last executing test programs: 7.43647859s ago: executing program 2 (id=1589): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000900)='/sys/power/wakeup_count', 0x42, 0x0) io_setup(0x20, &(0x7f0000001140)=0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=") r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) symlinkat(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r2, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') openat(r2, &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x20a341, 0x144) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r4}, 0x10) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, 0x0, &(0x7f0000000180)) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, 0x0}]) 6.613035429s ago: executing program 2 (id=1596): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYBLOB='\x00'/17, @ANYRES32=0x0, @ANYBLOB="00060000000000000000000000000000000000000100000000000000"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, 0x0}) r2 = syz_open_procfs(r1, &(0x7f0000000600)='fd/4\x00') ioctl$FIBMAP(r2, 0x1, &(0x7f0000000100)=0x1) r3 = syz_create_resource$binfmt(&(0x7f0000019400)='./file0\x00') execveat$binfmt(r2, r3, &(0x7f0000019540)={[&(0x7f0000019440)='syzkaller\x00', &(0x7f0000019480)='sched_switch\x00', &(0x7f00000194c0)='sched_switch\x00', &(0x7f0000019500)='f2fs\x00']}, &(0x7f0000019800)={[&(0x7f0000019580)='syzkaller\x00', &(0x7f00000195c0)='&\x00', &(0x7f0000019600)='GPL\x00', &(0x7f0000019640)='&$%\x00', &(0x7f0000019680)='\x03\x00', &(0x7f00000196c0)='syzkaller\x00', &(0x7f0000019700)='net/if_inet6\x00', &(0x7f00000197c0)='\x87\x00\x1a\x00\x00', &(0x7f0000019780)=']<{\\!#\x00', &(0x7f0000019900)='\x00']}, 0x100) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000019940)=ANY=[@ANYBLOB="0900000004000000000000000000000000000000bea4ca", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000020059dbc94de6144e9c5155ea906cbad6d3f35f7396452c107e728ee5fde7f2a5d68c2eef4473c429ed0a30a0c5a6921613a997032fae6a5690420ea7b842a861095e14374867aaaf5e816519cb46b3faa1578ae6048a56946a5674c2735192d4ba2c2c97ad3318c477be502b32cc5184a4f3ad43eea5a36d411756cec6e95861a7d65be43ba29455475360780bc354498ea105bffe5de7edaacec"], 0x48) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000006b80)="$eJzs3E1rY9UfB/CTPs7Tf/5FXLibC4PQwiQ0fRh0V3UGH7BD8WHhStMkDZlJckuTprUrFy7Fhe9EFFy59DW4cO1OXCjuhJHccypTH0Bp2tjp5wO333tPTn73nEtpOfeGBODSWsh++akUboarIYTpEMKNEIr9UtoKGzGeCyHcCiFMPbGVUvvvDXMhhGshhJuj4rFmKb302Z3h7fUf3/j562/nZ65//tV3k5s1MGnPhxC6u3H/oBszb8V8mNprw3aR3bVhyvhC91E6zmMeNLeLCge14361IldbsX++u98f5U6nVh9lq71TtO/24gn7w9ZxneIND2t7xXGjuV1ku58X2TqK4zo8in/bjvqDWKeR6n1YlA+DwXHG9uZhM85n91GR9d4gtce6eaN5OMphynS6UM87jWIc26e50v9tb7Z7+4fZsLnXb+e9bL1SfaFSvVuu7uWN5qC5Vq51G3fXssVWZ9StPGjWuhutPG91mpV63l3KFlv1erlazRbvNbfbtV5WrVZWK8vl9aW0dyd79cG7WaeRLY7y5XZvf9Du9LOdfC+L71jKViqrLy5lt6vZ25tb2dZb9+9vbr3z/r33Hry0+forqdOfhpUtriyvrJSry+WV6tLFnf/of/2/mv/HadBjnD+cSmnSAwC4eKz/gUm46Ov/YP0/Ftb/l3b+j5PTXUAuN+t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBL6/vZL14rdhbi8fXU/r/U9Ew6LoUQpkIIj//CdJg7UXM61Zn9m/6zfxjDN6VQVBidYz5t10IIG2n79f9nfRUAAADg6fXlR7c+jav1+GNh0gPiPMWbNlM3PhhTvVIIYXbhhzFUCelmU3j29KOKRr/fM+FwTNWKG1hXxlQs3nKbGVe1f2T6RFx5Ikoxpo57zp3ruAAAgLN0ciVwvqsQAAAAztMnkx4Ak1E8aU2fxU+P+eZjpAeCV08cAQAAABdQadIDAAAAAM5csf73/X8AAADwdIvf/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3eTkzoUBQD4tND3eD9GYpy7FWewDJfg0KFhKywBt+AGWAPOXIIBQ3tRMRhM+hfJ9yXt5TbN4ZTQwTm3KQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG16KhbTh/urUd046009zVwNAAAAcMiqWEzLD+Nq/i8dP0uHLtI8i4g8Ig7V7oP4tRdzkOIUX5xffMrhMaKMsP2O32n7GxHXaXs5b/tXAAAAgNO1nM0nVbVe7cZ9J0SXqqZN/v+moXhZRBTj54ai5dvd5bdO3RzvD23/38O4q59WqWxg1X5kZqdsuQ2binbcIN3ub8Pow5BVQ95dOgAAQFf2K4EOqxAAAAA6dtt3AvQji91S5m4tuHzy/n1B8M/eDAAAAPiBsr4TAAAAAFpX1v/e/wcAAACnrXr/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1aFYvpcjaf1I2z3tTTzNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLI/7ygMw2AQBjeJ8uqELuD739Is2K1bNzMg+Pi3EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlcfx8jzj1ZjJNnqdSd49rySfTo1vp8avc+OfZKy7fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwsz8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAv2efr7SACAFlCEJUYoCFptfS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/+Hzq3UpWwdMhSJiQFkn528HpU4WtW+Np+P9Py+thy/73OiKF8/5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo7L67H+flZmESZ/Wxm/eurpf9ram+dH379nLZyrjXZtJPhlfTnd5Sd4kAAABwcORNfR8xiGJntQyyhar+L5pzypr/++cncVPPT9f9Td/U/mX77de7L+8NtDAZp7zouY3x6Pi/U+k/xmnOtRf+84x+deerZy959Q3JPth6abeo7mfv2xs33htU4aE2sgUAHsaxpq+D5u+hsh92mRgAB0Y/Kbzv1PV/vtBtTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtGGzFs03ci4jl/n5cunXv6nrVT+1f37693LTT165tp9csL1FExLmN8eh4WxN5Aly6fOXTtfF4dLH94LWI6G70OvhohnMiusxQ8KhBVv+sz/ZVRyOi+5y7Dzr+xQQAwFOnqFtZ198pdlbLY73FiL9/uL/+fyOJI63/p/q0/r/78emb6Vhp/T9sbYbzb2Xzwhcrly5feWvjwtr50fnRZ2+fGL4zPHnm1KkzK9WzkhVPTAAAAHg0g7ql9X+2GLE7tf5/JIljxvr/y++GX6dj5er/B9pf9Os6EwAAgIPtxaN//tF7wPHeYBBfrW1uXhxOtnv7JybbDlL93w7VLa3/88WuswIAAADasLvVu2/9/2wSx4zr/8/9+MrP6TXziDhcr/8fW/98fLa96XTkr5nOauPfiR/7VAEAAJhrh+uWrv8X1fv/2d4rD1lEvPn6JK4/BnCm+j9//5uf0rHS9/9PtjfFuZQtTe5H1S9F9Je6zggAAICn2TN1K4v934ud1U9+OfLhwPv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37JwAA//9VakSc") r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000003c0)={0x30, 0x5, 0x0, {0x0, 0x3, 0x80, 0x8}}, 0x30) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000019880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000198c0)='mlxsw_sp_acl_tcam_vregion_rehash_rollback_failed\x00', r6, 0x0, 0x3}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r7 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000193c0)={0xffffffffffffffff, 0xe0, &(0x7f00000192c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000019100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000019140)=[0x0], &(0x7f0000019180)=[0x0, 0x0], 0x0, 0x1a, &(0x7f00000191c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000019200), &(0x7f0000019240), 0x8, 0x75, 0x8, 0x8, &(0x7f0000019280)}}, 0x10) pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a) sendfile(r4, r5, 0x0, 0x100001) 4.982177228s ago: executing program 3 (id=1604): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000004042c1ab00"/20, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) socket$key(0xf, 0x3, 0x2) socket(0x1e, 0x5, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xd, 0xc3072, r0, 0xa5242000) 4.981763768s ago: executing program 4 (id=1605): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x80, &(0x7f00000002c0)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRES8=0x0], 0x1, 0x122e, &(0x7f0000002580)="$eJzs3MFrHFUcB/BftqlZU5tErdX2oA+9eBqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe/Lq0b9BPHpTxH8gV/8Cb7mIpxzEEXZSk60NmlqyRT+fy/zIb76Z99hl4S3v7f7rX368uVFlG/kgWlNT0dqKSAcpUrTinhdXm+ut26vLnc7KjZSuL99cfC2lNPfSD+9/+s3LPw4uvPft3Hczsbfwwf4vSz/vXd67sv/7zY+6VepWqdcfpDzd6fcH+Z2ySOvdajNL6Z2yyKsidXtVsT3W3yj7W1vDlPfWL85ubRdVlfLeMG0WwzTop8H2MOUf5t1eyrIsXZwNTnT+729Z+/qgrr+PqOvz8UTUdV0/GbMxFU/FxZiLzyPi6Xgmno1L8Vxcjufjhbgyuusshg8AAAAAAAAAAAAAAAAAAAD/Hwej0/zj5/8vHJ7/n48F5/8BAAAAAAAAAAAAAAAAAADgDLx76/bqcqezciOldkT5xc7azlpzbfrLG9GNMoq4FvPxW4xO/zea+vpbnZVraeRcROwe5nd31s6N5xdHPydwmJ8e9e7lF5t8irvlsfxMzDb5dkQUsRTzcenY89tH+aUH5tvx6ivHnp/FfL0b0Y8y1kfPPsp/tpjSm2937stfHd0HAAAA/wVZ+tPC+Pq3Wb9n2Un9Jn+K7wfuW19Px9Xpyc6diGr4yWZelsX2eNH+y18mVsw8HsM4TdH6N/GZOLHVGmt99VPEpGf6WBTtw/fyo/iHU5OfzkMUdx/J3MeLCX8wcSaOXvRJjwQAAAAAAAAAAIDT+Cf7AX+Nh95FOB0P2Fn2xmSmCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MEOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoQIAAP//uXHE5A==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) madvise(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x15) r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000100)=ANY=[]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 3.945203576s ago: executing program 4 (id=1609): r0 = syz_clone(0x200180, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$cont(0x18, r0, 0x0, 0xe477) 3.943516366s ago: executing program 3 (id=1610): r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSSOFTCAR(r3, 0x545c, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) 3.315007739s ago: executing program 2 (id=1612): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21085e, &(0x7f00000001c0)={[{@data_err_ignore}, {@nouid32}, {@minixdf}]}, 0x1, 0x51c, &(0x7f0000000780)="$eJzs3c9vI1cdAPCvvXHiZNMmLT0AgnZpCwtarZN426jqgZYTQqgSokeQtiHxRlHsOIqd0oSVmp65IlGJExz5Azhw6ok7FwQ3LuWAxI8I1CBxGDTjSdabtTcWSewo/nyk2Zk3bzLf74t33lu/bPwCGFu3IuIgIiYj4r2ImMvPF/It3u5s6XWfHT5cPTp8uFqIJHn3H4WsPj0XXV+TupnfsxwR3/92xI8KT8Zt7e1vrtTrtZ28vNBubC+09vbvbjRW1mvrta1qdXlpefGNe69XL6ytLzUm86Mvf/r7g2/8JE1rNj/T3Y6L1Gl66SROaiIivnsZwUbgRt6eyVEnwv+lGBHPR8TL2fM/FzeyVxMAuM6SZC6Sue4yAHDdFbM5sEKxks8FzEaxWKl05vBeiJlivdlq33nQ3N1a68yVzUep+GCjXlvM5wrno1RIy0vZ8aNy9VT5XkQ8FxE/m5rOypXVZn1tlP/wAYAxdvPU+P/vqc74HxHJh6NODgC4POVRJwAADJ3xHwDGj/EfAMaP8R8Axk9n/J8e4MKdy08GABgK7/8BYPwY/wFgrHzvnXfSLTnKP/967f293c3m+3fXaq3NSmN3tbLa3NmurDeb69ln9jTOul+92dxeei12P5j/5narvdDa27/faO5ute9nn+t9v1bKrjoYQssAgH6ee+mTPxXSEfnN6WyLrrUcSiPNDLhsxVEnAIzMjVEnAIyM1b5gfJ3jPb7pAbgmeizR+5hyr18QSpIkubyUgEt2+wvm/2Fcdc3/+1/AMGbM/8P4Mv8P4ytJCoOu+R+DXggAXG3m+IE+P/9/Pt//Ov/hwA/XHtX9Nvvz455fd5B3LxebJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwxx+v/VvK1wGejWKxUIp6JiPkoFR5s1GuLEfFsRPxxqjSVlpdGnDMAcF7Fvxby9b9uz706+1jVizdPDicj4se/ePfnH6y02zt/iJgs/HPq+Hz74/x8dfjZAwBnOx6ns33XG/nPDh+uHm/DzOdv34qIcif+0eFkHJ3En4iJbF+OUkTM/KuQlzsKXXMX53HwUUR8vlf7CzGbzYF0Vj49HT+N/cxQ4xcfi1/M6jr79HvxuQvIBcbNJ2n/83av568Yt7J97+e/nPVQ55f3f+mtVo+yPvBR/OP+70af/u/WoDFe+913OkfTT9Z9FPHFiYjj2Edd/c9x/EKf+K8OGP/PX3rx5X51yS8jbkfv+N2xFtqN7YXW3v7djcbKem29tlWtLi8tL75x7/XqQjZHvdB/NPj7m3ee7VeXtn+mT/zyGe3/6oDt/9V/3/vBV54S/+uv9IpfjBeeEj8dE782YPyVmd+U+9Wl8df6tP+s1//OgPE//cv+2oCXAgBD0Nrb31yp12s7Dp48SJLkw/SbdFXycZC+GlcgjZ4Hbw0r1mSfv5A/faXzTJ+qSpKn3/Ct3lX9eoyLmHUDroKThz4i/jPqZAAAAAAAAAAAAAAAgJ6G8RtLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA19f/AgAA//99m9kb") fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x1000) 3.004668956s ago: executing program 4 (id=1614): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000740)={0x0}) 2.974633088s ago: executing program 4 (id=1615): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, r0, 0x0, 0x0, 0x0, 0x10, 0x5fcf4774, @void, @value}, 0x94) 2.941874171s ago: executing program 1 (id=1616): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 2.800714983s ago: executing program 4 (id=1617): unshare(0x20020000) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r0) close(r0) r1 = open(&(0x7f0000000000)='.\x00', 0x800, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) unlinkat(r1, &(0x7f0000000140)='./file0\x00', 0x200) 2.774497715s ago: executing program 1 (id=1618): socket$can_raw(0x1d, 0x3, 0x1) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x420007}]}) socket$kcm(0xa, 0x5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x400007, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000480)={0x28, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'geneve1\x00'}}]}]}, 0x28}}, 0x0) 2.628836117s ago: executing program 3 (id=1620): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) 2.490219139s ago: executing program 1 (id=1621): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) eventfd2(0x0, 0x0) 2.464934331s ago: executing program 3 (id=1622): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000400121001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000083850000007100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="09268a92", 0x4, 0x11, 0x0, 0x0) 2.399552117s ago: executing program 0 (id=1623): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x40090) 2.260413439s ago: executing program 1 (id=1624): socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000050000000004000009000000"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, 0x0, 0x0, 0x2, 0x0) r5 = add_key$keyring(&(0x7f0000000340), &(0x7f00000004c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f00000006c0)='asymmetric\x00', &(0x7f00000001c0)=@keyring={'key_or_keyring:', r5}) 2.24747932s ago: executing program 0 (id=1625): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000100008500000082000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 2.219520062s ago: executing program 3 (id=1626): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00'}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) close(r2) 2.184320595s ago: executing program 2 (id=1627): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000180)={[{@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") 2.050128316s ago: executing program 0 (id=1628): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.916642438s ago: executing program 0 (id=1629): ioperm(0x0, 0x9, 0x7) process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x64, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000080000000000000000000"], 0x48) bind$inet(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r1}, 0x10) dup(r0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x80, 0x100}}) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000000)={0x0, 0x5}, &(0x7f0000000040)=0x8) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000140)={0x800, 0x4, 0x7}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$sock(r2, &(0x7f0000000640)={&(0x7f0000000240)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000300)="9b52770525391746de9af48de65ca77875ddb0303c04b250d3a3c1dfa3a3dcf9129be790056abe51e200af9cd9abac40cfd7dca1efd5c47dbc70a2ba39f162829bfffa6d08c06a8fa0f323878e65423d3549db57afcf1dcaed5a83c8baf0049a83703dc8ba47adc15491e0e0d3940a", 0x6f}, {&(0x7f00000003c0)="16c8abfa9b5961324bb4a5c2144d084686ebba4714bcc793a9950750df028988894947adb6deb90c036d2e7e079a7294224015dd4a118f0ded798eeb0d126275413cad854cf8a885f7274d3c97ecafab4b4bd50a5ceb435eb138554c9a0ba7035ffda4bee05cc2e1a347cc0e9a32fbdd3b4636ff5cfe6134a5195697eba37d73b6e6dee188cf2c3ca3b31efbb873d1e7db30a200552d4cdc157811d7d480a60ed12c289a1add2170451c4a69ed09cd0923ab7015df2fbd58fbe58627e0823f8f9ed3883ef45d2fae81852282b090", 0xce}, {&(0x7f0000000180)}, {&(0x7f00000004c0)="8bdfba7e85228f425fd9ec480528b1d0b1e0bc879620e840a111e4b6ee35069f5825c2ed11a890122f64294f857c1bc181afde4c920b8ad6f892d3e806b359784e7620c8af4dd0ad7e40027da5646719bcadf4fa1a8e20a9bab2ae6f715d5116e7660ff0d759caa405f5efcc89f3e09b6093c31e037dc059de62d1d359b0715aeb50ce30b6e28a686a7c64120b50030d218139748cda999bdc6423960dc0fa996d2381f9db7b70fc86", 0xa9}, {&(0x7f0000000740)="02e92c217e1e71a2af52b468611628310351eb2a9a2d11acd9de911367b46c43a6b61b3a8a25ad47775f84a9e40b9a74e0366d05949ad7cdf112dc4d4fce85429be11330a9e32b9a1f949908e7cb1f44f5bdc7c42eea7b11daad35596e73e56b589477565f36a691195a9cf7b2fb2c644d2a61c9178f7ab1157c7c8fb817ee95e72b39b8ef2cc984ccb44b6d0b410010e08ae6d91364b08de86cb63716c76ab08af6891ef50ae7c282e83f332f193ffcebae24d2a85da01782a8f363e7f0fb8ac7202d6ee1d4c093b89249ce3f88652c94433b8e5cb525a4fed612cbaa2030e89b05aa0cb44c8319e45ba49fb573c2eafd", 0xf1}, {&(0x7f0000000580)="cae814e30a942b789e65ecacdf546db077272f85670afa", 0x17}], 0x6, &(0x7f00000005c0)=[@timestamping={{0x14, 0x1, 0x25, 0x7f}}, @mark={{0x14, 0x1, 0x24, 0x14}}], 0x30}, 0x0) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="0300000000000000140012800b0001006d61637365630000040002"], 