ T6194] ? kmsan_get_metadata+0x13e/0x1c0 [ 350.844451][ T6194] __ia32_compat_sys_ioctl+0x93/0xe0 [ 350.850045][ T6194] ia32_sys_call+0x32a2/0x40d0 [ 350.855177][ T6194] __do_fast_syscall_32+0xb0/0x110 [ 350.860614][ T6194] ? irqentry_exit+0x16/0x60 [ 350.865670][ T6194] do_fast_syscall_32+0x38/0x80 [ 350.870826][ T6194] do_SYSENTER_32+0x1f/0x30 [ 350.875635][ T6194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 350.882274][ T6194] RIP: 0023:0xf743d579 [ 350.886579][ T6194] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 350.906489][ T6194] RSP: 002b:00000000f572656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 350.915228][ T6194] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c020aa07 [ 350.923494][ T6194] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 350.931715][ T6194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 350.940018][ T6194] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 350.948236][ T6194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 350.956465][ T6194] [ 350.959889][ C1] vkms_vblank_simulate: vblank timer overrun [ 351.511016][ T6201] netlink: 16 bytes leftover after parsing attributes in process `syz.2.241'. [ 351.729553][ T6196] loop1: detected capacity change from 0 to 4096 [ 351.793408][ T6196] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 352.050717][ T6196] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 352.096231][ T6196] ntfs3: loop1: Failed to load $Extend (-22). [ 352.102949][ T6196] ntfs3: loop1: Failed to initialize $Extend. [ 352.209844][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 352.216712][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 352.362812][ T4223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 352.371228][ T4223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.653231][ T3006] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 352.661655][ T3006] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.727680][ T6209] sch_tbf: burst 4 is lower than device lo mtu (65550) ! [ 352.837767][ T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 353.135945][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 353.147694][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 353.158027][ T25] usb 3-1: New USB device found, idVendor=056a, idProduct=0325, bcdDevice= 0.00 [ 353.167553][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.285497][ T25] usb 3-1: config 0 descriptor?? [ 354.068211][ T25] wacom 0003:056A:0325.0004: item fetching failed at offset 5/7 [ 354.148420][ T25] wacom 0003:056A:0325.0004: parse failed [ 354.155339][ T25] wacom 0003:056A:0325.0004: probe with driver wacom failed with error -22 [ 354.236121][ T6223] FAULT_INJECTION: forcing a failure. [ 354.236121][ T6223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 354.249847][ T6223] CPU: 0 UID: 0 PID: 6223 Comm: syz.0.244 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 354.260810][ T6223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 354.271162][ T6223] Call Trace: [ 354.271346][ T25] usb 3-1: USB disconnect, device number 3 [ 354.274568][ T6223] [ 354.274630][ T6223] dump_stack_lvl+0x216/0x2d0 [ 354.288678][ T6223] dump_stack+0x1e/0x30 [ 354.293191][ T6223] should_fail_ex+0x748/0x7f0 [ 354.298245][ T6223] should_fail+0x2a/0x40 [ 354.302836][ T6223] should_fail_usercopy+0x2e/0x40 [ 354.308234][ T6223] _copy_to_user+0x33/0x110 [ 354.313107][ T6223] simple_read_from_buffer+0x199/0x340 [ 354.318960][ T6223] proc_fail_nth_read+0x1e5/0x2c0 [ 354.324359][ T6223] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 354.330247][ T6223] vfs_read+0x29b/0xf60 [ 354.334728][ T6223] ? kmsan_get_metadata+0x13e/0x1c0 [ 354.340237][ T6223] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 354.346916][ T6223] ksys_read+0x24f/0x4c0 [ 354.351476][ T6223] __ia32_sys_read+0x91/0xe0 [ 354.356367][ T6223] ia32_sys_call+0x15e2/0x40d0 [ 354.361492][ T6223] __do_fast_syscall_32+0xb0/0x110 [ 354.366918][ T6223] ? irqentry_exit+0x16/0x60 [ 354.371800][ T6223] do_fast_syscall_32+0x38/0x80 [ 354.376955][ T6223] do_SYSENTER_32+0x1f/0x30 [ 354.381765][ T6223] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 354.388400][ T6223] RIP: 0023:0xf7f57579 [ 354.392709][ T6223] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 354.412638][ T6223] RSP: 002b:00000000f56d65a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 354.421372][ T6223] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56d6620 [ 354.429600][ T6223] RDX: 000000000000000f RSI: 00000000f73dbff4 RDI: 0000000000000000 [ 354.437838][ T6223] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 354.446081][ T6223] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 354.454303][ T6223] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 354.462547][ T6223] [ 354.820556][ T4582] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 355.156638][ T4582] usb 4-1: Using ep0 maxpacket: 16 [ 355.188172][ T4582] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 355.199724][ T4582] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 355.211302][ T4582] usb 4-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 355.221735][ T4582] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.240411][ T4582] usb 4-1: config 0 descriptor?? [ 356.215422][ T6232] loop3: detected capacity change from 0 to 512 [ 356.499537][ T6248] loop4: detected capacity change from 0 to 16 [ 356.508683][ T6248] erofs: Unknown parameter 'name : pkcs1pad(rsa' [ 356.752251][ T6232] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 356.764043][ T6232] EXT4-fs (loop3): orphan cleanup on readonly fs [ 356.833074][ T6253] netlink: 16 bytes leftover after parsing attributes in process `syz.0.251'. [ 356.882487][ T6232] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 357.130938][ T6232] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 357.284547][ T6232] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #13: comm syz.3.245: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 357.367403][ T6232] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.245: couldn't read orphan inode 13 (err -117) [ 357.429281][ T6232] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 357.478095][ T6260] loop1: detected capacity change from 0 to 64 [ 357.762236][ T6264] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 357.812013][ T4582] usbhid 4-1:0.0: can't add hid device: -71 [ 357.824808][ T4582] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 357.878576][ T5189] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.899242][ T4582] usb 4-1: USB disconnect, device number 6 [ 359.628433][ T6285] loop2: detected capacity change from 0 to 256 [ 359.926021][ T6292] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 359.961883][ T6285] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 360.162707][ T6285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.264'. [ 360.246902][ T6287] loop3: detected capacity change from 0 to 4096 [ 360.438833][ T6287] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 360.606839][ T6299] netlink: 16 bytes leftover after parsing attributes in process `syz.1.269'. [ 360.775224][ T6287] ntfs3: loop3: $UpCase is corrupted. [ 361.030687][ T6302] pim6reg1: entered promiscuous mode [ 361.036310][ T6302] pim6reg1: entered allmulticast mode [ 361.472869][ T6309] FAULT_INJECTION: forcing a failure. [ 361.472869][ T6309] name failslab, interval 1, probability 0, space 0, times 0 [ 361.486728][ T6309] CPU: 0 UID: 0 PID: 6309 Comm: syz.1.273 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 361.497675][ T6309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 361.508010][ T6309] Call Trace: [ 361.511591][ T6309] [ 361.514770][ T6309] dump_stack_lvl+0x216/0x2d0 [ 361.519794][ T6309] dump_stack+0x1e/0x30 [ 361.524307][ T6309] should_fail_ex+0x748/0x7f0 [ 361.529361][ T6309] should_failslab+0x17f/0x210 [ 361.534457][ T6309] __kmalloc_noprof+0x175/0xf30 [ 361.539679][ T6309] ? sk_prot_alloc+0x143/0x440 [ 361.544767][ T6309] ? kmsan_get_metadata+0x13e/0x1c0 [ 361.550305][ T6309] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 361.556452][ T6309] sk_prot_alloc+0x143/0x440 [ 361.561392][ T6309] sk_alloc+0x55/0x850 [ 361.565774][ T6309] netlink_create+0x69c/0xac0 [ 361.570818][ T6309] ? __pfx_genl_bind+0x10/0x10 [ 361.575961][ T6309] ? __pfx_genl_unbind+0x10/0x10 [ 361.581290][ T6309] ? __pfx_genl_release+0x10/0x10 [ 361.586725][ T6309] ? __pfx_netlink_create+0x10/0x10 [ 361.592314][ T6309] __sock_create+0x772/0xd70 [ 361.597304][ T6309] __sys_socket+0x145/0x680 [ 361.602181][ T6309] ? kmsan_get_metadata+0x13e/0x1c0 [ 361.607731][ T6309] __se_compat_sys_socketcall+0xc02/0x1a20 [ 361.613941][ T6309] ? kmsan_get_metadata+0x13e/0x1c0 [ 361.619469][ T6309] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 361.625629][ T6309] __ia32_compat_sys_socketcall+0x6b/0xa0 [ 361.631745][ T6309] ia32_sys_call+0x3710/0x40d0 [ 361.637010][ T6309] __do_fast_syscall_32+0xb0/0x110 [ 361.642570][ T6309] ? irqentry_exit+0x16/0x60 [ 361.647515][ T6309] do_fast_syscall_32+0x38/0x80 [ 361.652719][ T6309] do_SYSENTER_32+0x1f/0x30 [ 361.657564][ T6309] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 361.664258][ T6309] RIP: 0023:0xf740d579 [ 361.668617][ T6309] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 361.688586][ T6309] RSP: 002b:00000000f56f54c0 EFLAGS: 00000206 ORIG_RAX: 0000000000000066 [ 361.697384][ T6309] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f56f54d0 [ 361.705737][ T6309] RDX: 00000000f73fbff4 RSI: 0000000000000000 RDI: 0000000000000000 [ 361.714012][ T6309] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000 [ 361.722363][ T6309] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 361.730624][ T6309] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 361.738898][ T6309] [ 361.843190][ T6312] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 361.868463][ T5238] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 362.082398][ T5238] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 362.093957][ T5238] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 362.103557][ T5238] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.160661][ T6314] loop3: detected capacity change from 0 to 64 [ 362.204576][ T5238] usb 3-1: config 0 descriptor?? [ 362.654659][ T5238] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor [ 362.748232][ T5238] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0005/input/input5 [ 362.902318][ T6305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 363.371641][ T5238] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 363.630489][ T6321] loop4: detected capacity change from 0 to 4096 [ 363.642499][ T6305] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 363.825055][ T6321] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 363.873648][ T6305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 364.081181][ T6305] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 364.176575][ T6305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 364.239641][ T6305] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 364.322557][ T6305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 364.333522][ T6321] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 364.390528][ T6321] ntfs3: loop4: Failed to load $Extend (-22). [ 364.397864][ T6321] ntfs3: loop4: Failed to initialize $Extend. [ 364.438746][ T6305] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 364.516889][ T5185] Bluetooth: hci0: command 0x0406 tx timeout [ 364.519799][ T5187] Bluetooth: hci1: command 0x0406 tx timeout [ 364.871248][ T6305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 364.907814][ T6305] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 365.285656][ T5238] usb 3-1: USB disconnect, device number 4 [ 365.860132][ T6341] FAULT_INJECTION: forcing a failure. [ 365.860132][ T6341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 365.873907][ T6341] CPU: 0 UID: 0 PID: 6341 Comm: syz.2.284 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 365.885050][ T6341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 365.895373][ T6341] Call Trace: [ 365.898852][ T6341] [ 365.901968][ T6341] dump_stack_lvl+0x216/0x2d0 [ 365.906982][ T6341] dump_stack+0x1e/0x30 [ 365.911462][ T6341] should_fail_ex+0x748/0x7f0 [ 365.916461][ T6341] should_fail+0x2a/0x40 [ 365.921016][ T6341] should_fail_usercopy+0x2e/0x40 [ 365.926440][ T6341] _copy_from_user+0x33/0x160 [ 365.931415][ T6341] get_compat_msghdr+0x66/0x720 [ 365.936577][ T6341] ? kmsan_get_metadata+0x13e/0x1c0 [ 365.942088][ T6341] ___sys_sendmsg+0x1a4/0x3c0 [ 365.947067][ T6341] ? kmsan_get_metadata+0x13e/0x1c0 [ 365.952552][ T6341] ? kmsan_get_metadata+0x13e/0x1c0 [ 365.958033][ T6341] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 365.964132][ T6341] ? __rcu_read_unlock+0x7b/0xe0 [ 365.969373][ T6341] ? __fget_files+0x4f5/0x5c0 [ 365.974402][ T6341] ? kmsan_get_metadata+0x13e/0x1c0 [ 365.979892][ T6341] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 365.986002][ T6341] __sys_sendmsg+0x252/0x3c0 [ 365.990880][ T6341] ? fput+0x286/0x320 [ 365.995232][ T6341] ? ksys_write+0x405/0x4c0 [ 366.000121][ T6341] ? ksys_write+0x416/0x4c0 [ 366.004916][ T6341] ? kmsan_get_metadata+0x13e/0x1c0 [ 366.010402][ T6341] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 366.016196][ T6341] ia32_sys_call+0x3aac/0x40d0 [ 366.022046][ T6341] __do_fast_syscall_32+0xb0/0x110 [ 366.027490][ T6341] ? irqentry_exit+0x16/0x60 [ 366.032472][ T6341] do_fast_syscall_32+0x38/0x80 [ 366.037631][ T6341] do_SYSENTER_32+0x1f/0x30 [ 366.042430][ T6341] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.049060][ T6341] RIP: 0023:0xf743d579 [ 366.053362][ T6341] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 366.073269][ T6341] RSP: 002b:00000000f572656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 366.081990][ T6341] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001240 [ 366.090221][ T6341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 366.098513][ T6341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 366.106716][ T6341] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 366.114924][ T6341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 366.123162][ T6341] [ 366.310498][ T6343] FAULT_INJECTION: forcing a failure. [ 366.310498][ T6343] name failslab, interval 1, probability 0, space 0, times 0 [ 366.327865][ T6343] CPU: 1 UID: 0 PID: 6343 Comm: syz.4.285 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 366.338827][ T6343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 366.349173][ T6343] Call Trace: [ 366.352658][ T6343] [ 366.355778][ T6343] dump_stack_lvl+0x216/0x2d0 [ 366.360793][ T6343] dump_stack+0x1e/0x30 [ 366.365336][ T6343] should_fail_ex+0x748/0x7f0 [ 366.370334][ T6343] should_failslab+0x17f/0x210 [ 366.375383][ T6343] kmem_cache_alloc_node_noprof+0xeb/0xb80 [ 366.381513][ T6343] ? __alloc_skb+0x1e9/0x7b0 [ 366.386406][ T6343] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 366.392497][ T6343] __alloc_skb+0x1e9/0x7b0 [ 366.397225][ T6343] netlink_alloc_large_skb+0x1b4/0x280 [ 366.403012][ T6343] netlink_sendmsg+0xa96/0x11e0 [ 366.408183][ T6343] ? __pfx_netlink_sendmsg+0x10/0x10 [ 366.413775][ T6343] ? __pfx_netlink_sendmsg+0x10/0x10 [ 366.419382][ T6343] __sock_sendmsg+0x30f/0x380 [ 366.424416][ T6343] ____sys_sendmsg+0x877/0xb60 [ 366.429509][ T6343] ___sys_sendmsg+0x28d/0x3c0 [ 366.434507][ T6343] ? kmsan_get_metadata+0x13e/0x1c0 [ 366.439993][ T6343] ? kmsan_get_metadata+0x13e/0x1c0 [ 366.445476][ T6343] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 366.451579][ T6343] ? __rcu_read_unlock+0x7b/0xe0 [ 366.456831][ T6343] ? __fget_files+0x4f5/0x5c0 [ 366.461843][ T6343] ? kmsan_get_metadata+0x13e/0x1c0 [ 366.467357][ T6343] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 366.473450][ T6343] __sys_sendmsg+0x252/0x3c0 [ 366.478334][ T6343] ? perf_mmap+0x14e0/0x28d0 [ 366.483231][ T6343] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 366.489011][ T6343] ia32_sys_call+0x3aac/0x40d0 [ 366.494098][ T6343] __do_fast_syscall_32+0xb0/0x110 [ 366.499547][ T6343] ? irqentry_exit+0x16/0x60 [ 366.504421][ T6343] do_fast_syscall_32+0x38/0x80 [ 366.509579][ T6343] do_SYSENTER_32+0x1f/0x30 [ 366.514379][ T6343] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.521019][ T6343] RIP: 0023:0xf7f81579 [ 366.525352][ T6343] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 366.545290][ T6343] RSP: 002b:00000000f570656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 366.554029][ T6343] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200002c0 [ 366.562278][ T6343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 366.570509][ T6343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 366.578728][ T6343] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 366.586929][ T6343] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 366.595158][ T6343] [ 366.598401][ C1] vkms_vblank_simulate: vblank timer overrun [ 366.891855][ T6345] loop0: detected capacity change from 0 to 64 [ 367.319081][ T6351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.289'. [ 367.831265][ T6351] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 368.209791][ T6353] loop0: detected capacity change from 0 to 2048 [ 368.276205][ T6353] NILFS: invalid option "cp=5": read-only option is not specified [ 368.301384][ T6365] FAULT_INJECTION: forcing a failure. [ 368.301384][ T6365] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 368.315185][ T6365] CPU: 0 UID: 0 PID: 6365 Comm: syz.3.294 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 368.326139][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 368.336489][ T6365] Call Trace: [ 368.339996][ T6365] [ 368.343150][ T6365] dump_stack_lvl+0x216/0x2d0 [ 368.348280][ T6365] dump_stack+0x1e/0x30 [ 368.352910][ T6365] should_fail_ex+0x748/0x7f0 [ 368.357952][ T6365] should_fail+0x2a/0x40 [ 368.362552][ T6365] should_fail_usercopy+0x2e/0x40 [ 368.367952][ T6365] _copy_from_iter+0x1d8/0x2b40 [ 368.373147][ T6365] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 368.379294][ T6365] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 368.385485][ T6365] ? skb_put+0x189/0x230 [ 368.390071][ T6365] netlink_sendmsg+0xc1d/0x11e0 [ 368.395297][ T6365] ? __pfx_netlink_sendmsg+0x10/0x10 [ 368.401036][ T6365] ? __pfx_netlink_sendmsg+0x10/0x10 [ 368.406678][ T6365] __sock_sendmsg+0x30f/0x380 [ 368.411725][ T6365] ____sys_sendmsg+0x877/0xb60 [ 368.416862][ T6365] ___sys_sendmsg+0x28d/0x3c0 [ 368.421874][ T6365] ? kmsan_get_metadata+0x13e/0x1c0 [ 368.427393][ T6365] ? kmsan_get_metadata+0x13e/0x1c0 [ 368.432919][ T6365] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 368.439078][ T6365] ? __rcu_read_unlock+0x7b/0xe0 [ 368.444379][ T6365] ? __fget_files+0x4f5/0x5c0 [ 368.449460][ T6365] ? kmsan_get_metadata+0x13e/0x1c0 [ 368.454998][ T6365] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 368.461159][ T6365] __sys_sendmsg+0x252/0x3c0 [ 368.466093][ T6365] ? perf_mmap+0x14e0/0x28d0 [ 368.471054][ T6365] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 368.476890][ T6365] ia32_sys_call+0x3aac/0x40d0 [ 368.482036][ T6365] __do_fast_syscall_32+0xb0/0x110 [ 368.487509][ T6365] ? irqentry_exit+0x16/0x60 [ 368.492543][ T6365] do_fast_syscall_32+0x38/0x80 [ 368.497748][ T6365] do_SYSENTER_32+0x1f/0x30 [ 368.502640][ T6365] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 368.509319][ T6365] RIP: 0023:0xf7f8f579 [ 368.513684][ T6365] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 368.533740][ T6365] RSP: 002b:00000000f571656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 368.542576][ T6365] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004440 [ 368.550868][ T6365] RDX: 0000000000048000 RSI: 0000000000000000 RDI: 0000000000000000 [ 368.559143][ T6365] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 368.567408][ T6365] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 368.575680][ T6365] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 368.584050][ T6365] [ 369.049707][ T5238] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 369.307374][ T29] audit: type=1326 audit(1727987675.721:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.329930][ T29] audit: type=1326 audit(1727987675.721:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.351780][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.358616][ T29] audit: type=1326 audit(1727987675.731:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.381406][ T29] audit: type=1326 audit(1727987675.731:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.403477][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.414613][ T29] audit: type=1326 audit(1727987675.731:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.436635][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.443429][ T29] audit: type=1326 audit(1727987675.731:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.465357][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.476953][ T29] audit: type=1326 audit(1727987675.731:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.498849][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.511067][ T29] audit: type=1326 audit(1727987675.731:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.533014][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.540459][ T29] audit: type=1326 audit(1727987675.731:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.563096][ T29] audit: type=1326 audit(1727987675.741:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 369.585047][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.759168][ T5238] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 369.771051][ T5238] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 369.781465][ T5238] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 369.784677][ T5244] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 369.790868][ T5238] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.907144][ T5238] usb 1-1: config 0 descriptor?? [ 370.008019][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 370.048055][ T5238] usb 1-1: can't set config #0, error -71 [ 370.075678][ T5244] usb 3-1: config 0 has no interfaces? [ 370.081776][ T5244] usb 3-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice=65.8c [ 370.091474][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 370.098826][ T5238] usb 1-1: USB disconnect, device number 16 [ 370.252162][ T25] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 370.261535][ T25] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 370.272213][ T25] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 370.281606][ T25] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 370.284503][ T5244] usb 3-1: config 0 descriptor?? [ 370.593241][ T25] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 370.603273][ T25] usb 2-1: New USB device strings: Mfr=1, Product=226, SerialNumber=216 [ 370.612329][ T25] usb 2-1: Product: syz [ 370.620169][ T25] usb 2-1: Manufacturer: syz [ 370.625075][ T25] usb 2-1: SerialNumber: syz [ 370.645722][ T6380] loop3: detected capacity change from 0 to 8 [ 370.694459][ T6380] SQUASHFS error: Unable to read inode 0x11f [ 370.771994][ T25] cdc_ncm 