last executing test programs: 9.410872165s ago: executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000500)='./file0\x00', 0x18008, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES64], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="80020c0000000c000ad616c24e846d6f6981c86b5e79d1cb4b7dc9070d6fc6aa02b10d0e67a50300d5916fb3ee"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000080)={0x7b, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/loop0', 0x202, 0x0) write$cgroup_type(r2, &(0x7f0000000080), 0x9) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = landlock_create_ruleset(&(0x7f0000000240)={0x1ff5}, 0x10, 0x0) landlock_restrict_self(r3, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000000)="f2410f38f0a20400000066baa100ec66ba2000ec670f01ca45e3958f095892be000000002e660fda58bfc481bde2a500600000c421d15c8b98000000b9f90b00000f32"}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r6, 0xae9a) ioctl$KVM_RUN(r6, 0xae80, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000d60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r8}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000000000061100000000000009500000700000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5607, 0x0) bpf$ENABLE_STATS(0x20, &(0x7f0000000080), 0x4) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) sendmsg$AUDIT_LIST_RULES(r9, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x3f5, 0xc00, 0x70bd2d, 0x25dfdbfe, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000000}, 0x40009) sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001800010000000000000000008020"], 0x24}}, 0x0) 7.372347842s ago: executing program 1: r0 = socket(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x74, 0x0, &(0x7f0000003c00)) 5.465427969s ago: executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000340)='./file0\x00', 0x4a16, &(0x7f00000002c0)=ANY=[@ANYRES16=0x0, @ANYRES64, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRES32=0x0], 0x15, 0x31e, &(0x7f0000000a80)="$eJzs3M9LG1sUwPFjjDGJzySLx3u8Bw8v721eN4OmXZeGolAaqKgp1UJh1EkbMk0kEywppeqq29J9V4UuxKU7ofUfcNNdu+mmOzeFLuqidEomM+anmsZorH4/IHNz7z3m3sxNOBNyZ/fO84fZtKWl9aL4gkp+ExHZE4mJTzx97tHnlANSa1UuDX15/8/07NzNRDI5PqXURGLmclwpFRl58+hJyO22NSg7sXu7n+Ofdv7Y+Wv3+8yDjKUylsrli0pX8/mPRX3eNNRixspqSk2ahm4ZKpOzjEKlPV9pT5v5paWS0nOLw+GlgmFZSs+VVNYoqWJeFQslpd/XMzmlaZoaDguOklqfmtITHQYvdHkwOCGFQkLvF5FQU0tqvScDAgAAPdWY//vKKX1H+b9EnPy/3Lma/2/8u10cur0ZcfP/rUCr/P/Kh8r/qsv/gyLSSf7/Un4i/2/OiC6WY+X/OBtGAk1VfXWPyvl/2H3/Otbubow6BfJ/AAAAAAAAAAAAAAAAAAAAAAB+BXu2HbVtO+odvb/qFgL3Mc6lg87/oIgEy2ff5vyfZ9OzcxJ0Nu75IyLms+XUcqpydDtsi4gphoxKVL4568FVLns7j1RZTN6aK278ynKq32lJpCXjxI9JVGKN8bY9cSM5PqYq3Pj9bUrh2vi4ROX31vHx+nj3+QPy/3818ZpE5d2C5MWURWddV+Ofjil1/VayIT7k9AMAAAAA4DzQ1L6W1++adlB75S4j+9fXLb8fqFxfj7a8PvdH//b3evYAAAAAAFwMVulxVjdNo3BIISRH9+m84G+vc6ChZuCwzv01M2x3PAHn9y4ix53XqzZf1bqC90OKuqagW9nZeLz5d+18rdbW+KSNKH/j4EfKFeq44/G+Ngoc8DrLZHOU75CVMNC19fzni9dfu/cGubrprYCjO691+lzBxlXnFAZO47MHAAAAwOmqJv1ezbXa5r6eDAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvmRG7p11Do9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAs+JHAAAA//+3evqP") fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xffffffd1) 5.081347919s ago: executing program 1: sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$KDMKTONE(r0, 0x8901, 0x20000000) 4.940347841s ago: executing program 1: syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000100)={[{@nouser_xattr}, {@four_active_logs}, {@four_active_logs}, {@noquota}, {@fastboot}, {@fastboot}, {@prjjquota={'prjjquota', 0x3d, '-{'}}, {@jqfmt_vfsv1}, {@extent_cache}, {@fastboot}]}, 0x1, 0x54f9, &(0x7f000000ab40)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXIxZvknIvoUURQ4i3/Q84J5BJvOewhgmdlZmeSyQ9w/dGZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLo3YM4yQ6dcRwX5zb3Hi9k/daRPrO+sj2btSyO6kz6dHi5+iHqNpcIAAAA50dS1vchhJ10bS7r405e/6flNVnN/92z47is54/W/WVf1v5Z+/WX3Rf3B+qMx8luentxOLhyPJXWk5vldHvub69o5U8+f/eS5F9I/MHyC6M0f57RNxsb77Xz8EId2QIA/8blsi+C8vehrO83mRgA50arUniX9X/SaTYnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDqMlsPTZRyFEGZbB3Fma+/xwkn9+sr2bNlurK6uVO+Z3SINIdxeHA6u1DiXaffg4aO788Ph4H79wSshhKZGf6eY/t2PJrg4hEaej+B/CuLiy56WfE5H0OAPJQAAzqS0aFldv5OuzWXnopkQ/vz+cP3/eiUOE9b/ux/f2KyOVa3/+7XNcPr1lu593nvw8NGbi/fm7wzuDD5962r/7f61m9ev3+zl70p63pgAAADw37SLVq3/45nj6/+XKnGYsP7/4tv+V9WxEvX/iQ4W/ZrOBAAA4Hx7/tU/fo9OOB+12+HL+aWl+/3xcf/z1fGxgVT/sQtFq9b/yUzTWQEAAAB1GC1Hh9b/b1XiMOH6/zM/vPRT9Z5JCOFisf5/eeGz4a36pjPV6vhz4qbnCAAAQLMuFq26/p/m+//j/S0PcQjhjdfGcfFvACeq/5P3v/6xOlZ1//+1+qY4leLu+HnkfTeEVrfpjAAAADjLnipaVuz/lq7NffLzpQ/b9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2vAAAA//+END5e") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000600)={0x23eb}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) 3.756033685s ago: executing program 3: syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0xabb, &(0x7f0000000340)="$eJzs3U2MW0fhAPCxd73JJuk/Tv8JXdLQJhTa8tFNs1nCRwRJlQiJqKkQl0oVlyhNS0QIEkUCqkokOXGjVRUkTnyIUy9VQUj0gqKeuFSikSqkngoHDkRBVOIAgcQo3hmvPbHzbO/Hs9e/nzQ7njfzPPO8z8/vcyYAE6va/Lu4OFcJ4fKbrx7/28N/nb095UirRL35d7otVQshVGJ6Onu/96eW4psfvHS6W1wJC82/KR2eut6ad2sI4ULYG66Eeth9+eorby88efLiiUv73nnt8LW1WXoAAJgsX71yeHHXn/94/44brz9wNGxqTU/75/WY3hb3+4/GHf+0/18NnelKW2g3k5WbjqE621luqku59npqWbnpHvXPZPXXepTbFO5e/1TbtG7LDeMsrcf1UKnOd6Sr1fn5pWPy0Dyun6nMnz977rkXSmoosOr++WAIYW9bOHapMz1q4cgItGHI0BiBNoxlOLp+dd1oLCl9mdcpNLaXvQUCWJJfL7zDhfzMwsq03m26v/qvP1HtPj+sgvVe/weqf6bk+sPk1p+2Or+6aIvD6tmoa1NarvQ92hbT+XWE/P6l3t///EpH59T8ekStz3b2uo4wLtcXerVzap3bMaxe7c/Xi43qizFOn8OXsvz270/+Px2X/zHQ3b/y8/+TEGoj0AZBGDaEjnRtJe/VKHn7A4yu/L65Rro+GuX39eX5mwryNxfkzxbkbynI31qQD5PsN9/9cXi5snycnx/TD3o+PJ1nuyfG/zdge/LzkYPWn9/3O6iV1p/fTwyj7Hennj7zuWefubp0/3+ltf7fiut7Otyox+/WlVggnS/Mz6u37v2vd9ZT7VHu3qw993Qp33y9s7NcZefy+4S27cwd7ZjrnG97Xm5bLLens1w9Kzcbw+asvfn+yZZsvrT/kbar6fOazpa3li3HTNaOtF3ZEeO8HTCMtD72uv8/rZ9zoVZ57uy5M4/HdFpP/zBV23R7+oF1bjewcv0+/zMXOp//mWlNr1Xbtwvbl6dXlrYLb8T365y+0Kqnc/rBmE6/c9+Ymm1Onz/97XPPrv7iw0R74QcvfvPUuXNnvuPF0C++PBrNGORFOmwZlfas9YvJWdJVe1HyhglYc/t/uLQT8NjZb516/szzZ84fPHTo4MLCoc8fXNzf3K/f37533+5CCa0FVtPyj37ZLQEAAAAAAAAAAAD69b0Tx6+++9Zn31t6/n/5+b/0/H+68zc9//+j7Pn//Dn59Bx8eg5wR5f8Zpmsg9WZrFwthv/P2rszq2dXNt+HYtwaxy8+/5+qy/t1Te25L5te65HMuhO4o7+UmawPkny8wI/G+FKMfxmgRJXZ7pNjXNS/dVrXU/8Ubf1SNPQPPD7S/y2tDakfk/T8d9d+ndr+2TvWoY2svvV4nLDsZQS6+/tE9f/9j+UFL70tGyVMj8l73iX8dHLXiUbPvfR+R7ABWB1lj/+Zznum+Pzvv7L5dkjFrj/Rub3M+y+FQfzp3c70qI4/uV715+P2rXf9ZS9/Uf2rPf5na/y7vrd/2Yh59eHq/ffPrr3XVm3Y3W/9+fKnfqB3Dlb/jVh/WppHQn/1N36R1Z9fEOrTf7L6t/RZ/x3Lv2e4+v8b608f26MP9Vv/Uosr1c525OeN0/W//LxxcjNb/tS3513q/9qL3ZZ/yIEab8X6YZKNyzizg8r2I1o77cOP/xtdWN3xf1uNzTZr+X0Yn4nptCFO9znk450M2v50f0X6HdiVvX+l4PfN+L/j7QsxLvo+pPF/0/pYjz/5benmZ5nStS6f7Ubd1sC4en+irv+NRdg8Am0Q+g+NqSHma40TV3L7G43G2p7QKlBq5ZT++Zd9nFB2/WV//kXy8X/zffh8/N88Px//N8/Px//N82fjf6hXfj7+b/555uP/5vn3Ze+bjw88V5D/4YL83d3zW4ft9xfMv6cg/yMF+fta+Uc6SqT8Bwrmf7Ag/96C/IcK8j9WkP/xgvyHC/IfbctvHwM65X+iYP6NLj2PMqnLD5Msfz7P9x8mR7r+0+v7v7MgHxhfP3n9wLFnfv31+tLz/zOt8yHpOt7RmK7F46fvx3R+3Tu0pW/nvRXTf8nyR/18B0ySvP+M/Pf9kYJ8YHyl+7x8v2ECVTZ3nxzjon6reu3nM14+GeNPxfjTMX4sxvMx3h/jAzFeWKf2sTaOvfHbwy9Xlo/3t2f5/d5Pnj8P1NFPVAjhYJ/tyc8PDHo/e96P36BWWv+Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptr8u7g4Vwnh8puvHn/65Nn9t6ccaZWoN/9Ot6VqrflCeDzGUzH+eXxx84OXTrfHt2JcCQuhEiqt6eGp662atoYQLoS94Uqoh92Xr77y9sKTJy+euLTvndcOX1u7TwAAAAA2vv8FAAD//xEiDi0=") open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x851800, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) 3.691019445s ago: executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80080400) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e20, @local}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xbe, &(0x7f0000000000), &(0x7f0000000080)=0x4) 3.570515444s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x978, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.508916654s ago: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) r5 = socket(0x2c, 0x3, 0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000100)={0xa0179e1d}) r7 = socket$inet_udplite(0x2, 0x2, 0x88) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10) r10 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r10, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1}) r11 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) keyctl$setperm(0x5, r11, 0x0) getdents64(r10, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r7, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x4, 0x4, 0x400, 0x0, 0x210, 0x108, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netpci0\x00', 'pimreg0\x00'}, 0xc0, 0x108, 0x0, {0x3ed}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x7fff, 'syz0\x00'}}}, {{@arp={@rand_addr, @loopback, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gretap0\x00', 'bridge_slave_0\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz1\x00'}}}, {{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_bridge\x00', 'lo\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8400, 'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x450) r12 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'sit0\x00'}) 3.393380762s ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000740)='ext4_ext_remove_space_done\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0) 3.27450443s ago: executing program 3: r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x10, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0x89966f70000}]}}]}, 0x40}}, 0x0) 2.666772495s ago: executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000500)='./file0\x00', 0x18008, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES64], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="80020c0000000c000ad616c24e846d6f6981c86b5e79d1cb4b7dc9070d6fc6aa02b10d0e67a50300d5916fb3ee"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000080)={0x7b, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/loop0', 0x202, 0x0) write$cgroup_type(r2, &(0x7f0000000080), 0x9) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = landlock_create_ruleset(&(0x7f0000000240)={0x1ff5}, 0x10, 0x0) landlock_restrict_self(r3, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000000)="f2410f38f0a20400000066baa100ec66ba2000ec670f01ca45e3958f095892be000000002e660fda58bfc481bde2a500600000c421d15c8b98000000b9f90b00000f32"}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r6, 0xae9a) ioctl$KVM_RUN(r6, 0xae80, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000d60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r8}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000000000061100000000000009500000700000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5607, 0x0) bpf$ENABLE_STATS(0x20, &(0x7f0000000080), 0x4) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) sendmsg$AUDIT_LIST_RULES(r9, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x3f5, 0xc00, 0x70bd2d, 0x25dfdbfe, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000000}, 