0x44}}, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000080)={r3, 0xfffffff7, 0x30}, &(0x7f00000000c0)=0xc) 1.903590659s ago: executing program 3 (id=1630): bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet6(0xa, 0x1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) dup3(r4, r4, 0x80000) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x260, 0x180, 0x0, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x88}, 0x0, 0xc0, 0x128, 0x0, {}, [@common=@inet=@multiport={{0x50}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0) 1.879919061s ago: executing program 4 (id=1631): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000008bf239562c", @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000780), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000008c0)={0x1c, r7, 0x1}, 0x1c}}, 0x0) 1.398125692s ago: executing program 2 (id=1632): socket$can_raw(0x1d, 0x3, 0x1) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x420007}]}) socket$kcm(0xa, 0x5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x400007, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000480)={0x28, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'geneve1\x00'}}]}]}, 0x28}}, 0x0) 1.159478572s ago: executing program 1 (id=1633): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180400000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) acct(0xfffffffffffffffe) 276.542657ms ago: executing program 1 (id=1634): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc250d40f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c9837d5ac03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a9b893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c5452f42e09b388a14b22bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66cf8aeb1f98bd67bfd38ec2beac3ca99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94d81150c68ab27987655e1dd676ceef54ad4d663f88b6f82a65f7c94a0e40cbb782ff536bd67ba81125f8e0af199094b407f630dc6eb3b79615a4e63f75ab30b1e475748cb5dce6581dc92f740a21fb8dec725b4f2a0b0972f852504245d5ce11cfdead09c9b6e094261084cd20c2294525061a4638c0bfd08dfa70d24bf85d9cfd940e1a4f1509bed8233f22506e5b000000000000862a01def6c9e879a87688ad151c14ae7ff8a090aebe7e4f936c26e565ae96d38ee5f794468caa17419e22ff13df60a95596490358a3b8121511e427d619ad87fe998702ea0b659eff3f5cd8f4094fdd6b1d45facfe6629846170d99de670a9e72e21ed7363876612bf58a17142abccbbe4762f531067f92af24f5354f432ed1df74f8168d05de528f63a98bca22820439c567973de0077c068d1b70b6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r0}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000100004000"/27], 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xdd6c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) syz_clone3(0x0, 0x0) sendmsg$NFT_MSG_GETRULE(r4, 0x0, 0x400c0c0) connect$can_bcm(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="560a0000000000006111800000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 254.328669ms ago: executing program 0 (id=1635): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c8}}, 0x40090) 71.210064ms ago: executing program 2 (id=1636): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000680)={'wpan0\x00'}) syz_genetlink_get_family_id$nl802154(0x0, r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netfilter\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) creat(0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xd, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000080000000000000000000000180100002020702500000000002020207b1af8ff00000000bda004000000000027000000f8ffffffb702000008000000b7030000000000002500f8ff0600000095"], &(0x7f0000000280)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x468, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x0, 0x0, 0x0, 0x10, 0xfffffffd, 0x0, 0x4, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa486, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xd7a, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x800, 0x6a4846db, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x40}}}]}}]}, 0x468}}, 0x0) r7 = dup(r3) write$P9_RLERRORu(r7, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r7, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r9}, 0xc) write$binfmt_elf64(r7, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r7]) chdir(&(0x7f0000000100)='./file0\x00') open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) 0s ago: executing program 0 (id=1637): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21085e, &(0x7f00000001c0)={[{@data_err_ignore}, {@nouid32}, {@minixdf}]}, 0x1, 0x51c, &(0x7f0000000780)="$eJzs3c9vI1cdAPCvvXHiZNMmLT0AgnZpCwtarZN426jqgZYTQqgSokeQtiHxRlHsOIqd0oSVmp65IlGJExz5Azhw6ok7FwQ3LuWAxI8I1CBxGDTjSdabtTcWSewo/nyk2Zk3bzLf74t33lu/bPwCGFu3IuIgIiYj4r2ImMvPF/It3u5s6XWfHT5cPTp8uFqIJHn3H4WsPj0XXV+TupnfsxwR3/92xI8KT8Zt7e1vrtTrtZ28vNBubC+09vbvbjRW1mvrta1qdXlpefGNe69XL6ytLzUm86Mvf/r7g2/8JE1rNj/T3Y6L1Gl66SROaiIivnsZwUbgRt6eyVEnwv+lGBHPR8TL2fM/FzeyVxMAuM6SZC6Sue4yAHDdFbM5sEKxks8FzEaxWKl05vBeiJlivdlq33nQ3N1a68yVzUep+GCjXlvM5wrno1RIy0vZ8aNy9VT5XkQ8FxE/m5rOypXVZn1tlP/wAYAxdvPU+P/vqc74HxHJh6NODgC4POVRJwAADJ3xHwDGj/EfAMaP8R8Axk9n/J8e4MKdy08GABgK7/8BYPwY/wFgrHzvnXfSLTnKP/967f293c3m+3fXaq3NSmN3tbLa3NmurDeb69ln9jTOul+92dxeei12P5j/5narvdDa27/faO5ute9nn+t9v1bKrjoYQssAgH6ee+mTPxXSEfnN6WyLrrUcSiPNDLhsxVEnAIzMjVEnAIyM1b5gfJ3jPb7pAbgmeizR+5hyr18QSpIkubyUgEt2+wvm/2Fcdc3/+1/AMGbM/8P4Mv8P4ytJCoOu+R+DXggAXG3m+IE+P/9/Pt//Ov/hwA/XHtX9Nvvz455fd5B3LxebJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwxx+v/VvK1wGejWKxUIp6JiPkoFR5s1GuLEfFsRPxxqjSVlpdGnDMAcF7Fvxby9b9uz706+1jVizdPDicj4se/ePfnH6y02zt/iJgs/HPq+Hz74/x8dfjZAwBnOx6ns33XG/nPDh+uHm/DzOdv34qIcif+0eFkHJ3En4iJbF+OUkTM/KuQlzsKXXMX53HwUUR8vlf7CzGbzYF0Vj49HT+N/cxQ4xcfi1/M6jr79HvxuQvIBcbNJ2n/83av568Yt7J97+e/nPVQ55f3f+mtVo+yPvBR/OP+70af/u/WoDFe+913OkfTT9Z9FPHFiYjj2Edd/c9x/EKf+K8OGP/PX3rx5X51yS8jbkfv+N2xFtqN7YXW3v7djcbKem29tlWtLi8tL75x7/XqQjZHvdB/NPj7m3ee7VeXtn+mT/zyGe3/6oDt/9V/3/vBV54S/+uv9IpfjBeeEj8dE782YPyVmd+U+9Wl8df6tP+s1//OgPE//cv+2oCXAgBD0Nrb31yp12s7Dp48SJLkw/SbdFXycZC+GlcgjZ4Hbw0r1mSfv5A/faXzTJ+qSpKn3/Ct3lX9eoyLmHUDroKThz4i/jPqZAAAAAAAAAAAAAAAgJ6G8RtLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA19f/AgAA//99m9kb") fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x1000) kernel console output (not intermixed with test programs): 8503][ T7396] device bridge_slave_0 left promiscuous mode [ 524.445034][ T7396] bridge0: port 1(bridge_slave_0) entered disabled state [ 524.489970][ T7396] device veth1_macvtap left promiscuous mode [ 524.496383][ T7396] device veth0_macvtap left promiscuous mode [ 524.502780][ T7396] device veth1_vlan left promiscuous mode [ 524.508830][ T7396] device veth0_vlan left promiscuous mode [ 524.929055][ T3646] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 524.939701][ T3646] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 524.953299][ T3646] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 524.964698][ T3646] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 524.973882][ T3646] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 524.981253][ T3646] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 525.623007][ T26] audit: type=1326 audit(1728675494.408:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.650689][ T26] audit: type=1326 audit(1728675494.428:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.673209][ T26] audit: type=1326 audit(1728675494.428:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.704113][ T26] audit: type=1326 audit(1728675494.428:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.756968][ T26] audit: type=1326 audit(1728675494.428:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.780171][ T26] audit: type=1326 audit(1728675494.428:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.808100][ T26] audit: type=1326 audit(1728675494.478:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.831576][ T26] audit: type=1326 audit(1728675494.478:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.854598][ T26] audit: type=1326 audit(1728675494.508:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 525.886184][ T26] audit: type=1326 audit(1728675494.508:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.0.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 526.238016][ T7396] team0 (unregistering): Port device team_slave_1 removed [ 526.284573][ T7396] team0 (unregistering): Port device team_slave_0 removed [ 526.334557][ T7396] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 526.379358][ T7396] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 526.867165][ T7396] bond0 (unregistering): Released all slaves [ 526.975136][ T8774] tipc: New replicast peer: 100.1.1.1 [ 526.980772][ T8774] tipc: Enabled bearer , priority 10 [ 527.044431][ T3649] Bluetooth: hci1: command tx timeout [ 527.420481][ T8796] loop0: detected capacity change from 0 to 256 [ 527.637000][ T8796] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 528.385368][ T8804] smc: net device bond0 applied user defined pnetid SYZ0 [ 528.444872][ T8802] smc: net device bond0 erased user defined pnetid SYZ0 [ 528.674768][ T8809] loop0: detected capacity change from 0 to 256 [ 529.132503][ T3649] Bluetooth: hci1: command tx timeout [ 529.360951][ T8777] chnl_net:caif_netlink_parms(): no params data found [ 530.390749][ T7396] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.699052][ T7396] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.833909][ T8835] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 530.895586][ T7396] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.912663][ T8835] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 531.159923][ T7396] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.202576][ T3649] Bluetooth: hci1: command tx timeout [ 531.215453][ T8579] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 531.269617][ T8579] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 531.319226][ T8579] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 531.369818][ T8777] bridge0: port 1(bridge_slave_0) entered blocking state [ 531.388302][ T8777] bridge0: port 1(bridge_slave_0) entered disabled state [ 531.403590][ T8777] device bridge_slave_0 entered promiscuous mode [ 531.421348][ T8777] bridge0: port 2(bridge_slave_1) entered blocking state [ 531.428847][ T8777] bridge0: port 2(bridge_slave_1) entered disabled state [ 531.559107][ T8777] device bridge_slave_1 entered promiscuous mode [ 532.390287][ T8852] loop1: detected capacity change from 0 to 256 [ 532.400875][ T8579] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 532.418994][ T8777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 532.438261][ T8852] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 532.991673][ T8777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 533.322394][ T3649] Bluetooth: hci1: command tx timeout [ 533.398297][ T8861] loop1: detected capacity change from 0 to 256 [ 533.548028][ T8857] loop4: detected capacity change from 0 to 40427 [ 533.595486][ T8857] F2FS-fs (loop4): invalid crc value [ 533.635837][ T8857] F2FS-fs (loop4): Found nat_bits in checkpoint [ 533.693304][ T8857] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 533.900151][ T8777] team0: Port device team_slave_0 added [ 533.909398][ T8777] team0: Port device team_slave_1 added [ 534.080197][ T8867] overlayfs: failed to resolve './file0': -2 [ 534.576112][ T8777] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 534.613501][ T5738] syz-executor: attempt to access beyond end of device [ 534.613501][ T5738] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 534.662967][ T8777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 534.752445][ T8777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 534.766603][ T8777] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 534.782497][ T8777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 534.808571][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 534.808587][ T26] audit: type=1326 audit(1728675503.568:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8874 comm="syz.0.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 534.847230][ T8875] Illegal XDP return value 4294967294 on prog (id 484) dev N/A, expect packet loss! [ 534.883617][ T26] audit: type=1326 audit(1728675503.568:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8874 comm="syz.0.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 534.906226][ T8777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 534.992728][ T26] audit: type=1326 audit(1728675503.568:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8874 comm="syz.0.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.067006][ T26] audit: type=1326 audit(1728675503.568:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8874 comm="syz.0.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.100148][ T26] audit: type=1326 audit(1728675503.568:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8874 comm="syz.0.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.150150][ T26] audit: type=1326 audit(1728675503.848:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.0.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.203072][ T26] audit: type=1326 audit(1728675503.848:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.0.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.278624][ T8777] device hsr_slave_0 entered promiscuous mode [ 535.304702][ T8777] device hsr_slave_1 entered promiscuous mode [ 535.333343][ T26] audit: type=1326 audit(1728675503.848:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.0.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.363449][ T8777] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 535.381301][ T8777] Cannot create hsr debugfs directory [ 535.391940][ T8881] netlink: 'syz.0.1170': attribute type 1 has an invalid length. [ 535.421818][ T26] audit: type=1326 audit(1728675503.848:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.0.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.512182][ T26] audit: type=1326 audit(1728675503.848:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.0.