2-1:1.0: skipping garbage [ 370.777794][ T25] cdc_ncm 2-1:1.0: invalid descriptor buffer length [ 370.784736][ T25] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 370.792065][ T25] cdc_ncm 2-1:1.0: bind() failure [ 370.808579][ T5251] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 370.904100][ T6373] loop2: detected capacity change from 0 to 64 [ 371.046337][ T5251] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 371.056157][ T5251] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.064794][ T5251] usb 5-1: Product: syz [ 371.069647][ T5251] usb 5-1: Manufacturer: syz [ 371.074537][ T5251] usb 5-1: SerialNumber: syz [ 371.094722][ T6373] coredump: 52(syz.2.298): Core dump to core aborted: cannot preserve file permissions [ 371.134129][ T5251] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 371.192440][ T25] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 371.754512][ T4582] usb 3-1: USB disconnect, device number 5 [ 372.807860][ T5244] usb 5-1: USB disconnect, device number 10 [ 372.840959][ T25] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 372.850087][ T25] ath9k_htc: Failed to initialize the device [ 372.864454][ T5244] usb 5-1: ath9k_htc: USB layer deinitialized [ 373.048789][ T4582] usb 2-1: USB disconnect, device number 8 [ 374.541745][ T6402] FAULT_INJECTION: forcing a failure. [ 374.541745][ T6402] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 374.555612][ T6402] CPU: 1 UID: 0 PID: 6402 Comm: syz.1.307 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 374.566567][ T6402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 374.576923][ T6402] Call Trace: [ 374.580429][ T6402] [ 374.583584][ T6402] dump_stack_lvl+0x216/0x2d0 [ 374.588630][ T6402] dump_stack+0x1e/0x30 [ 374.593139][ T6402] should_fail_ex+0x748/0x7f0 [ 374.598181][ T6402] should_fail+0x2a/0x40 [ 374.602752][ T6402] should_fail_usercopy+0x2e/0x40 [ 374.608198][ T6402] _copy_to_user+0x33/0x110 [ 374.613068][ T6402] simple_read_from_buffer+0x199/0x340 [ 374.618923][ T6402] proc_fail_nth_read+0x1e5/0x2c0 [ 374.624610][ T6402] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 374.630553][ T6402] vfs_read+0x29b/0xf60 [ 374.635105][ T6402] ? kmsan_get_metadata+0x13e/0x1c0 [ 374.640643][ T6402] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 374.647601][ T6402] ksys_read+0x24f/0x4c0 [ 374.652302][ T6402] __ia32_sys_read+0x91/0xe0 [ 374.657250][ T6402] ia32_sys_call+0x15e2/0x40d0 [ 374.662587][ T6402] __do_fast_syscall_32+0xb0/0x110 [ 374.668080][ T6402] ? irqentry_exit+0x16/0x60 [ 374.673030][ T6402] do_fast_syscall_32+0x38/0x80 [ 374.678251][ T6402] do_SYSENTER_32+0x1f/0x30 [ 374.683110][ T6402] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 374.689932][ T6402] RIP: 0023:0xf740d579 [ 374.694285][ T6402] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 374.714262][ T6402] RSP: 002b:00000000f56f65a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 374.723058][ T6402] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56f6620 [ 374.731375][ T6402] RDX: 000000000000000f RSI: 00000000f73fbff4 RDI: 0000000000000000 [ 374.739638][ T6402] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 374.747900][ T6402] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 374.756175][ T6402] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 374.764504][ T6402] [ 375.542226][ T6419] FAULT_INJECTION: forcing a failure. [ 375.542226][ T6419] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 375.556760][ T6419] CPU: 1 UID: 0 PID: 6419 Comm: syz.1.313 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 375.567724][ T6419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 375.578349][ T6419] Call Trace: [ 375.581947][ T6419] [ 375.585109][ T6419] dump_stack_lvl+0x216/0x2d0 [ 375.590144][ T6419] dump_stack+0x1e/0x30 [ 375.594642][ T6419] should_fail_ex+0x748/0x7f0 [ 375.599703][ T6419] should_fail+0x2a/0x40 [ 375.604295][ T6419] should_fail_usercopy+0x2e/0x40 [ 375.609678][ T6419] _copy_to_user+0x33/0x110 [ 375.614547][ T6419] simple_read_from_buffer+0x199/0x340 [ 375.620446][ T6419] proc_fail_nth_read+0x1e5/0x2c0 [ 375.625845][ T6419] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 375.631769][ T6419] vfs_read+0x29b/0xf60 [ 375.636372][ T6419] ? kmsan_get_metadata+0x13e/0x1c0 [ 375.641931][ T6419] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 375.648715][ T6419] ksys_read+0x24f/0x4c0 [ 375.653436][ T6419] __ia32_sys_read+0x91/0xe0 [ 375.658413][ T6419] ia32_sys_call+0x15e2/0x40d0 [ 375.663573][ T6419] __do_fast_syscall_32+0xb0/0x110 [ 375.669091][ T6419] ? irqentry_exit+0x16/0x60 [ 375.674023][ T6419] do_fast_syscall_32+0x38/0x80 [ 375.679244][ T6419] do_SYSENTER_32+0x1f/0x30 [ 375.684102][ T6419] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 375.690802][ T6419] RIP: 0023:0xf740d579 [ 375.695168][ T6419] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 375.715147][ T6419] RSP: 002b:00000000f56f65a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 375.723968][ T6419] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f56f6620 [ 375.732253][ T6419] RDX: 000000000000000f RSI: 00000000f73fbff4 RDI: 0000000000000000 [ 375.740525][ T6419] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 375.748889][ T6419] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 375.757208][ T6419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 375.765495][ T6419] [ 375.866306][ T6430] netlink: 16 bytes leftover after parsing attributes in process `syz.0.312'. [ 376.787127][ T6438] loop2: detected capacity change from 0 to 512 [ 376.859390][ T6438] EXT4-fs (loop2): invalid journal inode [ 376.987611][ T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 377.230788][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 377.242620][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 377.462683][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 377.479064][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 377.524539][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 377.536110][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 377.548793][ T8] usb 5-1: New USB device found, idVendor=05a8, idProduct=0269, bcdDevice= 0.00 [ 377.559883][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.671030][ T8] usb 5-1: config 0 descriptor?? [ 377.840424][ T6452] loop0: detected capacity change from 0 to 16 [ 378.160170][ T6452] erofs: (device loop0): mounted with root inode @ nid 36. [ 378.568867][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 378.569033][ T29] audit: type=1326 audit(1727987685.011:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000 [ 378.669384][ T29] audit: type=1326 audit(1727987685.091:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000 [ 378.721703][ T8] hid-generic 0003:05A8:0269.0006: hidraw0: USB HID v0.00 Device [HID 05a8:0269] on usb-dummy_hcd.4-1/input0 [ 379.303285][ T6471] FAULT_INJECTION: forcing a failure. [ 379.303285][ T6471] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 379.303437][ T6471] CPU: 0 UID: 0 PID: 6471 Comm: syz.3.329 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 379.303615][ T6471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 379.303706][ T6471] Call Trace: [ 379.303764][ T6471] [ 379.303822][ T6471] dump_stack_lvl+0x216/0x2d0 [ 379.304022][ T6471] dump_stack+0x1e/0x30 [ 379.304193][ T6471] should_fail_ex+0x748/0x7f0 [ 379.304391][ T6471] should_fail+0x2a/0x40 [ 379.304566][ T6471] should_fail_usercopy+0x2e/0x40 [ 379.304761][ T6471] _copy_to_user+0x33/0x110 [ 379.304953][ T6471] simple_read_from_buffer+0x199/0x340 [ 379.305139][ T6471] proc_fail_nth_read+0x1e5/0x2c0 [ 379.305341][ T6471] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 379.305546][ T6471] vfs_read+0x29b/0xf60 [ 