0x40009) sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001800010000000000000000008020"], 0x24}}, 0x0) 2.326486388s ago: executing program 4: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r0, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x140a, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_RES_LQPN={0xfffffffffffffecf}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}]}, 0x58}}, 0x0) 2.24674926s ago: executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_LEN={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 2.195303998s ago: executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$KDFONTOP_GET(r1, 0x4b3b, 0x0) 2.153388935s ago: executing program 4: syz_usb_connect$cdc_ecm(0x2, 0x5c, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000020000082505a1a440000000010109024a0001010000000904000003020600000b2406f3005bbfe19eabcc05240000000d240f010000000000000000000905810308000000010905820220"], 0x0) 2.076758076s ago: executing program 0: r0 = socket$inet6(0xa, 0x80803, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x0, 0x0, 0x0, 0x80000001}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x40, 0x33}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x0, 0x9, 0xfffffffc}}, 0xe8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc) connect$inet6(r0, &(0x7f00000000c0), 0x1c) 1.988018151s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000065"], 0x0}, 0x90) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x3, 0x4) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) 1.930776569s ago: executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netstat\x00') r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) renameat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, &(0x7f0000000140)='./file1\x00') r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bbfe80000000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001540)=""/4096, 0x1000}], 0x1, 0x0, 0x23}, 0x4000000}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r4, 0xae80, 0x0) read$FUSE(r0, &(0x7f00000000c0)={0x2020}, 0x2020) 991.959626ms ago: executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000b00)={0x7, 0x0, [{0x0, 0x99, &(0x7f0000000780)=""/153}, {0x0, 0x1, &(0x7f0000000c40)=""/1}, {0x0, 0xd9, &(0x7f0000000840)=""/217}, {0x0, 0xfffffffffffffed5, &(0x7f0000000940)=""/149}, {0x0, 0x20, &(0x7f0000000700)=""/32}, {0x0, 0x7e, &(0x7f0000000a00)=""/126}, {0x0, 0x7b, &(0x7f0000000c80)=""/130}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000) 929.028905ms ago: executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x28, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x3f}]}]}, 0x28}}, 0x0) 850.777797ms ago: executing program 0: ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x16}}, {@remote, 0x4}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 820.987932ms ago: executing program 3: syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0xabb, &(0x7f0000000340)="$eJzs3U2MW0fhAPCxd73JJuk/Tv8JXdLQJhTa8tFNs1nCRwRJlQiJqKkQl0oVlyhNS0QIEkUCqkokOXGjVRUkTnyIUy9VQUj0gqKeuFSikSqkngoHDkRBVOIAgcQo3hmvPbHzbO/Hs9e/nzQ7njfzPPO8z8/vcyYAE6va/Lu4OFcJ4fKbrx7/28N/nb095UirRL35d7otVQshVGJ6Onu/96eW4psfvHS6W1wJC82/KR2eut6ad2sI4ULYG66Eeth9+eorby88efLiiUv73nnt8LW1WXoAAJgsX71yeHHXn/94/44brz9wNGxqTU/75/WY3hb3+4/GHf+0/18NnelKW2g3k5WbjqE621luqku59npqWbnpHvXPZPXXepTbFO5e/1TbtG7LDeMsrcf1UKnOd6Sr1fn5pWPy0Dyun6nMnz977rkXSmoosOr++WAIYW9bOHapMz1q4cgItGHI0BiBNoxlOLp+dd1oLCl9mdcpNLaXvQUCWJJfL7zDhfzMwsq03m26v/qvP1HtPj+sgvVe/weqf6bk+sPk1p+2Or+6aIvD6tmoa1NarvQ92hbT+XWE/P6l3t///EpH59T8ekStz3b2uo4wLtcXerVzap3bMaxe7c/Xi43qizFOn8OXsvz270/+Px2X/zHQ3b/y8/+TEGoj0AZBGDaEjnRtJe/VKHn7A4yu/L65Rro+GuX39eX5mwryNxfkzxbkbynI31qQD5PsN9/9cXi5snycnx/TD3o+PJ1nuyfG/zdge/LzkYPWn9/3O6iV1p/fTwyj7Hennj7zuWefubp0/3+ltf7fiut7Otyox+/WlVggnS/Mz6u37v2vd9ZT7VHu3qw993Qp33y9s7NcZefy+4S27cwd7ZjrnG97Xm5bLLens1w9Kzcbw+asvfn+yZZsvrT/kbar6fOazpa3li3HTNaOtF3ZEeO8HTCMtD72uv8/rZ9zoVZ57uy5M4/HdFpP/zBV23R7+oF1bjewcv0+/zMXOp//mWlNr1Xbtwvbl6dXlrYLb8T365y+0Kqnc/rBmE6/c9+Ymm1Onz/97XPPrv7iw0R74QcvfvPUuXNnvuPF0C++PBrNGORFOmwZlfas9YvJWdJVe1HyhglYc/t/uLQT8NjZb516/szzZ84fPHTo4MLCoc8fXNzf3K/f37533+5CCa0FVtPyj37ZLQEAAAAAAAAAAAD69b0Tx6+++9Zn31t6/n/5+b/0/H+68zc9//+j7Pn//Dn59Bx8eg5wR5f8Zpmsg9WZrFwthv/P2rszq2dXNt+HYtwaxy8+/5+qy/t1Te25L5te65HMuhO4o7+UmawPkny8wI/G+FKMfxmgRJXZ7pNjXNS/dVrXU/8Ubf1SNPQPPD7S/y2tDakfk/T8d9d+ndr+2TvWoY2svvV4nLDsZQS6+/tE9f/9j+UFL70tGyVMj8l73iX8dHLXiUbPvfR+R7ABWB1lj/+Zznum+Pzvv7L5dkjFrj/Rub3M+y+FQfzp3c70qI4/uV715+P2rXf9ZS9/Uf2rPf5na/y7vrd/2Yh59eHq/ffPrr3XVm3Y3W/9+fKnfqB3Dlb/jVh/WppHQn/1N36R1Z9fEOrTf7L6t/RZ/x3Lv2e4+v8b608f26MP9Vv/Uosr1c525OeN0/W//LxxcjNb/tS3513q/9qL3ZZ/yIEab8X6YZKNyzizg8r2I1o77cOP/xtdWN3xf1uNzTZr+X0Yn4nptCFO9znk450M2v50f0X6HdiVvX+l4PfN+L/j7QsxLvo+pPF/0/pYjz/5benmZ5nStS6f7Ubd1sC4en+irv+NRdg8Am0Q+g+NqSHma40TV3L7G43G2p7QKlBq5ZT++Zd9nFB2/WV//kXy8X/zffh8/N88Px//N8/Px//N82fjf6hXfj7+b/555uP/5vn3Ze+bjw88V5D/4YL83d3zW4ft9xfMv6cg/yMF+fta+Uc6SqT8Bwrmf7Ag/96C/IcK8j9WkP/xgvyHC/IfbctvHwM65X+iYP6NLj2PMqnLD5Msfz7P9x8mR7r+0+v7v7MgHxhfP3n9wLFnfv31+tLz/zOt8yHpOt7RmK7F46fvx3R+3Tu0pW/nvRXTf8nyR/18B0ySvP+M/Pf9kYJ8YHyl+7x8v2ECVTZ3nxzjon6reu3nM14+GeNPxfjTMX4sxvMx3h/jAzFeWKf2sTaOvfHbwy9Xlo/3t2f5/d5Pnj8P1NFPVAjhYJ/tyc8PDHo/e96P36BWWv+Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptr8u7g4Vwnh8puvHn/65Nn9t6ccaZWoN/9Ot6VqrflCeDzGUzH+eXxx84OXTrfHt2JcCQuhEiqt6eGp662atoYQLoS94Uqoh92Xr77y9sKTJy+euLTvndcOX1u7TwAAAAA2vv8FAAD//xEiDi0=") open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x851800, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) 507.745591ms ago: executing program 2: syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0xe0, 0x0, 0x0, 0x0, 0x10000}}}}}, 0x0) 489.752923ms ago: executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_LEN={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 436.622102ms ago: executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[], 0x4c}}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r4 = dup2(r1, r0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f00000003c0)={r3, @in={{0x2, 0x0, @private}}}, &(0x7f0000000340)=0x90) 320.96634ms ago: executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000300), 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 222.019965ms ago: executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x72}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x10}}, 0x74}}, 0x0) 135.686228ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffffff7f850000002d000000850000000e00000095"], &(0x7f00000012c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r1, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 0s ago: executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0) ppoll(&(0x7f0000000000)=[{r0}, {r0}], 0x2, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000000200)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x2, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000500)=0x0) timer_settime(r1, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) kernel console output (not intermixed with test programs): exists on: batadv_slave_1 [ 155.975803][ T5063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.986770][ T5063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.998129][ T5063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.023899][ T5063] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.033159][ T5284] loop4: detected capacity change from 0 to 512 [ 156.078786][ T5284] EXT4-fs (loop4): failed to initialize system zone (-117) [ 156.117679][ T5284] EXT4-fs (loop4): mount failed [ 156.138696][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 156.154300][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 156.317396][ T26] audit: type=1804 audit(1718783889.253:280): pid=5290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1816881712/syzkaller.H2I0Fr/67/bus" dev="sda1" ino=1951 res=1 errno=0 [ 157.030993][ T3587] Bluetooth: hci1: command tx timeout [ 157.036552][ T3573] Bluetooth: hci4: command tx timeout [ 157.047774][ T26] audit: type=1800 audit(1718783889.253:281): pid=5290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1951 res=0 errno=0 [ 157.125440][ T5063] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.134216][ T5063] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.175694][ T5063] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.184689][ T5063] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.443367][ T4552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.477178][ T4552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.521808][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 157.533253][ T26] audit: type=1800 audit(1718783890.483:282): pid=5300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0 [ 157.682292][ T4688] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.702077][ T4688] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.751227][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 158.626660][ T5315] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 158.768220][ T5175] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 158.798258][ T5175] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 158.850933][ T5175] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 158.944594][ T5175] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 159.056532][ T3573] Bluetooth: hci4: command tx timeout [ 159.264650][ T26] audit: type=1804 audit(1718783892.133:283): pid=5338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1816881712/syzkaller.H2I0Fr/72/bus" dev="sda1" ino=1955 res=1 errno=0 [ 159.992045][ T26] audit: type=1800 audit(1718783892.133:284): pid=5338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1955 res=0 errno=0 [ 160.052488][ T5207] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 160.101545][ T5207] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 160.111192][ T26] audit: type=1800 audit(1718783893.063:285): pid=5337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 160.188729][ T5207] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 160.218181][ T5207] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 160.258225][ T4866] device hsr_slave_0 left promiscuous mode [ 160.268228][ T4866] device hsr_slave_1 left promiscuous mode [ 160.282268][ T4866] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 160.292754][ T4866] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 160.309872][ T4866] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.321410][ T4866] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 160.340306][ T4866] device bridge_slave_1 left promiscuous mode [ 160.351767][ T4866] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.370572][ T4866] device bridge_slave_0 left promiscuous mode [ 160.381121][ T4866] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.403730][ T4866] device hsr_slave_0 left promiscuous mode [ 160.414347][ T4866] device hsr_slave_1 left promiscuous mode [ 160.428557][ T4866] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 160.439947][ T4866] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 160.468044][ T4866] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.476389][ T4866] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 160.485637][ T4866] device bridge_slave_1 left promiscuous mode [ 160.491925][ T4866] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.503266][ T4866] device bridge_slave_0 left promiscuous mode [ 160.511084][ T4866] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.889951][ T4866] device veth1_macvtap left promiscuous mode [ 160.983039][ T4866] device veth0_macvtap left promiscuous mode [ 161.039485][ T4866] device veth1_vlan left promiscuous mode [ 161.310007][ T4866] device veth0_vlan left promiscuous mode [ 161.326059][ T4866] device veth1_macvtap left promiscuous mode [ 161.332172][ T4866] device veth0_macvtap left promiscuous mode [ 161.338626][ T4866] device veth1_vlan left promiscuous mode [ 161.344664][ T4866] device veth0_vlan left promiscuous mode [ 161.711974][ T4866] team0 (unregistering): Port device team_slave_1 removed [ 161.736360][ T4866] team0 (unregistering): Port device team_slave_0 removed [ 161.750511][ T4866] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 161.765622][ T4866] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 161.841223][ T4866] bond0 (unregistering): Released all slaves [ 161.971394][ T4866] team0 (unregistering): Port device team_slave_1 removed [ 161.989058][ T4866] team0 (unregistering): Port device team_slave_0 removed [ 162.006377][ T4866] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.021774][ T4866] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.102689][ T4866] bond0 (unregistering): Released all slaves [ 162.299909][ T5175] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.390011][ T5175] 8021q: adding VLAN 0 to HW filter on device team0 [ 162.400063][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 162.415101][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 162.472512][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 162.482043][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 162.502647][ T3617] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.509882][ T3617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.525162][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 162.544839][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 162.564945][ T3617] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.572372][ T3617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.635314][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 162.643644][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 162.659743][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 162.681660][ T5207] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.707894][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 162.872109][ T26] audit: type=1804 audit(1718783895.803:286): pid=5387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir906498475/syzkaller.CO42Ap/8/bus" dev="sda1" ino=1955 res=1 errno=0 [ 163.601676][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 163.605084][ T26] audit: type=1800 audit(1718783895.803:287): pid=5387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1955 res=0 errno=0 [ 163.622470][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 163.649671][ T26] audit: type=1800 audit(1718783896.593:288): pid=5381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="SYSV00000000" dev="hugetlbfs" ino=8 res=0 errno=0 [ 163.683471][ T5207] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.765089][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.775580][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.795681][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 163.815461][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 163.824307][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 163.861665][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 163.914675][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.923540][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.941964][ T4053] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.949218][ T4053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.963873][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 163.973083][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 163.992457][ T4053] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.999705][ T4053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.016279][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 164.032306][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 164.044359][ T5175] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.075089][ T5400] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 164.094019][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 164.102781][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 164.168908][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 164.181799][ T5404] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure [ 164.995816][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 165.015503][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 165.074567][ T5207] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 165.114516][ T5207] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 165.140528][ T5415] loop0: detected capacity change from 0 to 2048 [ 165.167450][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 165.212269][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 165.230463][ T5415] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 165.244133][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 165.267780][ T5415] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002] [ 165.277104][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 165.295078][ T5415] System zones: 0-19 [ 165.321986][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 165.326765][ T5415] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 165.358527][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 165.393060][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 165.423118][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 165.497387][ T5415] EXT4-fs warning (device loop0): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 12408541 [ 165.566423][ T5415] EXT4-fs error (device loop0) in ext4_free_inode:362: Out of memory [ 165.655717][ T5430] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz-executor.0: Invalid inode bitmap blk 12408541 in block_group 0 [ 165.690616][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 165.700665][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 165.724750][ T26] audit: type=1800 audit(1718783898.663:289): pid=5433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0 [ 165.851882][ T5207] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 166.699608][ T4222] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz-executor.0: Invalid inode bitmap blk 12408541 in block_group 0 [ 166.718857][ T4222] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 166.730815][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 166.744560][ T26] audit: type=1804 audit(1718783898.833:290): pid=5440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3892476987/syzkaller.Ilx8ky/158/bus" dev="sda1" ino=1956 res=1 errno=0 [ 166.744711][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 166.787394][ T5442] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 166.810359][ T4222] EXT4-fs (loop0): unmounting filesystem. [ 166.823335][ T26] audit: type=1800 audit(1718783898.833:291): pid=5440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1956 res=0 errno=0 [ 166.833549][ T5175] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 166.898593][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 166.913230][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 166.965217][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 166.986213][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 167.032644][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 167.051356][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 167.066240][ T5207] device veth0_vlan entered promiscuous mode [ 167.086102][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 167.102835][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 167.112759][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 167.138911][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 167.162523][ T5175] device veth0_vlan entered promiscuous mode [ 167.197603][ T5207] device veth1_vlan entered promiscuous mode [ 167.219827][ T5175] device veth1_vlan entered promiscuous mode [ 167.368661][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 167.389610][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 167.449459][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 167.468212][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 167.480063][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 168.285753][ T5207] device veth0_macvtap entered promiscuous mode [ 168.309202][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 168.332117][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 168.343373][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 168.427366][ T5207] device veth1_macvtap entered promiscuous mode [ 168.521920][ T5175] device veth0_macvtap entered promiscuous mode [ 168.531587][ T3573] Bluetooth: hci0: unexpected event for opcode 0x0c05 [ 168.532498][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 168.569075][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 168.621942][ T5207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.664961][ T5207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.689455][ T5207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.719959][ T5207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.736629][ T5207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.749264][ T5207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.779533][ T5207] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 168.800839][ T5175] device veth1_macvtap entered promiscuous mode [ 168.807501][ T5483] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 168.828552][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 168.839332][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 168.851785][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 168.861181][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 168.893425][ T5207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.912484][ T5207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.923835][ T5207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.940476][ T5207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.952271][ T5207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.974910][ T5207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.993953][ T5207] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 169.017903][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 169.040462][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 169.070374][ T5207] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.082614][ T5207] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.092099][ T5207] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.111795][ T5207] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.132349][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 169.146807][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.158869][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 169.169821][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.179883][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 169.203197][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.380385][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 169.401419][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.218550][ T5496] sched: RT throttling activated [ 171.320288][ T5175] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 171.448244][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 171.466424][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 171.479191][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.497492][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.508310][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.535523][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.565150][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.575924][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.587378][ T5175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.600559][ T5510] loop4: detected capacity change from 0 to 2048 [ 171.619214][ T5175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.642064][ T5175] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 171.651493][ T5510] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 171.674850][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 171.687745][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 171.713240][ T5175] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.723444][ T5175] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.731714][ T5510] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002] [ 171.732845][ T5175] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.749702][ T5175] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.840860][ T5510] System zones: 0-19 [ 171.897478][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.910924][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.960787][ T5510] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 171.999734][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.008906][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.256261][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 172.424082][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 172.793024][ T3860] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.814824][ T3860] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.857606][ T3947] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 172.920068][ T3572] EXT4-fs (loop4): unmounting filesystem. [ 173.082887][ T5532] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 173.096319][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.105805][ T5529] loop0: detected capacity change from 0 to 512 [ 173.113226][ T5529] EXT4-fs: quotafile must be on filesystem root [ 173.133429][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.407249][ T3860] Bluetooth: hci5: Frame reassembly failed (-84) [ 173.431993][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 177.307172][ T3573] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 177.319447][ T3587] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.780459][ T5567] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 177.807899][ T5565] loop4: detected capacity change from 0 to 2048 [ 177.879251][ T5565] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 177.913599][ T5565] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002] [ 177.936723][ T5565] System zones: 0-19 [ 177.943294][ T5565] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 177.979398][ T5580] usb usb9: usbfs: process 5580 (syz-executor.2) did not claim interface 0 before use [ 178.088842][ T5565] EXT4-fs warning (device loop4): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 12408541 [ 178.102799][ T5565] EXT4-fs error (device loop4) in ext4_free_inode:362: Out of memory [ 178.124706][ T5565] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz-executor.4: Invalid inode bitmap blk 12408541 in block_group 0 [ 178.183292][ T3572] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz-executor.4: Invalid inode bitmap blk 12408541 in block_group 0 [ 178.265620][ T3572] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 178.323989][ T3572] EXT4-fs (loop4): unmounting filesystem. [ 178.700472][ T4552] Bluetooth: hci5: Frame reassembly failed (-84) [ 179.755108][ T5615] loop4: detected capacity change from 0 to 2048 [ 179.782122][ T5615] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 179.787979][ T5618] loop3: detected capacity change from 0 to 1764 [ 179.823147][ T5615] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002] [ 179.835214][ T5615] System zones: 0-19 [ 179.841185][ T5615] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 179.929448][ T5618] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 179.971604][ T5623] EXT4-fs warning (device loop4): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 12408541 [ 180.003353][ T5623] EXT4-fs error (device loop4) in ext4_free_inode:362: Out of memory [ 180.068864][ T5615] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz-executor.4: Invalid inode bitmap blk 12408541 in block_group 0 [ 180.533761][ T3572] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz-executor.4: Invalid inode bitmap blk 12408541 in block_group 0 [ 180.585091][ T3572] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 180.623656][ T3572] EXT4-fs (loop4): unmounting filesystem. [ 180.735313][ T3587] Bluetooth: hci5: command 0x1003 tx timeout [ 180.742391][ T3587] Bluetooth: hci0: command 0x0c1a tx timeout [ 180.748694][ T3573] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 181.287599][ T26] audit: type=1800 audit(1718783914.233:292): pid=5652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1950 res=0 errno=0 [ 181.305473][ T5651] overlayfs: failed to resolve './file0': -2 [ 181.477799][ T5656] loop3: detected capacity change from 0 to 2048 [ 181.503312][ T5656] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 181.543616][ T5656] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002] [ 181.554534][ T5656] System zones: 0-19 [ 181.566746][ T5656] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 181.832789][ T5207] EXT4-fs (loop3): unmounting filesystem. [ 182.131451][ T3600] Bluetooth: hci5: Frame reassembly failed (-84) [ 182.175500][ T3600] Bluetooth: hci5: Frame reassembly failed (-84) [ 182.907450][ T5649] loop1: detected capacity change from 0 to 40427 [ 182.977076][ T5649] F2FS-fs (loop1): Found nat_bits in checkpoint [ 183.088627][ T5649] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 183.188585][ T26] audit: type=1326 audit(1718783916.133:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc48007cf29 code=0x0 [ 183.253774][ T5701] kvm: emulating exchange as write [ 183.256563][ T5649] overlayfs: failed to resolve './file0': -2 [ 183.359297][ T5063] syz-executor.1: attempt to access beyond end of device [ 183.359297][ T5063] loop1: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 183.436998][ T5688] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 183.464347][ T26] audit: type=1800 audit(1718783916.403:294): pid=5688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="overlay" ino=1947 res=0 errno=0 [ 183.688862][ T5714] Bluetooth: MGMT ver 1.22 [ 183.915229][ T5703] can: request_module (can-proto-5) failed. [ 183.954276][ T5734] loop1: detected capacity change from 0 to 8 [ 184.084820][ T3573] Bluetooth: hci5: command 0x1003 tx timeout [ 184.091867][ T3573] Bluetooth: hci0: command 0x0c1a tx timeout [ 184.098552][ T3587] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 184.748188][ T5749] loop1: detected capacity change from 0 to 256 [ 184.815549][ T5749] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x4fb01312, utbl_chksum : 0xe619d30d) [ 184.852218][ T5752] loop3: detected capacity change from 0 to 512 [ 184.963044][ T5752] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz-executor.3: casefold flag without casefold feature [ 185.018206][ T5752] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.3: missing EA_INODE flag [ 185.060191][ T5752] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 2 err=-117 [ 185.081232][ T5750] loop2: detected capacity change from 0 to 8192 [ 185.120829][ T5752] EXT4-fs (loop3): 1 orphan inode deleted [ 185.152245][ T5752] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 185.163788][ T5750] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 185.259232][ T5740] loop4: detected capacity change from 0 to 40427 [ 185.329984][ T5740] F2FS-fs (loop4): Found nat_bits in checkpoint [ 185.332180][ T5207] EXT4-fs (loop3): unmounting filesystem. [ 185.375150][ T5770] loop1: detected capacity change from 0 to 8 [ 185.384470][ T14] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 185.480207][ T5740] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 185.504042][ T5778] loop1: detected capacity change from 0 to 512 [ 185.561634][ T5778] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 185.573935][ T3572] syz-executor.4: attempt to access beyond end of device [ 185.573935][ T3572] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 185.584761][ T5778] ext4 filesystem being mounted at /root/syzkaller-testdir906498475/syzkaller.CO42Ap/45/file0 supports timestamps until 2038 (0x7fffffff) [ 185.597825][ T3572] syz-executor.4: attempt to access beyond end of device [ 185.597825][ T3572] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 185.686344][ T9] kworker/u4:0: attempt to access beyond end of device [ 185.686344][ T9] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 185.771510][ T14] usb 1-1: New USB device found, idVendor=13d3, idProduct=3335, bcdDevice=ff.1d [ 185.785312][ T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.797863][ T14] usb 1-1: config 0 descriptor?? [ 185.839859][ T14] r8712u: register rtl8712_netdev_ops to netdev_ops [ 185.848606][ T14] usb 1-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 185.970562][ T94] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.069398][ T94] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.080424][ T14] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed [ 186.089725][ T14] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 186.103521][ T14] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 186.129726][ T14] usb 1-1: USB disconnect, device number 2 [ 186.199479][ T94] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.278394][ T94] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.400440][ T5063] EXT4-fs (loop1): unmounting filesystem. [ 186.768443][ T94] tipc: Disabling bearer [ 186.947884][ T94] tipc: Left network mode [ 187.732799][ T5801] loop3: detected capacity change from 0 to 8 [ 187.815470][ T3573] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 187.827600][ T3573] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 187.840416][ T3573] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 187.860094][ T3573] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 187.873745][ T3573] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 187.881329][ T3573] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 188.000397][ T5811] loop1: detected capacity change from 0 to 256 [ 188.033807][ T5811] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x4fb01312, utbl_chksum : 0xe619d30d) [ 188.304105][ T5790] loop2: detected capacity change from 0 to 32768 [ 188.313956][ T5790] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (5790) [ 188.356225][ T5790] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 188.377503][ T5804] chnl_net:caif_netlink_parms(): no params data found [ 188.386747][ T5790] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 188.403952][ T5790] BTRFS info (device loop2): using free space tree [ 188.531399][ T94] device hsr_slave_0 left promiscuous mode [ 188.537674][ T5790] BTRFS info (device loop2): enabling ssd optimizations [ 188.553877][ T94] device hsr_slave_1 left promiscuous mode [ 188.580222][ T94] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 188.591173][ T94] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 188.598977][ T5175] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 188.612034][ T94] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 188.623187][ T94] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 188.639084][ T94] device bridge_slave_1 left promiscuous mode [ 188.653876][ T94] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.666357][ T94] device bridge_slave_0 left promiscuous mode [ 188.672779][ T94] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.691335][ T94] device veth1_macvtap left promiscuous mode [ 188.704581][ T94] device veth0_macvtap left promiscuous mode [ 188.712051][ T94] device veth1_vlan left promiscuous mode [ 188.728009][ T94] device veth0_vlan left promiscuous mode [ 190.032714][ T3587] Bluetooth: hci0: command tx timeout [ 190.043064][ T5864] loop2: detected capacity change from 0 to 8 [ 190.218254][ T26] audit: type=1800 audit(1718783923.163:295): pid=5868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="overlay" ino=1955 res=0 errno=0 [ 190.348247][ T94] team0 (unregistering): Port device team_slave_1 removed [ 190.372112][ T5872] loop2: detected capacity change from 0 to 8192 [ 190.405634][ T94] team0 (unregistering): Port device team_slave_0 removed [ 190.414316][ T5872] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 190.443340][ T94] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 190.490702][ T94] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.749403][ T94] bond0 (unregistering): Released all slaves [ 190.871708][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.884692][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.925780][ T5804] device bridge_slave_0 entered promiscuous mode [ 190.971249][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.014746][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.025968][ T5804] device bridge_slave_1 entered promiscuous mode [ 191.072522][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.098680][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.247590][ T5804] team0: Port device team_slave_0 added [ 191.286068][ T5804] team0: Port device team_slave_1 added [ 191.361013][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.374751][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.404611][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.457877][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.479772][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.542107][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.748587][ T5804] device hsr_slave_0 entered promiscuous mode [ 191.765084][ T5897] loop3: detected capacity change from 0 to 8 [ 191.785232][ T5804] device hsr_slave_1 entered promiscuous mode [ 191.807144][ T5804] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 191.826036][ T5804] Cannot create hsr debugfs directory [ 192.115830][ T3587] Bluetooth: hci0: command tx timeout [ 193.109888][ T5904] loop3: detected capacity change from 0 to 8192 [ 193.173731][ T5904] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 193.786125][ T5804] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 194.164708][ T3573] Bluetooth: hci0: command tx timeout [ 194.335158][ T1254] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.346651][ T1254] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.786805][ T5804] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 194.808946][ T5804] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 194.851285][ T5804] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 195.095247][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.148666][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 195.166010][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 195.198417][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.226664][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 195.245265][ T5949] loop3: detected capacity change from 0 to 8192 [ 195.252614][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 195.275127][ T3641] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.282302][ T3641] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.292771][ T5949] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 195.351972][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 195.370068][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 195.387303][ T5927] loop2: detected capacity change from 0 to 32768 [ 195.401433][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 195.422169][ T5927] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (5927) [ 195.439901][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.447130][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.474461][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 195.492029][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 195.515689][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 195.536756][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.565188][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.575547][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 195.603426][ T5804] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 195.637310][ T5927] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 195.664571][ T5804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 195.665309][ T5927] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 195.714647][ T5927] BTRFS info (device loop2): using free space tree [ 195.719492][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 195.730479][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 195.760248][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 195.822327][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 195.861170][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 195.910765][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 196.065893][ T5927] BTRFS info (device loop2): enabling ssd optimizations [ 196.199646][ T5987] device veth0_vlan left promiscuous mode [ 196.238852][ T5175] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 196.244513][ T3573] Bluetooth: hci0: command tx timeout [ 196.748110][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 196.758188][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 196.800440][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.985273][ T6007] mmap: syz-executor.1 (6007) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 197.246425][ T6016] loop2: detected capacity change from 0 to 512 [ 197.315241][ T6016] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 197.331214][ T6016] ext4 filesystem being mounted at /root/syzkaller-testdir2635425743/syzkaller.BRtBsc/33/file0 supports timestamps until 2038 (0x7fffffff) [ 197.536149][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 197.551633][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 197.553257][ T6030] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 197.593490][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 197.613380][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 197.630956][ T5804] device veth0_vlan entered promiscuous mode [ 197.647448][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 197.659939][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 197.686526][ T5804] device veth1_vlan entered promiscuous mode [ 197.752572][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 197.771658][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 197.789554][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 197.800075][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 197.834540][ T5804] device veth0_macvtap entered promiscuous mode [ 197.847498][ T5804] device veth1_macvtap entered promiscuous mode [ 197.887596][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.909905][ T6038] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 197.927946][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.940280][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.956945][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.973424][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 198.002971][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.021278][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 198.033784][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.053912][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 198.065000][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 198.081192][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 198.096966][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 198.109414][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 198.126642][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.138202][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 198.148740][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.158799][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 198.172174][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.182441][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 