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 535.607935][ T8579] 8021q: adding VLAN 0 to HW filter on device bond0 [ 535.715135][ T8579] 8021q: adding VLAN 0 to HW filter on device team0 [ 535.834386][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 535.853824][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 535.876673][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 536.689151][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 536.697993][ T5735] bridge0: port 1(bridge_slave_0) entered blocking state [ 536.705186][ T5735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 536.713776][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 536.723496][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 536.732154][ T5735] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.739337][ T5735] bridge0: port 2(bridge_slave_1) entered forwarding state [ 536.747376][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 536.756722][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 536.898193][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 536.922935][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 537.065724][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 537.086575][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 537.104531][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 537.139063][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 537.148278][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 537.167375][ T8579] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 537.183661][ T8579] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 537.928689][ T8886] loop1: detected capacity change from 0 to 40427 [ 537.975843][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 538.012620][ T8886] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 538.033517][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 538.042162][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 538.050167][ T8886] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 538.052187][ T8910] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1175'. [ 538.080656][ T8910] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1175'. [ 538.119330][ T8886] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 538.133416][ T8917] netlink: 'syz.4.1176': attribute type 10 has an invalid length. [ 538.162055][ T8917] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 538.777339][ T8924] loop0: detected capacity change from 0 to 40427 [ 538.791318][ T8924] F2FS-fs (loop0): invalid crc value [ 538.849231][ T8924] F2FS-fs (loop0): Found nat_bits in checkpoint [ 539.016420][ T8924] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 539.706895][ T8941] overlayfs: failed to resolve './file0': -2 [ 540.387058][ T6084] syz-executor: attempt to access beyond end of device [ 540.387058][ T6084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 540.530919][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 540.572519][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 540.797146][ T8579] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 540.932170][ T8960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1186'. [ 541.041127][ T8960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1186'. [ 541.055228][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 541.070939][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 541.827876][ T8967] loop0: detected capacity change from 0 to 4096 [ 541.934056][ T8967] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 542.054468][ T8967] Process accounting resumed [ 542.126649][ T26] kauditd_printk_skb: 30 callbacks suppressed [ 542.126666][ T26] audit: type=1326 audit(1728675510.908:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 542.186781][ T8967] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 542.202062][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 542.221262][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 542.231550][ T26] audit: type=1326 audit(1728675510.938:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 542.248329][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 542.289848][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 542.335394][ T8579] device veth0_vlan entered promiscuous mode [ 542.396035][ T26] audit: type=1326 audit(1728675510.938:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 542.460021][ T26] audit: type=1326 audit(1728675510.938:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 542.530154][ T26] audit: type=1326 audit(1728675510.948:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 542.571444][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 542.592698][ T26] audit: type=1326 audit(1728675510.948:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 542.625205][ T7396] device hsr_slave_0 left promiscuous mode [ 542.653185][ T7396] device hsr_slave_1 left promiscuous mode [ 542.666525][ T7396] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 542.703392][ T7396] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 542.711773][ T26] audit: type=1326 audit(1728675510.948:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 542.759626][ T7396] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 542.786737][ T7396] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 542.806736][ T26] audit: type=1326 audit(1728675510.948:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 544.228841][ T26] audit: type=1326 audit(1728675510.948:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8979 comm="syz.1.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 544.264419][ T7396] device veth1_macvtap left promiscuous mode [ 544.270524][ T7396] device veth0_macvtap left promiscuous mode [ 544.292803][ T7396] device veth1_vlan left promiscuous mode [ 544.298702][ T7396] device veth0_vlan left promiscuous mode [ 545.918761][ T7396] team0 (unregistering): Port device team_slave_1 removed [ 545.971860][ T7396] team0 (unregistering): Port device team_slave_0 removed [ 546.030402][ T7396] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 546.084682][ T7396] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 546.671292][ T7396] bond0 (unregistering): Released all slaves [ 546.802172][ T9000] netlink: 'syz.4.1193': attribute type 10 has an invalid length. [ 546.881799][ T102] bond0: (slave netdevsim0): link status definitely down, disabling slave [ 546.932163][ T8579] device veth1_vlan entered promiscuous mode [ 546.967821][ T8777] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 547.003637][ T26] audit: type=1326 audit(1728675515.788:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9003 comm="syz.0.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 547.053161][ T8777] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 547.084770][ T8777] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 547.158774][ T8777] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 547.181680][ T8579] device veth0_macvtap entered promiscuous mode [ 547.211320][ T9012] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1197'. [ 547.227899][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 547.251761][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 547.274048][ T9014] loop4: detected capacity change from 0 to 512 [ 547.284810][ T8579] device veth1_macvtap entered promiscuous mode [ 547.337535][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 547.361793][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 547.394025][ T9014] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.1198: casefold flag without casefold feature [ 547.405728][ T8579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 547.418176][ T8579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.429140][ T8579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 547.439853][ T8579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.456404][ T9014] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.1198: couldn't read orphan inode 15 (err -117) [ 547.463430][ T8579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 547.479356][ T8579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.508190][ T8579] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 547.517679][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 547.529173][ T9014] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 547.539909][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 547.572422][ T8579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 547.603601][ T8579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.631622][ T8579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 547.664607][ T9021] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 547.664607][ T9021] program syz.0.1199 not setting count and/or reply_len properly [ 547.729232][ T8579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.761911][ T8579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 547.782993][ T8579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 547.901542][ T8579] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 548.018040][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 548.018079][ T26] audit: type=1326 audit(1728675516.798:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9023 comm="syz.1.1200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 548.395832][ T26] audit: type=1326 audit(1728675516.838:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9023 comm="syz.1.1200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 548.539686][ T8674] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 548.564688][ T8674] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 548.713059][ T8579] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 548.757292][ T8579] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 548.766334][ T8579] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 548.775132][ T8579] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 549.560875][ T3659] Bluetooth: hci4: command 0x0406 tx timeout [ 549.717162][ T8777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 549.754767][ T9041] loop0: detected capacity change from 0 to 512 [ 549.769016][ T3729] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 549.782197][ T9039] netlink: 'syz.1.1204': attribute type 10 has an invalid length. [ 549.800505][ T3729] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 549.819530][ T9039] bond0: (slave netdevsim0): no link monitoring support [ 549.880191][ T9041] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 549.892535][ T9039] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 549.902497][ T9041] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038 (0x7fffffff) [ 549.956296][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 549.964125][ T9041] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 549.997415][ T3972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 550.011698][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 550.052431][ T3972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 550.055401][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 550.091956][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 550.105960][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 550.110212][ T8777] 8021q: adding VLAN 0 to HW filter on device team0 [ 550.120336][ T9046] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1207'. [ 550.179397][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 550.207701][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 550.216727][ T7396] bridge0: port 1(bridge_slave_0) entered blocking state [ 550.223924][ T7396] bridge0: port 1(bridge_slave_0) entered forwarding state [ 550.258178][ T9048] tipc: Enabling of bearer rejected, already enabled [ 550.355144][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 550.383389][ T5738] EXT4-fs (loop4): unmounting filesystem. [ 550.405772][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 550.452856][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 550.479588][ T7396] bridge0: port 2(bridge_slave_1) entered blocking state [ 550.486824][ T7396] bridge0: port 2(bridge_slave_1) entered forwarding state [ 550.546521][ T9052] netlink: 'syz.1.1209': attribute type 10 has an invalid length. [ 550.563826][ T9050] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1209'. [ 550.639346][ T9060] loop3: detected capacity change from 0 to 128 [ 550.655518][ T9052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 550.687866][ T9052] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 550.694708][ T9060] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 550.712400][ T9060] FAT-fs (loop3): Filesystem has been set read-only [ 550.719413][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 550.732526][ T9060] syz.3.1212: attempt to access beyond end of device [ 550.732526][ T9060] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 550.758321][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 550.792903][ T9060] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 550.832385][ T9060] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 550.853466][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 550.868687][ T9060] syz.3.1212: attempt to access beyond end of device [ 550.868687][ T9060] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 550.884464][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 550.893587][ T26] audit: type=1800 audit(1728675519.668:536): pid=9060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1212" name="file2" dev="loop3" ino=1048722 res=0 errno=0 [ 550.928065][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 550.946033][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 550.964964][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 551.111948][ T8777] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 551.772125][ T8777] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 551.877821][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 551.889174][ T9068] loop0: detected capacity change from 0 to 512 [ 551.912567][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 551.943576][ T9068] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 551.954622][ T9068] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038 (0x7fffffff) [ 552.102051][ T9073] SET target dimension over the limit! [ 552.114322][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 552.141845][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 552.153639][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 552.274456][ T9077] input: syz1 as /devices/virtual/input/input23 [ 552.970080][ T9055] loop4: detected capacity change from 0 to 40427 [ 553.004803][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 553.041293][ T9055] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 553.062950][ T9055] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 553.118563][ T9083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1218'. [ 553.167180][ T9055] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 553.213917][ T9085] smc: net device bond0 applied user defined pnetid SYZ0 [ 553.216586][ T9089] loop0: detected capacity change from 0 to 512 [ 553.223293][ T9092] smc: net device bond0 erased user defined pnetid SYZ0 [ 553.304895][ T9089] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1219: casefold flag without casefold feature [ 553.331030][ T9089] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.1219: couldn't read orphan inode 15 (err -117) [ 553.343347][ T9055] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 553.350419][ T9055] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 553.363830][ T9089] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 553.382630][ T26] audit: type=1804 audit(1728675522.148:537): pid=9055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1210" name="/newroot/171/file1/file1" dev="loop4" ino=10 res=1 errno=0 [ 553.571988][ T3729] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 553.579750][ T3729] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 553.615188][ T9101] tipc: Started in network mode [ 553.620894][ T9101] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 553.631548][ T9101] tipc: Enabled bearer , priority 10 [ 553.766131][ T8777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 554.451874][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 554.477839][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 554.617336][ T8777] device veth0_vlan entered promiscuous mode [ 554.625283][ T3689] tipc: Node number set to 15444650 [ 554.670041][ T3729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 554.703174][ T3729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 554.752154][ T3729] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 554.765429][ T5738] syz-executor: attempt to access beyond end of device [ 554.765429][ T5738] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 554.765981][ T3729] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 555.592749][ T8777] device veth1_vlan entered promiscuous mode [ 555.645875][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 555.660421][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 555.690950][ T8777] device veth0_macvtap entered promiscuous mode [ 555.719731][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 555.738061][ T8777] device veth1_macvtap entered promiscuous mode [ 555.815342][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 555.840364][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 555.868856][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 555.900017][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.006312][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.017543][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.028586][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.039165][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.062764][ T8777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 556.070921][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 556.090828][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 556.116749][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.141379][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.157490][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.168485][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.201857][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.271905][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.372410][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.436804][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.493105][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 556.516300][ T8777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 556.622157][ T8777] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.721147][ T8777] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.780788][ T8777] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.832409][ T8777] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 557.078617][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 557.086581][ T9145] loop0: detected capacity change from 0 to 256 [ 557.138049][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 557.251049][ T9134] smc: net device bond0 applied user defined pnetid SYZ0 [ 557.334480][ T9135] smc: net device bond0 erased user defined pnetid SYZ0 [ 557.789590][ T9148] syz.0.1230[9148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 557.789703][ T9148] syz.0.1230[9148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 558.329531][ T3729] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 558.344701][ T3729] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 560.196629][ T3809] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 560.219161][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 560.241924][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 560.296304][ T26] audit: type=1326 audit(1728675529.078:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9150 comm="syz.4.1231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fc457dff9 code=0x7ffc0000 [ 560.344439][ T26] audit: type=1326 audit(1728675529.078:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 560.509826][ T26] audit: type=1326 audit(1728675529.078:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 560.536564][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 560.570987][ T9171] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1235'. [ 560.662072][ T26] audit: type=1326 audit(1728675529.078:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 560.762332][ T26] audit: type=1326 audit(1728675529.078:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 560.815768][ T26] audit: type=1326 audit(1728675529.078:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 560.927400][ T26] audit: type=1326 audit(1728675529.078:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 563.043169][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.049552][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.164350][ T9195] loop3: detected capacity change from 0 to 256 [ 563.373901][ T9196] syz.3.1242[9196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 563.374040][ T9196] syz.3.1242[9196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 563.478946][ T26] audit: type=1326 audit(1728675529.078:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 563.514283][ T26] audit: type=1326 audit(1728675529.078:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 563.542680][ T26] audit: type=1326 audit(1728675529.078:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2531f7dff9 code=0x7ffc0000 [ 564.189024][ T9208] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1245'. [ 564.313191][ T9212] loop4: detected capacity change from 0 to 128 [ 565.636592][ T9226] loop0: detected capacity change from 0 to 512 [ 565.742741][ T9226] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1237: casefold flag without casefold feature [ 565.986260][ T9226] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.1237: couldn't read orphan inode 15 (err -117) [ 566.842599][ T9226] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 569.080057][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 569.203531][ T26] kauditd_printk_skb: 37 callbacks suppressed [ 569.203550][ T26] audit: type=1326 audit(1728675537.988:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.293868][ T26] audit: type=1326 audit(1728675537.988:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.385980][ T26] audit: type=1326 audit(1728675537.988:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.492286][ T26] audit: type=1326 audit(1728675537.988:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.582454][ T26] audit: type=1326 audit(1728675537.988:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.621355][ T9245] ebtables: ebtables: counters copy to user failed while replacing table [ 569.658868][ T26] audit: type=1326 audit(1728675537.988:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.705706][ T26] audit: type=1326 audit(1728675538.028:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.827954][ T26] audit: type=1326 audit(1728675538.028:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 569.981133][ T26] audit: type=1326 audit(1728675538.028:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 570.071921][ T26] audit: type=1326 audit(1728675538.028:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.2.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 571.394916][ T9258] loop3: detected capacity change from 0 to 256 [ 571.691867][ T9259] syz.3.1256[9259] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 571.691980][ T9259] syz.3.1256[9259] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 571.747518][ T9251] loop0: detected capacity change from 0 to 40427 [ 571.770516][ T9251] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 571.781297][ T9251] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 571.812580][ T9251] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 571.960401][ T9251] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 571.973023][ T9251] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 572.717486][ T9267] loop1: detected capacity change from 0 to 128 [ 572.874957][ T6084] syz-executor: attempt to access beyond end of device [ 572.874957][ T6084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 573.031719][ T9271] loop3: detected capacity change from 0 to 512 [ 573.170570][ T9271] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 573.259666][ T9271] ext4 filesystem being mounted at /15/bus supports timestamps until 2038 (0x7fffffff) [ 574.197297][ T9293] No such timeout policy "syz0" [ 574.639807][ T9307] loop2: detected capacity change from 0 to 256 [ 575.011766][ T9308] syz.2.1271[9308] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 575.011876][ T9308] syz.2.1271[9308] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 575.535470][ T8579] EXT4-fs (loop3): unmounting filesystem. [ 577.293123][ T9312] loop1: detected capacity change from 0 to 40427 [ 577.354247][ T9312] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 577.367838][ T9312] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 577.433903][ T9312] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 577.674725][ T9312] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 577.689789][ T9312] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 577.698879][ T9340] No such timeout policy "syz0" [ 577.745815][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 577.745833][ T26] audit: type=1804 audit(1728675546.528:597): pid=9312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1273" name="/newroot/79/file1/file1" dev="loop1" ino=10 res=1 errno=0 [ 578.841119][ T7577] syz-executor: attempt to access beyond end of device [ 578.841119][ T7577] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 580.945189][ T9364] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1287'. [ 581.148517][ T9367] loop2: detected capacity change from 0 to 2048 [ 581.306345][ T9367] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 581.740459][ T9375] IPv6: Can't replace route, no match found [ 581.950308][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 582.126039][ T26] audit: type=1326 audit(1728675550.908:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 582.184861][ T26] audit: type=1326 audit(1728675550.908:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 582.218388][ T26] audit: type=1326 audit(1728675550.928:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 582.292411][ T26] audit: type=1326 audit(1728675550.928:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 582.402387][ T26] audit: type=1326 audit(1728675550.928:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 582.548820][ T26] audit: type=1326 audit(1728675550.928:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 583.776297][ T9383] No such timeout policy "syz0" [ 583.867619][ T26] audit: type=1326 audit(1728675550.928:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.096009][ T26] audit: type=1326 audit(1728675550.928:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.191947][ T26] audit: type=1326 audit(1728675550.928:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.243465][ T26] audit: type=1326 audit(1728675550.928:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.323644][ T26] audit: type=1326 audit(1728675550.928:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.389623][ T26] audit: type=1326 audit(1728675550.928:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.446974][ T26] audit: type=1326 audit(1728675550.928:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.501350][ T26] audit: type=1326 audit(1728675550.928:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.618200][ T26] audit: type=1326 audit(1728675550.928:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 584.651603][ T26] audit: type=1326 audit(1728675550.928:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 588.377856][ T9430] loop0: detected capacity change from 0 to 40427 [ 588.566457][ T9430] F2FS-fs (loop0): invalid crc value [ 588.650072][ T9430] F2FS-fs (loop0): Found nat_bits in checkpoint [ 588.739182][ T9430] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 589.286173][ T9436] overlayfs: missing 'lowerdir' [ 590.044052][ T6084] syz-executor: attempt to access beyond end of device [ 590.044052][ T6084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 590.969044][ T9446] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1314'. [ 591.797041][ T9453] serio: Serial port pts0 [ 592.823590][ T9465] loop0: detected capacity change from 0 to 40427 [ 592.833249][ T9465] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 592.847518][ T9465] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 593.041253][ T9465] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 593.230726][ T9465] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 593.252149][ T9478] loop2: detected capacity change from 0 to 40427 [ 593.266158][ T9465] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 593.303852][ T9478] F2FS-fs (loop2): invalid crc value [ 593.321648][ T9478] F2FS-fs (loop2): Found nat_bits in checkpoint [ 593.364732][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 593.364748][ T26] audit: type=1804 audit(1728675562.148:626): pid=9465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1312" name="/newroot/175/file1/file1" dev="loop0" ino=10 res=1 errno=0 [ 593.409975][ T9478] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 593.687107][ T9465] syz.0.1312: attempt to access beyond end of device [ 593.687107][ T9465] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 593.701386][ T9465] syz.0.1312: attempt to access beyond end of device [ 593.701386][ T9465] loop0: rw=2049, sector=53256, nr_sectors = 8 limit=40427 [ 593.729806][ T9487] overlayfs: missing 'lowerdir' [ 593.970758][ T9486] loop1: detected capacity change from 0 to 1024 [ 594.016824][ T9486] EXT4-fs: Ignoring removed orlov option [ 594.081919][ T9486] EXT4-fs: Ignoring removed nomblk_io_submit option [ 594.240838][ T9486] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 594.266183][ T8777] syz-executor: attempt to access beyond end of device [ 594.266183][ T8777] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 594.334091][ T9495] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1324'. [ 594.352708][ T9495] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 594.360171][ T9495] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 594.380173][ T6084] syz-executor: attempt to access beyond end of device [ 594.380173][ T6084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 594.398088][ T9495] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 594.422025][ T9496] loop3: detected capacity change from 0 to 512 [ 594.452354][ T9495] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 594.505421][ T9496] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 594.542374][ T9496] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038 (0x7fffffff) [ 594.681248][ T9502] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1326'. [ 594.830531][ T9489] tipc: Started in network mode [ 594.836512][ T9489] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 594.875989][ T9489] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 595.240823][ T9489] tipc: Enabled bearer , priority 10 [ 595.745002][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 595.796214][ T8579] EXT4-fs (loop3): unmounting filesystem. [ 595.847119][ T9510] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 595.864078][ T9510] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 595.875711][ T9510] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 596.079450][ T9517] serio: Serial port pts1 [ 596.093340][ T9516] loop2: detected capacity change from 0 to 512 [ 596.106285][ T9516] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1325: casefold flag without casefold feature [ 596.119866][ T9516] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1325: couldn't read orphan inode 15 (err -117) [ 596.134854][ T9516] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 596.328882][ T3690] tipc: Node number set to 1 [ 597.162067][ T26] audit: type=1326 audit(1728675565.938:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.1.1333" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd80517dff9 code=0x0 [ 598.635476][ T9539] loop4: detected capacity change from 0 to 40427 [ 598.655541][ T9539] F2FS-fs (loop4): invalid crc value [ 598.679573][ T9539] F2FS-fs (loop4): Found nat_bits in checkpoint [ 598.728446][ T9539] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 599.664716][ T9556] overlayfs: missing 'lowerdir' [ 599.946942][ T9557] No such timeout policy "syz0" [ 600.080892][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 600.087509][ T5738] syz-executor: attempt to access beyond end of device [ 600.087509][ T5738] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 600.675904][ T9542] loop3: detected capacity change from 0 to 40427 [ 600.685224][ T9542] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 600.691607][ T9542] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 601.293043][ T9542] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-4) [ 601.703073][ T9574] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 601.711888][ T9574] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 601.727350][ T9574] netdevsim netdevsim4: Falling back to sysfs fallback for: . [ 601.883291][ T26] audit: type=1326 audit(1728675570.668:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.3.1347" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2531f7dff9 code=0x0 [ 603.220520][ T9600] loop1: detected capacity change from 0 to 512 [ 603.424367][ T9600] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1352: casefold flag without casefold feature [ 603.546073][ T9604] loop3: detected capacity change from 0 to 2048 [ 603.577854][ T9600] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1352: couldn't read orphan inode 15 (err -117) [ 603.603514][ T9602] loop4: detected capacity change from 0 to 40427 [ 603.645437][ T9600] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 603.657880][ T9602] F2FS-fs (loop4): invalid crc value [ 603.807518][ T9602] F2FS-fs (loop4): Found nat_bits in checkpoint [ 603.874439][ T9604] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 603.916930][ T9602] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 604.895625][ T8579] EXT4-fs (loop3): unmounting filesystem. [ 605.026585][ T5738] syz-executor: attempt to access beyond end of device [ 605.026585][ T5738] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 605.050508][ T5738] syz-executor: attempt to access beyond end of device [ 605.050508][ T5738] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 605.273576][ T26] audit: type=1326 audit(1728675574.058:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1361" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feecb37dff9 code=0x0 [ 605.296922][ T8674] kworker/u4:23: attempt to access beyond end of device [ 605.296922][ T8674] loop4: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 605.349772][ T9641] loop3: detected capacity change from 0 to 256 [ 606.323740][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 606.560538][ T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.619301][ T9649] loop1: detected capacity change from 0 to 512 [ 606.793497][ T9649] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 606.845273][ T9649] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038 (0x7fffffff) [ 606.996523][ T9629] loop2: detected capacity change from 0 to 40427 [ 607.091270][ T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.107786][ T9629] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 607.135687][ T9629] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 607.230471][ T9629] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 607.329290][ T9666] input: syz1 as /devices/virtual/input/input24 [ 607.780577][ T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.957039][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 608.151440][ T9] bond0: (slave netdevsim0): Releasing backup interface [ 608.198217][ T9] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 608.251239][ T9677] loop1: detected capacity change from 0 to 2048 [ 608.367331][ T9677] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 608.584169][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 608.768156][ T9] tipc: Disabling bearer [ 608.776549][ T9] tipc: Disabling bearer [ 608.810587][ T9] tipc: Left network mode [ 608.907928][ T26] audit: type=1326 audit(1728675577.688:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9691 comm="syz.0.1374" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feecb37dff9 code=0x0 [ 609.042614][ T26] audit: type=1326 audit(1728675577.818:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.166917][ T26] audit: type=1326 audit(1728675577.818:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.231664][ T9698] loop2: detected capacity change from 0 to 512 [ 609.279585][ T26] audit: type=1326 audit(1728675577.848:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.291460][ T9673] loop3: detected capacity change from 0 to 40427 [ 609.328341][ T9698] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1373: casefold flag without casefold feature [ 609.356207][ T9673] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 609.368844][ T3649] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 609.393910][ T9673] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 609.405157][ T3649] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 609.414318][ T3646] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 609.422588][ T3649] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 609.431819][ T3649] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 609.439467][ T3649] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 609.457060][ T26] audit: type=1326 audit(1728675577.848:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.480527][ T26] audit: type=1326 audit(1728675577.848:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.538244][ T9698] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1373: couldn't read orphan inode 15 (err -117) [ 609.550765][ T26] audit: type=1326 audit(1728675577.858:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.586145][ T26] audit: type=1326 audit(1728675577.858:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.597626][ T9698] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 609.630869][ T9673] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 609.672172][ T9704] No such timeout policy "syz0" [ 609.727506][ T26] audit: type=1326 audit(1728675577.858:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 609.816263][ T26] audit: type=1326 audit(1728675577.858:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9695 comm="syz.1.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 610.685070][ T9673] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 610.716614][ T9673] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 611.522471][ T3649] Bluetooth: hci0: command tx timeout [ 611.670020][ T9726] loop0: detected capacity change from 0 to 128 [ 611.747711][ T9726] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 611.770425][ T9726] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038 (0x7fffffff) [ 611.782598][ T8579] syz-executor: attempt to access beyond end of device [ 611.782598][ T8579] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 612.224583][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 612.419219][ T9702] chnl_net:caif_netlink_parms(): no params data found [ 612.506595][ T9744] loop2: detected capacity change from 0 to 2048 [ 612.537884][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 612.600817][ T9744] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 612.815862][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 613.687471][ T3659] Bluetooth: hci0: command tx timeout [ 614.129826][ T9702] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.147241][ T9702] bridge0: port 1(bridge_slave_0) entered disabled state [ 614.169137][ T9702] device bridge_slave_0 entered promiscuous mode [ 614.194708][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 614.194725][ T26] audit: type=1326 audit(1728675582.978:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.213834][ T9702] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.247186][ T9702] bridge0: port 2(bridge_slave_1) entered disabled state [ 614.268224][ T9702] device bridge_slave_1 entered promiscuous mode [ 614.279532][ T26] audit: type=1326 audit(1728675582.978:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.325193][ T26] audit: type=1326 audit(1728675582.978:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.415243][ T26] audit: type=1326 audit(1728675582.978:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.450347][ T9741] loop1: detected capacity change from 0 to 40427 [ 614.475847][ T9741] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 614.485916][ T26] audit: type=1326 audit(1728675582.978:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.528016][ T9741] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 614.545268][ T26] audit: type=1326 audit(1728675582.978:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.596786][ T26] audit: type=1326 audit(1728675582.978:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.635292][ T9741] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 614.712691][ T9] device hsr_slave_0 left promiscuous mode [ 614.729350][ T26] audit: type=1326 audit(1728675582.978:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.759808][ T9] device hsr_slave_1 left promiscuous mode [ 614.771770][ T9787] loop3: detected capacity change from 0 to 512 [ 614.788763][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 614.796501][ T26] audit: type=1326 audit(1728675582.978:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.821114][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 614.852535][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 614.863540][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 614.871843][ T9787] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.1392: casefold flag without casefold feature [ 614.891813][ T26] audit: type=1326 audit(1728675582.978:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9763 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 614.902576][ T9787] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1392: couldn't read orphan inode 15 (err -117) [ 614.951609][ T9] device bridge_slave_1 left promiscuous mode [ 614.965069][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 614.981136][ T9741] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 614.993329][ T9787] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 615.001122][ T9741] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 615.002636][ T9] device bridge_slave_0 left promiscuous mode [ 615.084314][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 615.238312][ T9] device veth1_macvtap left promiscuous mode [ 615.249723][ T9] device veth0_macvtap left promiscuous mode [ 615.264596][ T9] device veth1_vlan left promiscuous mode [ 615.270625][ T9] device veth0_vlan left promiscuous mode [ 615.762695][ T3659] Bluetooth: hci0: command tx timeout [ 616.372931][ T7577] syz-executor: attempt to access beyond end of device [ 616.372931][ T7577] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 617.043483][ T9] team0 (unregistering): Port device team_slave_1 removed [ 617.152962][ T9] team0 (unregistering): Port device team_slave_0 removed [ 617.198664][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 617.246145][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 617.773900][ T8579] EXT4-fs (loop3): unmounting filesystem. [ 617.845483][ T9] bond0 (unregistering): Released all slaves [ 617.852600][ T3659] Bluetooth: hci0: command tx timeout [ 617.989968][ T9702] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 618.013056][ T9702] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 618.095059][ T9702] team0: Port device team_slave_0 added [ 618.109180][ T9702] team0: Port device team_slave_1 added [ 618.148430][ T9702] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 618.156025][ T9702] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 618.192510][ T9702] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 618.821410][ T9702] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 619.012243][ T9702] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 619.094200][ T9702] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 619.275262][ T9702] device hsr_slave_0 entered promiscuous mode [ 619.323265][ T9702] device hsr_slave_1 entered promiscuous mode [ 619.352579][ T9702] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 619.362381][ T9702] Cannot create hsr debugfs directory [ 619.486126][ T9846] netlink: 'syz.3.1410': attribute type 10 has an invalid length. [ 619.503147][ T9846] bridge0: port 2(bridge_slave_1) entered disabled state [ 619.510704][ T9846] bridge0: port 1(bridge_slave_0) entered disabled state [ 619.526427][ T9846] bridge0: port 2(bridge_slave_1) entered blocking state [ 619.533646][ T9846] bridge0: port 2(bridge_slave_1) entered forwarding state [ 619.541105][ T9846] bridge0: port 1(bridge_slave_0) entered blocking state [ 619.548248][ T9846] bridge0: port 1(bridge_slave_0) entered forwarding state [ 619.585405][ T9846] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 619.629900][ T9850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1410'. [ 619.644437][ T9850] device bridge_slave_1 left promiscuous mode [ 619.650809][ T9850] bridge0: port 2(bridge_slave_1) entered disabled state [ 619.670075][ T9850] device bridge_slave_0 left promiscuous mode [ 619.681638][ T9850] bridge0: port 1(bridge_slave_0) entered disabled state [ 619.729524][ T9850] bond0: (slave bridge0): Releasing backup interface [ 620.405405][ T9875] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1415'. [ 620.439326][ T9875] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1415'. [ 620.518247][ T26] kauditd_printk_skb: 19 callbacks suppressed [ 620.518263][ T26] audit: type=1326 audit(1728675589.298:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.628617][ T26] audit: type=1326 audit(1728675589.298:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.652296][ T26] audit: type=1326 audit(1728675589.358:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.690862][ T26] audit: type=1326 audit(1728675589.358:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.719723][ T26] audit: type=1326 audit(1728675589.358:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.755730][ T26] audit: type=1326 audit(1728675589.358:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.785578][ T26] audit: type=1326 audit(1728675589.358:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.813987][ T26] audit: type=1326 audit(1728675589.358:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.849284][ T26] audit: type=1326 audit(1728675589.358:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 620.885632][ T9885] smc: net device bond0 applied user defined pnetid SYZ0 [ 620.917929][ T9881] smc: net device bond0 erased user defined pnetid SYZ0 [ 620.929303][ T26] audit: type=1326 audit(1728675589.358:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 621.225851][ T9893] hugetlbfs: Bad value for 'gid' [ 621.313538][ T9903] syz.1.1422 uses obsolete (PF_INET,SOCK_PACKET) [ 621.750699][ T9917] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1424'. [ 621.776355][ T9917] tipc: Enabling of bearer rejected, already enabled [ 622.071766][ T9702] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 622.114346][ T9702] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 622.159223][ T9702] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 622.179690][ T9702] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 622.487007][ T3720] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 622.689547][ T9702] 8021q: adding VLAN 0 to HW filter on device bond0 [ 622.735737][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 622.754168][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 622.779863][ T9702] 8021q: adding VLAN 0 to HW filter on device team0 [ 622.808847][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 622.828202][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 622.858786][ T3972] bridge0: port 1(bridge_slave_0) entered blocking state [ 622.865964][ T3972] bridge0: port 1(bridge_slave_0) entered forwarding state [ 623.092526][ T3720] usb 4-1: unable to get BOS descriptor or descriptor too short [ 623.101128][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 623.144107][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 623.156022][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 623.168913][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 623.176072][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 623.185536][ T3720] usb 4-1: not running at top speed; connect to a high speed hub [ 623.194790][ T9947] No such timeout policy "syz0" [ 623.238603][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 623.254720][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 623.292525][ T3720] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 623.339263][ T9949] device dummy0 entered promiscuous mode [ 623.348955][ T3720] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 623.392937][ T9949] device dummy0 left promiscuous mode [ 623.434617][ T9932] loop0: detected capacity change from 0 to 40427 [ 623.458195][ T9932] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 623.466160][ T9932] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 623.502035][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 623.517606][ T9932] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 623.519417][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 623.538362][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 623.552768][ T3720] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 623.563939][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 623.582358][ T3720] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 623.599812][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 623.609075][ T3720] usb 4-1: Product: syz [ 623.618002][ T3720] usb 4-1: Manufacturer: syz [ 623.636184][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 623.644810][ T3720] usb 4-1: SerialNumber: syz [ 623.665767][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 623.696707][ T9702] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 623.713738][ T9702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 623.724013][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 623.734173][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 623.814820][ T9932] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 623.832352][ T9932] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 623.889286][ T9961] 9pnet_fd: Insufficient options for proto=fd [ 623.958838][ T9961] loop2: detected capacity change from 0 to 1024 [ 623.997613][ T9961] EXT4-fs: Ignoring removed orlov option [ 624.055684][ T9961] EXT4-fs: Ignoring removed nomblk_io_submit option [ 624.093502][ T3720] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 624.108850][ T3720] cdc_ncm 4-1:1.0: bind() failure [ 624.117740][ T3720] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 624.125274][ T3720] cdc_ncm 4-1:1.1: bind() failure [ 624.143527][ T3720] usb 4-1: USB disconnect, device number 5 [ 624.303688][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.319154][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.342810][ T9961] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 624.649584][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 624.715213][ T6084] syz-executor: attempt to access beyond end of device [ 624.715213][ T6084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 624.969314][ T9976] loop3: detected capacity change from 0 to 1024 [ 625.014441][ T9976] EXT4-fs: Ignoring removed orlov option [ 625.166932][ T9976] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 625.207051][ T9976] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2738: inode #12: comm syz.3.1438: corrupted in-inode xattr [ 625.363668][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 625.371205][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 625.402450][ T9976] EXT4-fs (loop3): Remounting filesystem read-only [ 625.420485][ T9702] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 625.553975][ T8579] EXT4-fs (loop3): unmounting filesystem. [ 625.567376][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 625.567392][ T26] audit: type=1326 audit(1728675594.348:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 625.601610][ T9998] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1437'. [ 625.654132][ T9996] loop2: detected capacity change from 0 to 512 [ 625.665144][ T9998] tipc: Enabling of bearer rejected, already enabled [ 625.685659][ T26] audit: type=1326 audit(1728675594.398:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 625.855556][ T9996] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 625.915134][ T26] audit: type=1326 audit(1728675594.398:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb785b7e033 code=0x7ffc0000 [ 625.938486][ T9996] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038 (0x7fffffff) [ 625.964477][ T26] audit: type=1326 audit(1728675594.408:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb785b7cadf code=0x7ffc0000 [ 626.659191][ T26] audit: type=1326 audit(1728675594.408:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb785b7e087 code=0x7ffc0000 [ 626.720849][ T26] audit: type=1326 audit(1728675594.408:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb785b7c990 code=0x7ffc0000 [ 626.746395][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 626.755055][T10009] netlink: 1812 bytes leftover after parsing attributes in process `syz.0.1442'. [ 626.783172][ T26] audit: type=1326 audit(1728675594.438:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb785b7dbfb code=0x7ffc0000 [ 626.845766][ T26] audit: type=1326 audit(1728675594.468:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb785b7cc8a code=0x7ffc0000 [ 626.927371][ T26] audit: type=1326 audit(1728675594.468:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb785b7cc8a code=0x7ffc0000 [ 627.026353][ T26] audit: type=1326 audit(1728675594.468:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.2.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fb785b7c897 code=0x7ffc0000 [ 627.209601][T10028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1447'. [ 627.311081][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 627.319136][T10019] loop2: detected capacity change from 0 to 8192 [ 627.331561][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 627.438805][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 627.453673][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 627.495623][T10037] syz.1.1449[10037] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 627.495727][T10037] syz.1.1449[10037] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 627.509368][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 627.560411][ T1117] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 627.584481][ T9702] device veth0_vlan entered promiscuous mode [ 627.595970][T10037] loop1: detected capacity change from 0 to 512 [ 627.623952][ T9702] device veth1_vlan entered promiscuous mode [ 627.662030][T10037] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 627.715622][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 627.738171][ T8672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 627.784851][T10037] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #17: comm syz.1.1449: iget: bad i_size value: -6917529027641081756 [ 627.795024][ T9702] device veth0_macvtap entered promiscuous mode [ 627.807052][T10052] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1451'. [ 627.826164][ T9702] device veth1_macvtap entered promiscuous mode [ 627.833311][T10037] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1449: couldn't read orphan inode 17 (err -117) [ 627.861770][ T9702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.874799][ T9702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.883885][T10037] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 627.885331][ T9702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.921624][ T9702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.941861][ T9702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.960978][ T9702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.004868][ T9702] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 628.020755][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 628.067987][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 628.099039][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 628.130887][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 628.166130][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 628.273823][ T9702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.296180][ T9702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.306100][ T9702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.317573][ T9702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.328360][ T9702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.340356][ T9702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.363977][ T9702] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 628.383635][T10058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1453'. [ 628.405877][T10058] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 628.426056][T10062] No such timeout policy "syz0" [ 628.438893][T10058] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 628.459314][T10058] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 628.476035][T10058] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 628.584723][T10058] bond0: (slave batadv0): Releasing backup interface [ 628.642136][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 628.658891][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 628.688991][ T9702] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.704883][ T9702] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.837152][ T9702] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.847280][ T9702] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.913741][ T3972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.002789][ T3972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.055951][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 630.058761][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.071617][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.097742][T10081] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1456'. [ 630.134782][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 630.399772][T10090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1461'. [ 632.082004][ T3972] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 632.246335][ T3972] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 632.362049][ T3972] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 632.447999][T10126] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 632.457899][ T3972] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 632.485299][T10126] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 632.517777][ T3649] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 632.533296][ T3649] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 632.548747][ T3649] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 632.560353][ T3646] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 632.570062][ T3646] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 632.578502][ T3646] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 632.894935][ T3972] tipc: Disabling bearer [ 632.900890][ T3972] tipc: Left network mode [ 633.184494][T10148] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1473'. [ 633.541459][T10160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1475'. [ 634.481907][T10171] loop4: detected capacity change from 0 to 128 [ 634.502662][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 634.502678][ T26] audit: type=1326 audit(1728675603.288:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 634.642463][ T3659] Bluetooth: hci2: command tx timeout [ 634.677299][ T26] audit: type=1326 audit(1728675603.328:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 634.700413][ T26] audit: type=1326 audit(1728675603.328:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 634.740110][T10129] chnl_net:caif_netlink_parms(): no params data found [ 634.750482][ T26] audit: type=1326 audit(1728675603.328:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 635.411424][ T26] audit: type=1326 audit(1728675603.328:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 635.509000][ T26] audit: type=1326 audit(1728675603.328:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 635.532063][ T26] audit: type=1326 audit(1728675603.328:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 635.554731][ T26] audit: type=1326 audit(1728675603.328:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 635.584528][ T26] audit: type=1326 