379.305722][ T6471] ? kmsan_get_metadata+0x13e/0x1c0 [ 379.305879][ T6471] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 379.306111][ T6471] ksys_read+0x24f/0x4c0 [ 379.306300][ T6471] __ia32_sys_read+0x91/0xe0 [ 379.306491][ T6471] ia32_sys_call+0x15e2/0x40d0 [ 379.306709][ T6471] __do_fast_syscall_32+0xb0/0x110 [ 379.306898][ T6471] ? irqentry_exit+0x16/0x60 [ 379.307068][ T6471] do_fast_syscall_32+0x38/0x80 [ 379.307250][ T6471] do_SYSENTER_32+0x1f/0x30 [ 379.307436][ T6471] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 379.307624][ T6471] RIP: 0023:0xf7f8f579 [ 379.307744][ T6471] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 379.307890][ T6471] RSP: 002b:00000000f57165a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 379.308048][ T6471] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5716620 [ 379.308162][ T6471] RDX: 000000000000000f RSI: 00000000f741bff4 RDI: 0000000000000000 [ 379.308267][ T6471] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 379.308401][ T6471] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 379.308510][ T6471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 379.308632][ T6471] [ 379.578539][ T6474] netlink: 16 bytes leftover after parsing attributes in process `syz.0.328'. [ 380.139967][ T6479] netlink: 12 bytes leftover after parsing attributes in process `syz.1.332'. [ 380.208604][ T8] usb 5-1: USB disconnect, device number 11 [ 380.975824][ T6490] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 380.976087][ T6490] macsec1: entered promiscuous mode [ 380.977107][ T6490] macsec1: entered allmulticast mode [ 380.977450][ T6490] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 392.560540][ T6507] random: crng reseeded on system resumption [ 392.712562][ T6505] process 'syz.1.340' launched '/dev/fd/3' with NULL argv: empty string added [ 393.009214][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 393.028112][ T25] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 393.111638][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 393.173558][ T6502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 393.288717][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 393.303925][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 393.315546][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 393.325931][ T25] usb 5-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 393.335673][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.400361][ T25] usb 5-1: config 0 descriptor?? [ 393.908065][ T25] cherry 0003:046A:0027.0007: unknown main item tag 0x0 [ 393.915475][ T25] cherry 0003:046A:0027.0007: unknown main item tag 0xe [ 393.923204][ T25] cherry 0003:046A:0027.0007: unknown main item tag 0x5 [ 393.930819][ T25] cherry 0003:046A:0027.0007: unknown main item tag 0x4 [ 393.938472][ T25] cherry 0003:046A:0027.0007: ignoring exceeding usage max [ 393.956498][ T25] cherry 0003:046A:0027.0007: usage index exceeded [ 393.969290][ T25] cherry 0003:046A:0027.0007: item 0 0 2 0 parsing failed [ 394.054007][ T8] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 394.054918][ T25] cherry 0003:046A:0027.0007: probe with driver cherry failed with error -22 [ 394.224295][ T25] usb 5-1: USB disconnect, device number 12 [ 394.410910][ T8] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 394.420733][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.431516][ T8] usb 1-1: Product: syz [ 394.435963][ T8] usb 1-1: Manufacturer: syz [ 394.441310][ T8] usb 1-1: SerialNumber: syz [ 394.617657][ T8] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 394.715716][ T6523] netlink: 16 bytes leftover after parsing attributes in process `syz.3.347'. [ 394.951136][ T4582] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 395.539341][ T25] usb 1-1: USB disconnect, device number 17 [ 395.994605][ T6535] loop1: detected capacity change from 0 to 512 [ 396.092614][ T6535] ext4: Unknown parameter 'context' [ 396.095287][ T6536] loop3: detected capacity change from 0 to 256 [ 396.147031][ T4582] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 396.156254][ T4582] ath9k_htc: Failed to initialize the device [ 396.177119][ T25] usb 1-1: ath9k_htc: USB layer deinitialized [ 396.322442][ T6536] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 396.969665][ T6547] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 396.977407][ T6547] macsec1: entered promiscuous mode [ 396.983854][ T6547] macsec1: entered allmulticast mode [ 396.989569][ T6547] mac80211_hwsim hwsim12 wlan0: entered allmulticast mode [ 397.024824][ T6543] loop4: detected capacity change from 0 to 24 [ 397.113856][ T6543] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 397.212656][ T29] audit: type=1804 audit(1727987703.671:87): pid=6536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.353" name="/newroot/84/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop3" ino=1048647 res=1 errno=0 [ 397.759285][ T6555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 398.745469][ T6555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 399.011556][ T6560] loop2: detected capacity change from 0 to 4096 [ 399.180656][ T6560] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 399.497033][ T6568] netlink: 16 bytes leftover after parsing attributes in process `syz.1.363'. [ 399.670317][ T6560] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 399.712309][ T6560] ntfs3: loop2: Failed to load $Extend (-22). [ 399.719310][ T6560] ntfs3: loop2: Failed to initialize $Extend. [ 400.547932][ T6577] FAULT_INJECTION: forcing a failure. [ 400.547932][ T6577] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 400.561724][ T6577] CPU: 0 UID: 0 PID: 6577 Comm: syz.4.367 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 400.572773][ T6577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 400.583135][ T6577] Call Trace: [ 400.586626][ T6577] [ 400.589760][ T6577] dump_stack_lvl+0x216/0x2d0 [ 400.594760][ T6577] dump_stack+0x1e/0x30 [ 400.599201][ T6577] should_fail_ex+0x748/0x7f0 [ 400.604191][ T6577] should_fail+0x2a/0x40 [ 400.608738][ T6577] should_fail_usercopy+0x2e/0x40 [ 400.614088][ T6577] _copy_from_iter+0x1d8/0x2b40 [ 400.619261][ T6577] ? kmsan_alloc_page+0x182/0x220 [ 400.624803][ T6577] ? __alloc_pages_noprof+0x9d6/0xe70 [ 400.630607][ T6577] ? kmsan_get_metadata+0x13e/0x1c0 [ 400.636154][ T6577] copy_page_from_iter+0x3c8/0x7e0 [ 400.641622][ T6577] pipe_write+0xd23/0x2a10 [ 400.646372][ T6577] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 400.652515][ T6577] ? __pfx_pipe_write+0x10/0x10 [ 400.657692][ T6577] do_iter_readv_writev+0x88a/0xa30 [ 400.663217][ T6577] ? kmsan_get_metadata+0x13e/0x1c0 [ 400.668695][ T6577] ? __pfx_pipe_write+0x10/0x10 [ 400.673950][ T6577] ? __pfx_pipe_write+0x10/0x10 [ 400.679139][ T6577] vfs_writev+0x56a/0x14f0 [ 400.683823][ T6577] ? do_writev+0xb5/0x5c0 [ 400.688467][ T6577] ? filter_irq_stacks+0x60/0x1a0 [ 400.694036][ T6577] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 400.700802][ T6577] ? kmsan_get_metadata+0x13e/0x1c0 [ 400.706372][ T6577] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 400.712480][ T6577] do_writev+0x251/0x5c0 [ 400.716994][ T6577] ? kmsan_get_metadata+0x13e/0x1c0 [ 400.722508][ T6577] __ia32_sys_writev+0x95/0xe0 [ 400.727635][ T6577] ia32_sys_call+0x17f1/0x40d0 [ 400.732860][ T6577] __do_fast_syscall_32+0xb0/0x110 [ 400.738287][ T6577] ? irqentry_exit+0x16/0x60 [ 400.743167][ T6577] do_fast_syscall_32+0x38/0x80 [ 400.748328][ T6577] do_SYSENTER_32+0x1f/0x30 [ 400.753146][ T6577] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 400.759793][ T6577] RIP: 0023:0xf7f81579 [ 400.764186][ T6577] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 400.784100][ T6577] RSP: 002b:00000000f570656c