198.192981][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.204784][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 198.212960][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 198.213934][ T5175] EXT4-fs (loop2): unmounting filesystem. [ 198.222671][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 198.240276][ T5804] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.253330][ T5804] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.264565][ T5804] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.280062][ T5804] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.422445][ T6032] loop3: detected capacity change from 0 to 32768 [ 198.450736][ T3740] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.464970][ T6032] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (6032) [ 198.482309][ T3740] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.520922][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 198.523542][ T6032] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 198.561370][ T6032] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 198.581774][ T6032] BTRFS info (device loop3): using free space tree [ 198.587047][ T3740] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.605237][ T3740] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.668774][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 198.694147][ T6066] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 198.832453][ T6032] BTRFS info (device loop3): enabling ssd optimizations [ 199.171368][ T5207] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 200.927037][ T6111] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 201.124322][ T6117] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 201.181591][ T6113] capability: warning: `syz-executor.3' uses 32-bit capabilities (legacy support in use) [ 201.842686][ T6128] netlink: 'syz-executor.3': attribute type 25 has an invalid length. [ 201.864825][ T6128] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 201.961249][ T6109] loop4: detected capacity change from 0 to 40427 [ 201.974003][ T6109] F2FS-fs (loop4): Invalid segment/section count (458776 != 24 * 1) [ 201.983900][ T6109] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 202.005995][ T6109] F2FS-fs (loop4): invalid crc value [ 202.014188][ T6109] F2FS-fs (loop4): Found nat_bits in checkpoint [ 202.058584][ T6109] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 202.073811][ T6109] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 202.130235][ T6131] f2fs_ckpt-7:4: attempt to access beyond end of device [ 202.130235][ T6131] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 202.637321][ T6155] loop1: detected capacity change from 0 to 4096 [ 202.704043][ T6155] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 202.741095][ T6155] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 202.763601][ T6161] x_tables: duplicate entry at hook 1 [ 202.772286][ T6159] loop3: detected capacity change from 0 to 2048 [ 202.884892][ T3585] Bluetooth: hci0: command 0x0c1a tx timeout [ 202.885466][ T3587] Bluetooth: hci5: command 0x1003 tx timeout [ 202.898903][ T3573] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 203.052953][ T6169] loop1: detected capacity change from 0 to 1024 [ 203.190020][ T6169] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 203.595774][ T5063] EXT4-fs (loop1): unmounting filesystem. [ 204.133038][ T6195] loop1: detected capacity change from 0 to 164 [ 204.179365][ T6195] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 204.233327][ T6195] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 204.700638][ T6199] x_tables: duplicate entry at hook 1 [ 204.744533][ T22] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 204.775444][ T6201] MPTCP: kernel_bind error, err=-22 [ 204.911605][ T6205] netlink: 'syz-executor.3': attribute type 25 has an invalid length. [ 204.983946][ T6205] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 205.144756][ T22] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.160791][ T6212] loop3: detected capacity change from 0 to 256 [ 205.174856][ T22] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 205.197003][ T22] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 205.207306][ T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.227060][ T22] usb 2-1: config 0 descriptor?? [ 205.276814][ T26] audit: type=1326 audit(1718783938.223:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f774247cf29 code=0x0 [ 206.323530][ T22] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 206.345217][ T6223] loop4: detected capacity change from 0 to 2048 [ 206.372504][ T22] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 206.396264][ T22] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 206.485304][ T22] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 206.502578][ T6238] MPTCP: kernel_bind error, err=-22 [ 206.517977][ T22] usb 2-1: USB disconnect, device number 2 [ 206.563404][ T6234] loop3: detected capacity change from 0 to 4096 [ 206.649087][ T6234] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 206.656966][ T6242] loop2: detected capacity change from 0 to 2048 [ 206.663376][ T6234] ntfs3: loop3: ino=1e, "file1" attr_set_size [ 206.773764][ T6245] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 206.839391][ T6250] loop4: detected capacity change from 0 to 256 [ 207.042006][ T6259] loop2: detected capacity change from 0 to 2048 [ 207.118948][ T26] audit: type=1326 audit(1718783940.063:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafd9e7cf29 code=0x0 [ 207.152741][ T6259] loop2: p3 < > p4 < > [ 207.157408][ T6259] loop2: partition table partially beyond EOD, truncated [ 207.174640][ T6259] loop2: p3 start 4284289 is beyond EOD, truncated [ 207.264873][ T6272] loop1: detected capacity change from 0 to 2048 [ 207.296266][ T6272] loop1: p3 < > p4 < > [ 207.300629][ T6272] loop1: partition table partially beyond EOD, truncated [ 207.322527][ T6272] loop1: p3 start 4284289 is beyond EOD, truncated [ 207.470005][ T6283] netlink: 'syz-executor.2': attribute type 25 has an invalid length. [ 207.478377][ T6283] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 207.504682][ T3641] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 207.865706][ T3641] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 207.923573][ T3641] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.327137][ T3641] usb 5-1: config 0 descriptor?? [ 208.436045][ T6294] loop2: detected capacity change from 0 to 64 [ 208.482178][ T26] audit: type=1800 audit(1718783941.423:298): pid=6294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=1 res=0 errno=0 [ 208.595429][ T6299] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 208.650495][ T6304] loop2: detected capacity change from 0 to 24 [ 208.677004][ T3641] usb 5-1: Cannot read MAC address [ 208.683505][ T3641] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -71 [ 208.724720][ T3641] usb 5-1: USB disconnect, device number 3 [ 209.037095][ T26] audit: type=1800 audit(1718783941.983:299): pid=6330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1963 res=0 errno=0 [ 209.078866][ T26] audit: type=1326 audit(1718783942.013:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8ac27cf29 code=0x0 [ 209.161014][ T6334] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 209.181323][ T6332] Zero length message leads to an empty skb [ 209.197245][ T6332] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 209.256440][ T6335] loop2: detected capacity change from 0 to 2048 [ 209.305505][ T6335] loop2: p3 < > p4 < > [ 209.309753][ T6335] loop2: partition table partially beyond EOD, truncated [ 209.325581][ T6335] loop2: p3 start 4284289 is beyond EOD, truncated [ 209.336562][ T6340] loop1: detected capacity change from 0 to 512 [ 209.368598][ T6340] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 209.384931][ T6340] UDF-fs: Scanning with blocksize 512 failed [ 209.400839][ T6340] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 209.408687][ T6340] UDF-fs: Scanning with blocksize 1024 failed [ 209.420458][ T6340] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 209.431353][ T6340] UDF-fs: Scanning with blocksize 2048 failed [ 209.441361][ T6340] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 209.464162][ T6340] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 210.033336][ T6360] loop1: detected capacity change from 0 to 4096 [ 210.130878][ T6360] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 210.133586][ T6362] loop2: detected capacity change from 0 to 256 [ 210.149571][ T6360] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 210.181025][ T6362] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xbd37e1ce, utbl_chksum : 0xe619d30d) [ 210.364067][ T3587] Bluetooth: Unexpected continuation frame (len 18) [ 210.389267][ T6366] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 210.395785][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 210.687529][ T6380] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 210.723666][ T6381] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 210.789560][ T6381] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 210.823786][ T26] audit: type=1326 audit(1718783943.763:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafd9e7cf29 code=0x7ffc0000 [ 210.890547][ T26] audit: type=1326 audit(1718783943.763:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafd9e7cf29 code=0x7ffc0000 [ 210.953533][ T6384] loop1: detected capacity change from 0 to 512 [ 210.978292][ T26] audit: type=1326 audit(1718783943.793:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fafd9e7cf29 code=0x7ffc0000 [ 210.986077][ T6384] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 211.033403][ T6390] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 211.035129][ T26] audit: type=1326 audit(1718783943.813:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fafd9e7cf63 code=0x7ffc0000 [ 211.123658][ T6384] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 211.152585][ T26] audit: type=1326 audit(1718783943.813:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fafd9e7bc6f code=0x7ffc0000 [ 211.180935][ T6396] loop3: detected capacity change from 0 to 256 [ 211.202974][ T6384] ext4 filesystem being mounted at /root/syzkaller-testdir906498475/syzkaller.CO42Ap/91/file0 supports timestamps until 2038 (0x7fffffff) [ 211.261160][ T6396] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xbd37e1ce, utbl_chksum : 0xe619d30d) [ 211.302542][ T6400] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 211.314813][ T26] audit: type=1326 audit(1718783943.873:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fafd9e7cfb7 code=0x7ffc0000 [ 211.349266][ T26] audit: type=1326 audit(1718783943.873:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fafd9e7bb20 code=0x7ffc0000 [ 211.405882][ T26] audit: type=1326 audit(1718783943.873:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fafd9e7cc8b code=0x7ffc0000 [ 211.429731][ T26] audit: type=1326 audit(1718783943.923:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fafd9e7be1a code=0x7ffc0000 [ 211.461292][ T26] audit: type=1326 audit(1718783943.923:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fafd9e7be1a code=0x7ffc0000 [ 211.518903][ T5063] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.1: corrupted xattr block 32 [ 211.562117][ T5063] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117) [ 211.573367][ T5063] EXT4-fs warning (device loop1): __ext4_unlink:3289: inode #16: comm syz-executor.1: Deleting file 'file3' with no links [ 211.587590][ T5063] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #17: comm syz-executor.1: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 1540(4), depth 0(0) [ 211.635899][ T5063] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #17: comm syz-executor.1: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 1540(4), depth 0(0) [ 212.733808][ T6426] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 212.797232][ T6430] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 212.889097][ T5063] EXT4-fs (loop1): unmounting filesystem. [ 213.763521][ T6449] loop2: detected capacity change from 0 to 64 [ 213.931117][ T6454] loop3: detected capacity change from 0 to 256 [ 213.980416][ T6454] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xbd37e1ce, utbl_chksum : 0xe619d30d) [ 214.382338][ T3573] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 214.407698][ T3573] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 214.419759][ T3585] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 214.428030][ T3585] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 214.435895][ T3573] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 214.443546][ T3573] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 215.498138][ T6476] loop3: detected capacity change from 0 to 512 [ 215.518169][ T6476] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 215.528866][ T6476] UDF-fs: Scanning with blocksize 512 failed [ 215.539014][ T6476] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 215.550212][ T6476] UDF-fs: Scanning with blocksize 1024 failed [ 215.559372][ T6476] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 215.573269][ T6476] UDF-fs: Scanning with blocksize 2048 failed [ 215.582636][ T6476] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 215.600089][ T6476] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 215.754656][ T22] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 216.054799][ T22] usb 3-1: Using ep0 maxpacket: 8 [ 216.104610][ T14] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 216.214943][ T22] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 216.269031][ T22] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 216.279688][ T22] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 216.280195][ T6465] chnl_net:caif_netlink_parms(): no params data found [ 216.289901][ T22] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 216.564771][ T14] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 216.566652][ T6465] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.581767][ T22] usb 3-1: New USB device found, idVendor=0586, idProduct=1000, bcdDevice= 5.2a [ 216.584524][ T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.591049][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.607351][ T22] usb 3-1: Product: syz [ 216.611549][ T22] usb 3-1: Manufacturer: syz [ 216.616274][ T22] usb 3-1: SerialNumber: syz [ 216.623121][ T22] usb 3-1: config 0 descriptor?? [ 216.635627][ T6465] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.643719][ T6465] device bridge_slave_0 entered promiscuous mode [ 216.659394][ T14] usb 5-1: config 0 descriptor?? [ 216.676108][ T22] omninet 3-1:0.0: ZyXEL - omni.net usb converter detected [ 216.687195][ T6465] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.697816][ T6465] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.704251][ T22] usb 3-1: ZyXEL - omni.net usb converter now attached to ttyUSB0 [ 216.716702][ T6465] device bridge_slave_1 entered promiscuous mode [ 216.769916][ T6465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.792133][ T6465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.813997][ T6495] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 216.839725][ T6495] device bond1 entered promiscuous mode [ 216.846291][ T6495] 8021q: adding VLAN 0 to HW filter on device bond1 [ 216.879066][ T22] usb 3-1: USB disconnect, device number 3 [ 216.883736][ T6465] team0: Port device team_slave_0 added [ 216.899047][ T22] omninet ttyUSB0: ZyXEL - omni.net usb converter now disconnected from ttyUSB0 [ 216.910092][ T6495] device bond1 left promiscuous mode [ 216.928431][ T6465] team0: Port device team_slave_1 added [ 216.934981][ T22] omninet 3-1:0.0: device disconnected [ 216.954924][ T6502] syz-executor.3 sent an empty control message without MSG_MORE. [ 217.020482][ T6504] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 217.032848][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.050382][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.078547][ T6465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.222549][ T14] usb 5-1: Cannot read MAC address [ 217.233772][ T14] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -71 [ 217.236997][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.249548][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.026964][ T3587] Bluetooth: hci2: command tx timeout [ 218.029958][ T14] usb 5-1: USB disconnect, device number 4 [ 218.061106][ T6465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.174873][ T6465] device hsr_slave_0 entered promiscuous mode [ 218.183351][ T6465] device hsr_slave_1 entered promiscuous mode [ 218.190538][ T6465] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 218.198637][ T6465] Cannot create hsr debugfs directory [ 218.724699][ T6465] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.882216][ T6465] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.056743][ T6465] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.199122][ T6529] loop4: detected capacity change from 0 to 256 [ 219.244893][ T6465] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.309103][ T6528] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 219.462811][ T6528] device bond2 entered promiscuous mode [ 219.514855][ T6528] 8021q: adding VLAN 0 to HW filter on device bond2 [ 219.549685][ T6532] device bond2 left promiscuous mode [ 219.565229][ T3573] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 219.576203][ T3573] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 219.587436][ T3573] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 219.602494][ T3573] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 219.617071][ T3573] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 219.628164][ T3573] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 219.959386][ T3740] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.095032][ T3573] Bluetooth: hci2: command tx timeout [ 220.125765][ T3740] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.161424][ T6465] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 220.211869][ T6465] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 220.241929][ T6465] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 220.292103][ T3740] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.323756][ T6465] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 220.401411][ T3740] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.791126][ T6535] chnl_net:caif_netlink_parms(): no params data found [ 220.857331][ T6465] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.978769][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 220.993904][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 221.019015][ T6465] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.115446][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 221.149408][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 221.198012][ T4046] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.205321][ T4046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.264696][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 221.686168][ T3573] Bluetooth: hci1: command tx timeout [ 222.164824][ T3587] Bluetooth: hci2: command tx timeout [ 222.215720][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 222.224401][ T4046] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.231539][ T4046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.338646][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 222.354165][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 222.363718][ T3573] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 222.375233][ T3573] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 222.396169][ T3585] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 222.411232][ T3585] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 222.425472][ T3585] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 222.433065][ T3585] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 222.483683][ T6535] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.493600][ T6535] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.502914][ T6535] device bridge_slave_0 entered promiscuous mode [ 222.517017][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 222.538236][ T6535] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.546488][ T6535] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.557045][ T6535] device bridge_slave_1 entered promiscuous mode [ 222.569348][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 222.586458][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 222.600925][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 222.611421][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 222.681329][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 222.712137][ T6535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 222.772971][ T3762] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 222.787940][ T3762] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 222.818558][ T6535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 222.865263][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 222.879072][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 222.920616][ T6465] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 223.061235][ T6535] team0: Port device team_slave_0 added [ 223.141347][ T6535] team0: Port device team_slave_1 added [ 223.242108][ T6535] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 223.274029][ T6535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.311222][ T6535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 