audit(1728675603.328:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 635.607980][ T26] audit: type=1326 audit(1728675603.328:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 635.860346][T10198] syz.4.1483[10198] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 635.860446][T10198] syz.4.1483[10198] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 637.023226][ T3659] Bluetooth: hci2: command tx timeout [ 637.095352][T10129] bridge0: port 1(bridge_slave_0) entered blocking state [ 637.108667][T10129] bridge0: port 1(bridge_slave_0) entered disabled state [ 637.117246][T10129] device bridge_slave_0 entered promiscuous mode [ 637.189882][T10129] bridge0: port 2(bridge_slave_1) entered blocking state [ 637.197632][T10129] bridge0: port 2(bridge_slave_1) entered disabled state [ 637.210663][T10129] device bridge_slave_1 entered promiscuous mode [ 637.358699][T10129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 637.404468][T10129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 637.448292][T10227] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1492'. [ 637.517340][T10222] loop1: detected capacity change from 0 to 512 [ 637.535187][T10222] EXT4-fs: Ignoring removed orlov option [ 637.545650][T10222] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 637.641382][T10222] EXT4-fs (loop1): 1 orphan inode deleted [ 637.667037][T10129] team0: Port device team_slave_0 added [ 637.679513][T10222] EXT4-fs (loop1): 1 truncate cleaned up [ 637.703710][ T3972] device hsr_slave_0 left promiscuous mode [ 637.714930][ T3972] device hsr_slave_1 left promiscuous mode [ 637.730170][T10222] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 637.786957][ T3972] device veth1_macvtap left promiscuous mode [ 637.793282][ T3972] device veth0_macvtap left promiscuous mode [ 637.803797][ T3972] device veth1_vlan left promiscuous mode [ 637.817088][ T3972] device veth0_vlan left promiscuous mode [ 637.831172][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 637.953526][T10244] loop4: detected capacity change from 0 to 1024 [ 638.020914][T10244] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 638.046490][T10244] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038 (0x7fffffff) [ 638.518272][ T3972] team0 (unregistering): Port device team_slave_1 removed [ 638.569774][ T3972] team0 (unregistering): Port device team_slave_0 removed [ 638.614514][ T3972] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 638.670477][ T3972] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 639.127554][ T3659] Bluetooth: hci2: command tx timeout [ 639.226382][ T3972] bond0 (unregistering): Released all slaves [ 639.260788][T10129] team0: Port device team_slave_1 added [ 639.273775][T10244] netlink: 'syz.4.1493': attribute type 10 has an invalid length. [ 639.288176][T10244] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.295657][T10244] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.308181][T10244] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.315599][T10244] bridge0: port 2(bridge_slave_1) entered forwarding state [ 639.323064][T10244] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.330188][T10244] bridge0: port 1(bridge_slave_0) entered forwarding state [ 639.340376][T10244] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 639.403254][ T9702] EXT4-fs (loop4): unmounting filesystem. [ 639.463662][T10129] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 639.474215][T10129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 639.519874][T10129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 639.567437][T10129] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 639.598805][T10129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 639.657200][T10129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 640.487044][T10264] IPv6: NLM_F_CREATE should be specified when creating new route [ 640.534636][T10267] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 640.625022][T10129] device hsr_slave_0 entered promiscuous mode [ 640.642380][T10129] device hsr_slave_1 entered promiscuous mode [ 640.658921][T10129] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 640.676898][T10129] Cannot create hsr debugfs directory [ 640.813392][T10267] loop4: detected capacity change from 0 to 512 [ 640.834062][T10267] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 640.872131][T10267] EXT4-fs (loop4): 1 truncate cleaned up [ 640.900854][T10267] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 641.072815][T10285] smc: net device bond0 applied user defined pnetid SYZ0 [ 641.081693][T10279] smc: net device bond0 erased user defined pnetid SYZ0 [ 641.202421][ T3659] Bluetooth: hci2: command tx timeout [ 641.266275][ T9702] EXT4-fs (loop4): unmounting filesystem. [ 641.539072][T10295] loop4: detected capacity change from 0 to 2048 [ 641.797572][T10295] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 641.848796][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 641.848833][ T26] audit: type=1326 audit(1728675610.628:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10302 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 642.509261][T10307] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 642.622157][ T26] audit: type=1326 audit(1728675610.898:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10302 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 642.665975][ T26] audit: type=1326 audit(1728675610.918:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10302 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 642.784900][ T26] audit: type=1326 audit(1728675610.938:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10302 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 642.847708][T10314] loop0: detected capacity change from 0 to 256 [ 642.874375][ T26] audit: type=1326 audit(1728675610.988:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10302 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feecb37dff9 code=0x7ffc0000 [ 642.915905][ T9702] EXT4-fs (loop4): unmounting filesystem. [ 643.065866][T10320] tipc: Started in network mode [ 643.071064][T10320] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 643.078821][T10320] tipc: Enabled bearer , priority 10 [ 644.093246][T10129] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 644.148157][T10129] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 644.194017][ T7] tipc: Node number set to 15444650 [ 644.233942][T10129] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 644.321888][T10129] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 645.372353][T10129] 8021q: adding VLAN 0 to HW filter on device bond0 [ 645.411324][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 645.446299][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 645.500812][T10129] 8021q: adding VLAN 0 to HW filter on device team0 [ 645.531143][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 645.583298][T10345] loop2: detected capacity change from 0 to 512 [ 645.591223][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 645.633009][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 645.640178][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 645.678454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 645.699985][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 645.748481][T10345] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 645.753354][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 645.767123][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 645.774278][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 645.792574][T10345] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038 (0x7fffffff) [ 645.811886][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 645.904157][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 645.932052][T10358] loop1: detected capacity change from 0 to 4096 [ 645.932087][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 645.989140][T10358] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 645.998262][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 646.035976][T10363] netlink: 'syz.4.1520': attribute type 29 has an invalid length. [ 646.074544][T10363] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1520'. [ 646.092914][T10129] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 646.263148][T10367] input: syz1 as /devices/virtual/input/input25 [ 646.336597][T10129] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 646.492486][T10361] lo speed is unknown, defaulting to 1000 [ 646.498997][T10361] lo speed is unknown, defaulting to 1000 [ 646.562997][T10361] lo speed is unknown, defaulting to 1000 [ 646.661525][T10358] Process accounting resumed [ 646.678172][T10361] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 646.753455][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 646.878333][T10361] lo speed is unknown, defaulting to 1000 [ 646.891772][T10330] loop0: detected capacity change from 0 to 40427 [ 646.907104][T10361] lo speed is unknown, defaulting to 1000 [ 646.943232][T10361] lo speed is unknown, defaulting to 1000 [ 646.961613][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 646.989872][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 647.000421][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 647.003151][T10330] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 647.009454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 647.024688][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 647.032851][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 647.049484][T10330] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 647.097779][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 647.114654][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 647.148088][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 647.161189][T10330] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 647.184376][T10363] netlink: 'syz.4.1520': attribute type 29 has an invalid length. [ 647.212661][T10363] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1520'. [ 647.237468][T10361] lo speed is unknown, defaulting to 1000 [ 647.410847][T10361] lo speed is unknown, defaulting to 1000 [ 648.219872][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 648.240090][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 648.268007][T10129] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 648.271308][ T26] audit: type=1326 audit(1728675617.048:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1524" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4f6f17dff9 code=0x0 [ 648.340711][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 648.355234][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 648.397831][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 648.410947][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 648.440396][T10129] device veth0_vlan entered promiscuous mode [ 648.452290][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 648.466953][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 648.496095][T10129] device veth1_vlan entered promiscuous mode [ 648.600701][ T4060] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 648.612440][ T4060] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 648.721775][ T4060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 648.838505][ T4060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 649.349871][T10129] device veth0_macvtap entered promiscuous mode [ 649.426538][T10129] device veth1_macvtap entered promiscuous mode [ 649.439751][ T26] audit: type=1326 audit(1728675618.218:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.537925][ T26] audit: type=1326 audit(1728675618.218:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.562365][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 649.596012][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 649.627690][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 649.648469][ T26] audit: type=1326 audit(1728675618.218:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.682884][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 649.712538][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 649.741289][T10414] loop0: detected capacity change from 0 to 512 [ 649.751798][ T26] audit: type=1326 audit(1728675618.218:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.780349][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 649.798828][T10129] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 649.806365][ T26] audit: type=1326 audit(1728675618.218:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.837808][ T3811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 649.851639][ T3811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 649.865439][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 649.883896][ T26] audit: type=1326 audit(1728675618.218:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.894050][T10414] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 649.913356][ T26] audit: type=1326 audit(1728675618.218:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.932339][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 649.941436][ T26] audit: type=1326 audit(1728675618.218:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.973219][T10414] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038 (0x7fffffff) [ 649.973428][ T26] audit: type=1326 audit(1728675618.218:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10403 comm="syz.2.