EFLAGS: 00000206 ORIG_RAX: 0000000000000092 [ 400.792830][ T6577] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000 [ 400.801163][ T6577] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 400.809510][ T6577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 400.817763][ T6577] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 400.825987][ T6577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 400.834230][ T6577] [ 401.033248][ T5244] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 401.226766][ T5244] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 401.241852][ T5244] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.250578][ T5244] usb 1-1: Product: syz [ 401.255033][ T5244] usb 1-1: Manufacturer: syz [ 401.260070][ T5244] usb 1-1: SerialNumber: syz [ 401.329673][ T5244] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 401.599633][ T4582] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 402.165575][ T6594] fuse: Unknown parameter 'õG³’ªåúf0x0000000000000003' [ 403.400200][ T25] usb 1-1: USB disconnect, device number 18 [ 403.481728][ T4582] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 403.493619][ T4582] ath9k_htc: Failed to initialize the device [ 403.516929][ T25] usb 1-1: ath9k_htc: USB layer deinitialized [ 403.728452][ T6605] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 403.819615][ T6606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 404.106721][ T1583] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 404.230575][ T6610] netlink: 16 bytes leftover after parsing attributes in process `syz.1.379'. [ 404.404548][ T1583] usb 4-1: New USB device found, idVendor=0711, idProduct=0210, bcdDevice=7f.d6 [ 404.418546][ T1583] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.428324][ T1583] usb 4-1: Product: syz [ 404.433111][ T1583] usb 4-1: Manufacturer: syz [ 404.438227][ T1583] usb 4-1: SerialNumber: syz [ 404.477851][ T1583] usb 4-1: config 0 descriptor?? [ 404.494782][ T1583] mct_u232 4-1:0.0: MCT U232 converter detected [ 404.504615][ T1583] mct_u232 ttyUSB0: expected endpoint missing [ 404.835737][ T6608] loop0: detected capacity change from 0 to 4096 [ 404.871163][ T6608] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 404.885950][ T1583] usb 4-1: USB disconnect, device number 8 [ 404.896292][ T1583] mct_u232 4-1:0.0: device disconnected [ 405.063751][ T6608] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 405.087844][ T6608] ntfs3: loop0: Failed to load $Extend (-22). [ 405.094377][ T6608] ntfs3: loop0: Failed to initialize $Extend. [ 407.218929][ T6639] loop0: detected capacity change from 0 to 4096 [ 407.266330][ T6639] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 407.300822][ T6640] loop2: detected capacity change from 0 to 256 [ 407.368138][ T5244] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 407.514780][ T6639] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 407.554625][ T6639] ntfs3: loop0: Failed to load $Extend (-22). [ 407.561491][ T6639] ntfs3: loop0: Failed to initialize $Extend. [ 407.569204][ T5244] usb 5-1: Using ep0 maxpacket: 8 [ 407.624457][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 407.636075][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 407.646421][ T5244] usb 5-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 407.655920][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.938499][ T5244] usb 5-1: config 0 descriptor?? [ 408.473157][ T5244] cherry 0003:046A:0027.0008: unknown main item tag 0x0 [ 408.481751][ T5244] cherry 0003:046A:0027.0008: unknown main item tag 0xe [ 408.490361][ T5244] cherry 0003:046A:0027.0008: unknown main item tag 0x5 [ 408.497811][ T5244] cherry 0003:046A:0027.0008: unknown main item tag 0x4 [ 408.511589][ T5244] cherry 0003:046A:0027.0008: ignoring exceeding usage max [ 408.533279][ T5244] cherry 0003:046A:0027.0008: usage index exceeded [ 408.540726][ T5244] cherry 0003:046A:0027.0008: item 0 0 2 0 parsing failed [ 408.796816][ T6652] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 408.831654][ T5244] cherry 0003:046A:0027.0008: probe with driver cherry failed with error -22 [ 408.918983][ T6655] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 409.079370][ T5244] usb 5-1: USB disconnect, device number 13 [ 409.205005][ T6657] netlink: 16 bytes leftover after parsing attributes in process `syz.0.393'. [ 409.246872][ T6659] netlink: 900 bytes leftover after parsing attributes in process `syz.1.395'. [ 410.991172][ T1583] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 411.222246][ T1583] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 411.231194][ T1583] usb 2-1: config 0 has no interface number 0 [ 411.237900][ T1583] usb 2-1: config 0 interface 51 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64 [ 411.249907][ T1583] usb 2-1: New USB device found, idVendor=093a, idProduct=2620, bcdDevice=7e.68 [ 411.259566][ T1583] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.299678][ T1583] usb 2-1: config 0 descriptor?? [ 411.383045][ T1583] gspca_main: gspca_pac7302-2.14.0 probing 093a:2620 [ 411.681979][ T5244] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 411.915180][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 411.927857][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 411.939169][ T5244] usb 4-1: New USB device found, idVendor=054c, idProduct=042f, bcdDevice= 0.00 [ 411.949359][ T5244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.016996][ T5244] usb 4-1: config 0 descriptor?? [ 412.085003][ T6676] loop2: detected capacity change from 0 to 4096 [ 412.161711][ T6676] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 412.234345][ T1583] gspca_pac7302: reg_w() failed i: 78 v: 40 error -71 [ 412.242137][ T1583] gspca_pac7302 2-1:0.51: probe with driver gspca_pac7302 failed with error -71 [ 412.343211][ T1583] usb 2-1: USB disconnect, device number 9 [ 412.486953][ T5244] sony 0003:054C:042F.0009: unknown main item tag 0x0 [ 412.556793][ T5244] sony 0003:054C:042F.0009: hidraw0: USB HID v0.00 Device [HID 054c:042f] on usb-dummy_hcd.3-1/input0 [ 412.568478][ T5244] sony 0003:054C:042F.0009: failed to claim input [ 412.737125][ T6676] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 412.748208][ T6676] ntfs3: loop2: Failed to load $Extend (-22). [ 412.754828][ T6676] ntfs3: loop2: Failed to initialize $Extend. [ 412.833374][ T5244] usb 4-1: USB disconnect, device number 9 [ 412.978619][ T6690] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 413.200043][ T6690] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 413.410950][ T5187] Bluetooth: hci1: unexpected event for opcode 0x0c03 [ 413.690756][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 413.697749][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 414.073231][ T1583] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 414.287851][ T1583] usb 2-1: Using ep0 maxpacket: 8 [ 414.311064][ T6705] netlink: 16 bytes leftover after parsing attributes in process `syz.2.411'. [ 414.346173][ T1583] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 414.357982][ T1583] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 414.368508][ T1583] usb 2-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 414.378071][ T1583] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.487680][ T1583] usb 2-1: config 0 descriptor?? [ 414.922117][ T1583] cherry 0003:046A:0027.000A: unknown main item tag 0x0 [ 414.931252][ T1583] cherry 0003:046A:0027.000A: unknown main item tag 0xe [ 414.939000][ T1583] cherry 0003:046A:0027.000A: unknown main item tag 0x5 [ 414.946413][ T1583] cherry 0003:046A:0027.000A: unknown main item tag 0x4 [ 414.959493][ T1583] cherry 0003:046A:0027.000A: ignoring exceeding usage max [ 414.980369][ T1583] cherry 0003:046A:0027.000A: usage index exceeded [ 414.987768][ T1583] cherry 0003:046A:0027.000A: item 0 0 2 0 parsing failed [ 415.131278][ T1583] cherry 0003:046A:0027.000A: probe with driver cherry failed with error -22 [ 415.706677][ T1583] usb 2-1: USB disconnect, device number 10 [ 423.709695][ T6807] syz.1.454[6807] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 423.710172][ T6807] syz.1.454[6807] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 423.793008][ T6807] syz.1.454[6807] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 425.950777][ T5192] Bluetooth: hci4: command 0x0406 tx timeout [ 426.345589][ T29] audit: type=1326 audit(1727987732.761:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6841 comm="syz.3.466" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x0 [ 431.490818][ T6908] sctp: failed to load transform for md5: -2 [ 431.499075][ T6909] sctp: failed to load transform for md5: -2 [ 431.512881][ T6913] sctp: failed to load transform for md5: -2 [ 431.600174][ T6917] sctp: failed to load transform for md5: -2 [ 431.730284][ T6921] sctp: failed to load transform for md5: -2 [ 431.764227][ T6911] sctp: failed to load transform for md5: -2 [ 433.496446][ T6978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.499'. [ 434.406604][ T6986] hsr_slave_0 (unregistering): left promiscuous mode [ 435.609434][ T7005] netlink: 4 bytes leftover after parsing attributes in process `syz.2.511'. [ 436.653900][ T7018] netlink: 'syz.2.516': attribute type 1 has an invalid length. [ 436.966002][ T7020] bond1: (slave ipip0): The slave device specified does not support setting the MAC address [ 436.980834][ T7020] bond1: (slave ipip0): Setting fail_over_mac to active for active-backup mode [ 437.005095][ T7020] bond1: (slave ipip0): making interface the new active one [ 437.016695][ T7020] bond1: (slave ipip0): Enslaving as an active interface with an up link [ 437.218312][ T7024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.518'. [ 437.229101][ T7024] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 437.236885][ T7024] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 437.344125][ T7024] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 437.352275][ T7024] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 438.408457][ T7037] netlink: 24 bytes leftover after parsing attributes in process `syz.3.522'. [ 439.152362][ T7056] vlan2: entered promiscuous mode [ 439.157824][ T7056] vlan2: entered allmulticast mode [ 441.032459][ T7076] netlink: 24 bytes leftover after parsing attributes in process `syz.1.537'. [ 441.533955][ T7083] dccp_xmit_packet: Payload too large (65475) for featneg. [ 442.038397][ T7095] netlink: 4 bytes leftover after parsing attributes in process `syz.3.542'. [ 442.164742][ T7092] netlink: 24 bytes leftover after parsing attributes in process `syz.1.541'. [ 442.684788][ T7103] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 444.648042][ T7142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'. [ 444.670169][ T7142] netlink: 104 bytes leftover after parsing attributes in process `syz.1.554'. [ 444.679883][ T7142] netlink: 104 bytes leftover after parsing attributes in process `syz.1.554'. [ 444.872277][ T7147] netlink: 24 bytes leftover after parsing attributes in process `syz.1.561'. [ 446.434291][ T5192] Bluetooth: hci3: command 0x0406 tx timeout [ 447.125047][ T7178] netlink: 12 bytes leftover after parsing attributes in process `syz.2.572'. [ 447.134586][ T7178] block nbd0: not configured, cannot reconfigure [ 447.904371][ T7192] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 447.912301][ T7192] tipc: Enabled bearer , priority 10 [ 448.037551][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 448.078313][ T4582] IPVS: starting estimator thread 0... [ 448.168417][ T7194] IPVS: using max 192 ests per chain, 9600 per kthread [ 448.198770][ T7195] netlink: 24 bytes leftover after parsing attributes in process `syz.2.575'. [ 448.307380][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 448.837376][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 449.144599][ T7208] netlink: 'syz.1.584': attribute type 1 has an invalid length. [ 449.532255][ T7210] bond1: (slave veth9): making interface the new active one [ 449.542923][ T7210] bond1: (slave veth9): Enslaving as an active interface with an up link [ 449.820928][ T7214] bridge_slave_1: left allmulticast mode [ 449.826920][ T7214] bridge_slave_1: left promiscuous mode [ 449.834272][ T7214] bridge0: port 2(bridge_slave_1) entered disabled state [ 449.867588][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 450.086457][ T7219] sctp: [Deprecated]: syz.3.589 (pid 7219) Use of struct sctp_assoc_value in delayed_ack socket option. [ 450.086457][ T7219] Use struct sctp_sack_info instead [ 450.170313][ T7222] netlink: 16 bytes leftover after parsing attributes in process `syz.1.590'. [ 450.185778][ T7222] netlink: 72 bytes leftover after parsing attributes in process `syz.1.590'. [ 450.219139][ T7218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.588'. [ 450.907382][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 451.485787][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.3.599'. [ 451.495185][ T7239] netlink: 'syz.3.599': attribute type 20 has an invalid length. [ 451.503449][ T7239] netlink: 'syz.3.599': attribute type 17 has an invalid length. [ 451.516321][ T7239] netlink: 32 bytes leftover after parsing attributes in process `syz.3.599'. [ 451.957354][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 452.420576][ T7249] tipc: Enabling of bearer rejected, already enabled [ 452.987362][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 454.027469][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 454.417422][ T7273] bridge0: port 1(bridge_slave_0) entered disabled state [ 454.777024][ T7273] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 454.821792][ T7273] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 455.067556][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 455.116479][ T7273] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.126074][ T7273] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.135619][ T7273] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.145100][ T7273] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.255681][ T7273] mac80211_hwsim hwsim12 wlan0: left allmulticast mode [ 455.266985][ T7273] macsec1: left promiscuous mode [ 455.273831][ T7273] macsec1: left allmulticast mode [ 456.107386][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 456.551406][ T7301] netlink: 8 bytes leftover after parsing attributes in process `syz.3.622'. [ 457.121197][ T7310] tipc: Bearer : already 2 bearers with priority 10 [ 457.129355][ T7310] tipc: Bearer : trying with adjusted priority [ 457.137781][ T7310] tipc: New replicast peer: 172.30.0.1 [ 457.147371][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 457.154539][ T7310] tipc: Enabled bearer , priority 9 [ 458.187424][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 459.227393][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 460.267393][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 461.307428][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 462.347350][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 462.500747][ T7394] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 463.387444][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 463.608722][ T7407] sch_tbf: burst 4 is lower than device lo mtu (65550) ! [ 464.427431][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 465.467388][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 466.507430][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 