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb785b7dff9 code=0x7ffc0000 [ 649.992213][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 650.159374][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 650.197433][T10129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 650.208457][T10129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 650.220247][T10129] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 650.236243][ T3811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 650.356040][T10428] input: syz1 as /devices/virtual/input/input26 [ 650.506004][ T3811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 650.632094][T10129] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.651654][T10129] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.673469][T10129] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.696244][T10129] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.952402][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 650.961814][ T7396] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 651.013955][ T7396] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 651.059564][T10430] tipc: Enabled bearer , priority 10 [ 651.071397][T10432] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1536'. [ 651.101370][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 651.129499][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 651.150877][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 651.171990][ T3811] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 652.313157][ T3646] Bluetooth: hci1: command 0x0406 tx timeout [ 652.328059][T10424] loop4: detected capacity change from 0 to 40427 [ 652.363825][T10450] loop3: detected capacity change from 0 to 2048 [ 652.380156][T10424] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 652.397414][T10424] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 652.463556][T10450] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 652.524011][T10424] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 652.740207][T10466] 9pnet_fd: p9_fd_create_tcp (10466): problem connecting socket to 127.0.0.1 [ 652.898061][T10424] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 653.020460][T10129] EXT4-fs (loop3): unmounting filesystem. [ 653.042902][T10424] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 654.451993][T10479] loop3: detected capacity change from 0 to 256 [ 654.706038][T10486] tipc: Started in network mode [ 654.713605][T10486] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 654.721203][T10486] tipc: Enabled bearer , priority 10 [ 655.732557][ T3690] tipc: Node number set to 15444650 [ 655.795680][T10499] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1555'. [ 655.849468][T10499] device bond0 entered promiscuous mode [ 655.864506][T10500] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 655.895464][T10499] device bond_slave_0 entered promiscuous mode [ 655.910924][T10499] device bond_slave_1 entered promiscuous mode [ 656.131562][T10507] loop3: detected capacity change from 0 to 512 [ 656.178331][T10507] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 656.226067][T10510] loop2: detected capacity change from 0 to 128 [ 656.253442][T10507] EXT4-fs error (device loop3): __ext4_iget:5055: inode #11: block 16: comm syz.3.1560: invalid block [ 656.280266][T10507] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1560: couldn't read orphan inode 11 (err -117) [ 656.363138][T10507] EXT4-fs (loop3): 1 truncate cleaned up [ 656.414148][T10507] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 656.502523][T10507] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.1560: bg 0: block 16: invalid block bitmap [ 656.816813][T10507] batman_adv: batadv0: Adding interface: dummy0 [ 656.848373][T10507] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 656.951450][T10507] batman_adv: batadv0: Interface activated: dummy0 [ 657.151993][T10129] EXT4-fs (loop3): unmounting filesystem. [ 657.378341][T10523] IPv6: NLM_F_CREATE should be specified when creating new route [ 657.416231][T10528] loop3: detected capacity change from 0 to 256 [ 657.657278][T10532] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 657.669994][T10502] loop0: detected capacity change from 0 to 40427 [ 657.866077][T10502] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 657.937635][T10502] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 658.334126][T10502] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 658.361062][T10538] loop2: detected capacity change from 0 to 512 [ 658.440224][T10538] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 658.514795][T10538] EXT4-fs (loop2): 1 truncate cleaned up [ 658.560379][T10538] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 658.567634][T10502] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 658.576045][T10502] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 658.600105][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 658.600121][ T26] audit: type=1804 audit(1728675627.378:762): pid=10502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1557" name="/newroot/222/file1/file1" dev="loop0" ino=10 res=1 errno=0 [ 658.675933][T10549] loop1: detected capacity change from 0 to 128 [ 659.503972][ T6084] syz-executor: attempt to access beyond end of device [ 659.503972][ T6084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 659.547479][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 659.691248][T10560] loop2: detected capacity change from 0 to 128 [ 660.551429][T10573] loop2: detected capacity change from 0 to 4096 [ 660.588073][T10573] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 660.639659][T10573] Process accounting resumed [ 660.670449][T10576] smc: net device bond0 applied user defined pnetid SYZ0 [ 660.802737][T10576] smc: net device bond0 erased user defined pnetid SYZ0 [ 660.817756][T10573] EXT4-fs (loop2): re-mounted. Quota mode: writeback. [ 660.978425][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 661.230001][T10592] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1579'. [ 661.278943][T10592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1579'. [ 661.585429][T10599] netlink: 'syz.0.1581': attribute type 10 has an invalid length. [ 661.615717][T10597] loop2: detected capacity change from 0 to 2048 [ 661.696997][T10599] team0: Device hsr_slave_0 failed to register rx_handler [ 661.717979][T10597] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1580'. [ 661.931997][T10597] loop2: detected capacity change from 0 to 2048 [ 662.066260][T10602] loop1: detected capacity change from 0 to 8192 [ 662.070609][T10608] loop3: detected capacity change from 0 to 512 [ 662.080540][T10597] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 662.120811][T10609] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 662.152595][T10608] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 662.222644][T10608] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038 (0x7fffffff) [ 662.325501][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 662.445435][T10129] EXT4-fs (loop3): unmounting filesystem. [ 662.515911][T10625] siw: device registration error -23 [ 662.895081][T10634] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 662.926461][T10637] loop2: detected capacity change from 0 to 512 [ 662.974619][ T26] audit: type=1326 audit(1728675631.758:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 662.998532][T10637] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 663.039675][T10637] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 663.062453][T10637] System zones: 1-12 [ 663.068257][T10637] EXT4-fs (loop2): 1 truncate cleaned up [ 663.081285][ T26] audit: type=1326 audit(1728675631.758:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.081860][T10639] loop0: detected capacity change from 0 to 512 [ 663.122874][T10639] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 663.156749][T10639] EXT4-fs (loop0): 1 truncate cleaned up [ 663.190202][T10639] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 663.222888][T10637] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 663.239355][ T26] audit: type=1326 audit(1728675631.758:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.263270][ T26] audit: type=1326 audit(1728675631.758:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.292555][ T26] audit: type=1326 audit(1728675631.758:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.334745][ T26] audit: type=1326 audit(1728675631.758:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.418715][ T26] audit: type=1326 audit(1728675631.758:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.481542][ T6084] EXT4-fs (loop0): unmounting filesystem. [ 663.573913][ T26] audit: type=1326 audit(1728675631.758:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.649083][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 663.650855][ T26] audit: type=1326 audit(1728675631.758:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.666539][T10655] loop0: detected capacity change from 0 to 256 [ 663.680688][ T26] audit: type=1326 audit(1728675631.758:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.706627][ T26] audit: type=1326 audit(1728675631.828:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10638 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85517dff9 code=0x7ffc0000 [ 663.742116][T10653] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 664.578191][T10664] loop1: detected capacity change from 0 to 512 [ 664.729497][T10668] loop4: detected capacity change from 0 to 128 [ 664.741636][T10664] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 664.808747][T10664] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038 (0x7fffffff) [ 665.023212][ T7577] EXT4-fs (loop1): unmounting filesystem. [ 665.423127][T10661] loop2: detected capacity change from 0 to 40427 [ 665.430974][T10661] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 665.441965][T10661] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 665.568169][T10661] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 665.867772][T10687] loop4: detected capacity change from 0 to 8192 [ 665.938150][T10687] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 665.969290][T10661] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 665.985266][T10661] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 666.057825][ T26] audit: type=1804 audit(1728675634.838:774): pid=10661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1596" name="/newroot/85/file1/file1" dev="loop2" ino=10 res=1 errno=0 [ 666.107563][T10687] program syz.4.1605 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 666.897359][T10705] loop3: detected capacity change from 0 to 2048 [ 666.939866][ T8777] syz-executor: attempt to access beyond end of device [ 666.939866][ T8777] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 667.102182][T10705] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 667.509310][ T26] audit: type=1326 audit(1728675636.288:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10725 comm="syz.4.1617" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4f6f17dff9 code=0x0 [ 667.587017][T10728] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1618'. [ 667.598084][T10129] EXT4-fs (loop3): unmounting filesystem. [ 667.626389][T10728] tipc: Enabling of bearer rejected, already enabled [ 667.676908][T10731] syz.0.1619[10731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 667.677020][T10731] syz.0.1619[10731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 667.733385][T10734] loop2: detected capacity change from 0 to 512 [ 667.835263][T10734] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 667.862783][ T26] audit: type=1326 audit(1728675636.648:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10738 comm="syz.1.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 667.886658][T10734] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038 (0x7fffffff) [ 667.898119][ T26] audit: type=1326 audit(1728675636.648:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10738 comm="syz.1.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 667.950514][ T26] audit: type=1326 audit(1728675636.678:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10738 comm="syz.1.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 668.028760][ T26] audit: type=1326 audit(1728675636.678:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10738 comm="syz.1.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 668.081914][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 668.106814][ T26] audit: type=1326 audit(1728675636.678:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10738 comm="syz.1.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80517dff9 code=0x7ffc0000 [ 668.391298][T10756] loop2: detected capacity change from 0 to 512 [ 668.449504][T10756] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 668.449602][T10756] ext4 filesystem being mounted at /87/bus supports timestamps until 2038 (0x7fffffff) [ 668.635410][T10764] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1629'. [ 668.821889][ T8777] EXT4-fs (loop2): unmounting filesystem. [ 669.950392][T10773] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1632'. [ 670.019932][T10773] tipc: Enabling of bearer rejected, already enabled [ 670.992937][T10781] sch_tbf: peakrate 64 is lower than or equals to rate 4294967295 ! [ 671.000467][T10784] loop0: detected capacity change from 0 to 512 [ 671.025193][T10781] [ 671.028055][T10781] ============================= [ 671.033017][T10781] WARNING: suspicious RCU usage [ 671.037885][T10781] 6.1.112-syzkaller #0 Not tainted [ 671.043487][T10781] ----------------------------- [ 671.048386][T10781] kernel/events/callchain.c:161 suspicious rcu_dereference_check() usage! [ 671.056957][T10781] [ 671.056957][T10781] other info that might help us debug this: [ 671.056957][T10781] [ 671.067248][T10781] [ 671.067248][T10781] rcu_scheduler_active = 2, debug_locks = 1 [ 671.075379][T10781] 1 lock held by syz.2.1636/10781: [ 671.080512][T10781] #0: ffffffff8d32b8c0 (rcu_read_lock_trace){....}-{0:0}, at: rcu_read_lock_trace+0x37/0x70 [ 671.090813][T10781] [ 671.090813][T10781] stack backtrace: [ 671.096753][T10781] CPU: 0 PID: 10781 Comm: syz.2.1636 Not tainted 6.1.112-syzkaller #0 [ 671.104922][T10781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 671.115001][T10781] Call Trace: [ 671.118296][T10781] [ 671.121243][T10781] dump_stack_lvl+0x1e3/0x2cb [ 671.125969][T10781] ? nf_tcp_handle_invalid+0x642/0x642 [ 671.131465][T10781] ? panic+0x764/0x764 [ 671.135569][T10781] lockdep_rcu_suspicious+0x21c/0x330 [ 671.140979][T10781] get_callchain_entry+0x2ac/0x3c0 [ 671.146114][T10781] get_perf_callchain+0xe6/0x810 [ 671.151081][T10781] ? put_callchain_entry+0xb0/0xb0 [ 671.156208][T10781] ? __lock_acquire+0x125b/0x1f80 [ 671.161257][T10781] __bpf_get_stack+0x378/0x570 [ 671.166038][T10781] ? stack_map_get_build_id_offset+0x9c0/0x9c0 [ 671.172201][T10781] ? __cant_sleep+0x270/0x270 [ 671.176874][T10781] bpf_get_stack_raw_tp+0x1b2/0x220 [ 671.182073][T10781] bpf_prog_d43750871481577d+0x3d/0x41 [ 671.187543][T10781] bpf_prog_run_pin_on_cpu+0x62/0x130 [ 671.192922][T10781] bpf_prog_test_run_syscall+0x312/0x4d0 [ 671.198559][T10781] ? sock_gen_cookie+0x60/0x60 [ 671.203340][T10781] ? sock_gen_cookie+0x60/0x60 [ 671.208108][T10781] bpf_prog_test_run+0x32f/0x3a0 [ 671.213055][T10781] __sys_bpf+0x3eb/0x6c0 [ 671.217321][T10781] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 671.222724][T10781] ? print_irqtrace_events+0x210/0x210 [ 671.228188][T10781] ? print_irqtrace_events+0x210/0x210 [ 671.233665][T10781] ? syscall_enter_from_user_mode+0x2e/0x230 [ 671.239656][T10781] ? lockdep_hardirqs_on+0x94/0x130 [ 671.244852][T10781] __x64_sys_bpf+0x78/0x90 [ 671.249274][T10781] do_syscall_64+0x3b/0xb0 [ 671.253686][T10781] ? clear_bhb_loop+0x45/0xa0 [ 671.258370][T10781] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 671.264301][T10781] RIP: 0033:0x7fb785b7dff9 [ 671.268712][T10781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 671.288339][T10781] RSP: 002b:00007fb78692d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 671.296759][T10781] RAX: ffffffffffffffda RBX: 00007fb785d35f80 RCX: 00007fb785b7dff9 [ 671.304730][T10781] RDX: 000000000000000c RSI: 00000000200004c0 RDI: 000000000000000a [ 671.312695][T10781] RBP: 00007fb785bf0296 R08: 0000000000000000 R09: 0000000000000000 [ 671.320656][T10781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 671.328618][T10781] R13: 0000000000000000 R14: 00007fb785d35f80 R15: 00007ffef19d44e8 [ 671.336600][T10781] [ 671.359132][T10784] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 671.372389][T10784] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038 (0x7fffffff) [ 671.429106][ T6084] EXT4-fs (loop0): unmounting filesystem.