467.547408][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 468.587361][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 469.528508][ T7489] syz.3.700 (7489) used greatest stack depth: 5152 bytes left [ 469.627367][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 470.619110][ T7505] netlink: 24 bytes leftover after parsing attributes in process `syz.2.707'. [ 470.667342][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 471.661878][ T7514] ===================================================== [ 471.669393][ T7514] BUG: KMSAN: uninit-value in ppp_async_push+0xb4f/0x2660 [ 471.676922][ T7514] ppp_async_push+0xb4f/0x2660 [ 471.682208][ T7514] ppp_async_send+0x130/0x1b0 [ 471.687296][ T7514] ppp_input+0x1f1/0xe60 [ 471.691821][ T7514] pppoe_rcv_core+0x1d3/0x720 [ 471.696761][ T7514] sk_backlog_rcv+0x13b/0x420 [ 471.702039][ T7514] __release_sock+0x1da/0x330 [ 471.706964][ T7514] release_sock+0x6b/0x250 [ 471.707602][ C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 471.711675][ T7514] pppoe_sendmsg+0x2b8/0xb90 [ 471.723602][ T7514] __sock_sendmsg+0x30f/0x380 [ 471.729065][ T7514] ____sys_sendmsg+0x903/0xb60 [ 471.734139][ T7514] ___sys_sendmsg+0x28d/0x3c0 [ 471.739260][ T7514] __sys_sendmmsg+0x4df/0x960 [ 471.744182][ T7514] __ia32_compat_sys_sendmmsg+0xc8/0x140 [ 471.750366][ T7514] ia32_sys_call+0x406a/0x40d0 [ 471.755505][ T7514] __do_fast_syscall_32+0xb0/0x110 [ 471.761034][ T7514] do_fast_syscall_32+0x38/0x80 [ 471.766300][ T7514] do_SYSENTER_32+0x1f/0x30 [ 471.771196][ T7514] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 471.777907][ T7514] [ 471.780362][ T7514] Uninit was created at: [ 471.784983][ T7514] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 471.791286][ T7514] kmalloc_reserve+0x13d/0x4a0 [ 471.796273][ T7514] __alloc_skb+0x363/0x7b0 [ 471.801089][ T7514] sock_wmalloc+0xfe/0x1a0 [ 471.805741][ T7514] pppoe_sendmsg+0x3a7/0xb90 [ 471.810747][ T7514] __sock_sendmsg+0x30f/0x380 [ 471.815793][ T7514] ____sys_sendmsg+0x903/0xb60 [ 471.820950][ T7514] ___sys_sendmsg+0x28d/0x3c0 [ 471.825953][ T7514] __sys_sendmmsg+0x4df/0x960 [ 471.831049][ T7514] __ia32_compat_sys_sendmmsg+0xc8/0x140 [ 471.837263][ T7514] ia32_sys_call+0x406a/0x40d0 [ 471.842309][ T7514] __do_fast_syscall_32+0xb0/0x110 [ 471.847909][ T7514] do_fast_syscall_32+0x38/0x80 [ 471.853103][ T7514] do_SYSENTER_32+0x1f/0x30 [ 471.857991][ T7514] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 471.864741][ T7514] [ 471.867336][ T7514] CPU: 1 UID: 0 PID: 7514 Comm: syz.0.712 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 471.878307][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 471.888746][ T7514] ===================================================== [ 471.895854][ T7514] Disabling lock debugging due to kernel taint [ 471.902564][ T7514] Kernel panic - not syncing: kmsan.panic set ... [ 471.909182][ T7514] CPU: 1 UID: 0 PID: 7514 Comm: syz.0.712 Tainted: G B 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 471.921560][ T7514] Tainted: [B]=BAD_PAGE [ 471.925866][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 471.936130][ T7514] Call Trace: [ 471.939564][ T7514] [ 471.942659][ T7514] dump_stack_lvl+0x216/0x2d0 [ 471.947606][ T7514] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 471.953700][ T7514] dump_stack+0x1e/0x30 [ 471.958107][ T7514] panic+0x4e2/0xcf0 [ 471.962247][ T7514] ? kmsan_get_metadata+0x41/0x1c0 [ 471.967604][ T7514] kmsan_report+0x2c7/0x2d0 [ 471.972322][ T7514] ? __module_address+0x4d/0x630 [ 471.977516][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 471.982965][ T7514] ? __msan_warning+0x95/0x120 [ 471.988006][ T7514] ? ppp_async_push+0xb4f/0x2660 [ 471.993238][ T7514] ? ppp_async_send+0x130/0x1b0 [ 471.998375][ T7514] ? ppp_input+0x1f1/0xe60 [ 472.003047][ T7514] ? pppoe_rcv_core+0x1d3/0x720 [ 472.008151][ T7514] ? sk_backlog_rcv+0x13b/0x420 [ 472.013221][ T7514] ? __release_sock+0x1da/0x330 [ 472.018413][ T7514] ? release_sock+0x6b/0x250 [ 472.023224][ T7514] ? pppoe_sendmsg+0x2b8/0xb90 [ 472.028245][ T7514] ? __sock_sendmsg+0x30f/0x380 [ 472.033368][ T7514] ? ____sys_sendmsg+0x903/0xb60 [ 472.038571][ T7514] ? ___sys_sendmsg+0x28d/0x3c0 [ 472.043676][ T7514] ? __sys_sendmmsg+0x4df/0x960 [ 472.048867][ T7514] ? __ia32_compat_sys_sendmmsg+0xc8/0x140 [ 472.054959][ T7514] ? ia32_sys_call+0x406a/0x40d0 [ 472.060197][ T7514] ? __do_fast_syscall_32+0xb0/0x110 [ 472.065766][ T7514] ? do_fast_syscall_32+0x38/0x80 [ 472.071053][ T7514] ? do_SYSENTER_32+0x1f/0x30 [ 472.075988][ T7514] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 472.082860][ T7514] ? __raise_softirq_irqoff+0x37/0x130 [ 472.088638][ T7514] ? __napi_schedule_irqoff+0x2ec/0x3d0 [ 472.094447][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.099885][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.105310][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.110740][ T7514] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 472.117363][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.122783][ T7514] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 472.128834][ T7514] __msan_warning+0x95/0x120 [ 472.133707][ T7514] ppp_async_push+0xb4f/0x2660 [ 472.138906][ T7514] ppp_async_send+0x130/0x1b0 [ 472.143870][ T7514] ? __pfx_ppp_async_send+0x10/0x10 [ 472.149355][ T7514] ppp_input+0x1f1/0xe60 [ 472.153861][ T7514] pppoe_rcv_core+0x1d3/0x720 [ 472.158794][ T7514] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 472.164836][ T7514] ? __pfx_pppoe_rcv_core+0x10/0x10 [ 472.170290][ T7514] ? __pfx_tcp_v4_do_rcv+0x10/0x10 [ 472.175684][ T7514] sk_backlog_rcv+0x13b/0x420 [ 472.180668][ T7514] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 472.186836][ T7514] __release_sock+0x1da/0x330 [ 472.191799][ T7514] release_sock+0x6b/0x250 [ 472.196982][ T7514] pppoe_sendmsg+0x2b8/0xb90 [ 472.201853][ T7514] ? __pfx_pppoe_sendmsg+0x10/0x10 [ 472.207316][ T7514] ? __pfx_pppoe_sendmsg+0x10/0x10 [ 472.212686][ T7514] __sock_sendmsg+0x30f/0x380 [ 472.217644][ T7514] ____sys_sendmsg+0x903/0xb60 [ 472.222708][ T7514] ___sys_sendmsg+0x28d/0x3c0 [ 472.227634][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.233058][ T7514] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 472.239111][ T7514] ? __rcu_read_unlock+0x7b/0xe0 [ 472.244302][ T7514] ? __fget_files+0x4f5/0x5c0 [ 472.249253][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.254693][ T7514] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 472.260981][ T7514] __sys_sendmmsg+0x4df/0x960 [ 472.265915][ T7514] ? do_futex+0x380/0x4a0 [ 472.270493][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.275953][ T7514] ? kmsan_get_metadata+0x13e/0x1c0 [ 472.281395][ T7514] __ia32_compat_sys_sendmmsg+0xc8/0x140 [ 472.287329][ T7514] ia32_sys_call+0x406a/0x40d0 [ 472.292385][ T7514] __do_fast_syscall_32+0xb0/0x110 [ 472.297763][ T7514] ? irqentry_exit+0x16/0x60 [ 472.302600][ T7514] do_fast_syscall_32+0x38/0x80 [ 472.307710][ T7514] do_SYSENTER_32+0x1f/0x30 [ 472.312456][ T7514] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 472.319051][ T7514] RIP: 0023:0xf7f57579 [ 472.323384][ T7514] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 472.344062][ T7514] RSP: 002b:00000000f56d656c EFLAGS: 00000206 ORIG_RAX: 0000000000000159 [ 472.352734][ T7514] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001dc0 [ 472.360913][ T7514] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 472.369085][ T7514] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 472.377339][ T7514] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 472.385506][ T7514] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 472.393714][ T7514] [ 472.397333][ T7514] Kernel Offset: disabled [ 472.401800][ T7514] Rebooting in 86400 seconds..