223.432857][ T6535] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 223.440387][ T6535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.563692][ T6580] xt_TCPMSS: Only works on TCP SYN packets [ 223.583555][ T6535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 223.778252][ T3587] Bluetooth: hci1: command tx timeout [ 223.807310][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 223.829227][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 223.841247][ T6465] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.860066][ T6535] device hsr_slave_0 entered promiscuous mode [ 223.900292][ T6535] device hsr_slave_1 entered promiscuous mode [ 223.938754][ T6535] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 223.962584][ T6535] Cannot create hsr debugfs directory [ 224.018899][ T6571] chnl_net:caif_netlink_parms(): no params data found [ 224.118982][ T3740] device hsr_slave_0 left promiscuous mode [ 224.141693][ T3740] device hsr_slave_1 left promiscuous mode [ 224.160161][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.172832][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.193033][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.202331][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 224.213591][ T3740] device bridge_slave_1 left promiscuous mode [ 224.239840][ T3740] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.249721][ T3587] Bluetooth: hci2: command tx timeout [ 224.258026][ T3740] device bridge_slave_0 left promiscuous mode [ 224.264328][ T3740] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.277022][ T3740] device veth1_macvtap left promiscuous mode [ 224.283214][ T3740] device veth0_macvtap left promiscuous mode [ 224.289765][ T3740] device veth1_vlan left promiscuous mode [ 224.295746][ T3740] device veth0_vlan left promiscuous mode [ 224.484645][ T3587] Bluetooth: hci3: command tx timeout [ 224.543910][ T3740] team0 (unregistering): Port device team_slave_1 removed [ 224.583420][ T3740] team0 (unregistering): Port device team_slave_0 removed [ 224.600826][ T3740] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 224.617641][ T3740] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 224.720193][ T3740] bond0 (unregistering): Released all slaves [ 224.894533][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 224.903889][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 224.999449][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 225.012963][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 225.044745][ T6571] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.051909][ T6571] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.085092][ T6571] device bridge_slave_0 entered promiscuous mode [ 225.123995][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 225.133080][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 225.141892][ T6571] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.163840][ T6571] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.186604][ T6571] device bridge_slave_1 entered promiscuous mode [ 225.202467][ T6465] device veth0_vlan entered promiscuous mode [ 225.260446][ T6465] device veth1_vlan entered promiscuous mode [ 225.336815][ T6571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.398398][ T6608] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 225.465378][ T6608] device bond1 entered promiscuous mode [ 225.472232][ T6608] 8021q: adding VLAN 0 to HW filter on device bond1 [ 225.484668][ T6571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.497048][ T6611] device bond1 left promiscuous mode [ 225.576267][ T6609] 8021q: adding VLAN 0 to HW filter on device bond1 [ 225.583317][ T6609] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 225.665241][ T6609] bond1: (slave ip6gre1): Error -95 calling set_mac_address [ 225.767563][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 225.779977][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 225.803115][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 225.833362][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 225.844559][ T3587] Bluetooth: hci1: command tx timeout [ 225.867970][ T6465] device veth0_macvtap entered promiscuous mode [ 225.911120][ T6571] team0: Port device team_slave_0 added [ 225.953594][ T6571] team0: Port device team_slave_1 added [ 225.973778][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 226.010365][ T6465] device veth1_macvtap entered promiscuous mode [ 226.076847][ T6571] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.093711][ T6571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.132862][ T6571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.160009][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.181168][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.200721][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.221706][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.234255][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.258178][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.269538][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.281603][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.302956][ T6465] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.314917][ T6571] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.332596][ T6571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.376070][ T6571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.397876][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 226.417635][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 226.431040][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.442225][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.452580][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.463572][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.473776][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.495396][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.506422][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.517169][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.529113][ T6465] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.542483][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 226.552811][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 226.574693][ T3587] Bluetooth: hci3: command tx timeout [ 226.606932][ T6465] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.630778][ T6465] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.665992][ T6465] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.681897][ T6465] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.749933][ T6571] device hsr_slave_0 entered promiscuous mode [ 226.764623][ T6571] device hsr_slave_1 entered promiscuous mode [ 226.783318][ T6571] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 226.801155][ T6571] Cannot create hsr debugfs directory [ 226.873204][ T6535] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 226.911674][ T6535] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 226.955125][ T6535] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 226.995774][ T6535] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 227.162788][ T94] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.181241][ T94] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.207067][ T6643] loop4: detected capacity change from 0 to 128 [ 227.223187][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 227.240508][ T94] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.268101][ T94] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.291309][ T6643] hpfs: Bad magic ... probably not HPFS [ 227.323819][ T6645] loop3: detected capacity change from 0 to 128 [ 227.363177][ T6571] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.388644][ T6645] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 227.414294][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 227.453261][ T26] kauditd_printk_skb: 21 callbacks suppressed [ 227.453284][ T26] audit: type=1804 audit(1718783960.393:332): pid=6645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir384021633/syzkaller.LlAdxE/108/file0/bus" dev="loop3" ino=1048655 res=1 errno=0 [ 227.536908][ T6571] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.659937][ T6571] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.724621][ T6535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.761732][ T6571] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.790671][ T6655] loop3: detected capacity change from 0 to 2048 [ 227.829257][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 227.841446][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.878401][ T6535] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.885078][ T6655] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 227.915776][ T6661] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 227.932071][ T6662] fuse: Bad value for 'fd' [ 227.932895][ T6660] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. [ 227.937811][ T3587] Bluetooth: hci1: command tx timeout [ 228.007585][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 228.017782][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.032731][ T3619] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.040038][ T3619] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.048175][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.061112][ T6660] autofs4:pid:6660:autofs_fill_super: called with bogus options [ 228.071893][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.080739][ T3619] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.087906][ T3619] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.109094][ T6660] loop4: detected capacity change from 0 to 1024 [ 228.116125][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 228.125543][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 228.135815][ T6660] hfsplus: unable to parse mount options [ 228.166156][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 228.175079][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.193137][ T6660] ext4: Unknown parameter 'gid' [ 228.198621][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.215663][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 228.238381][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.270025][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 228.278718][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 228.312196][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 228.332959][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 228.353149][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 228.375196][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 228.616822][ T6571] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 228.644803][ T3585] Bluetooth: hci3: command tx timeout [ 228.670730][ T6571] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 228.703265][ T6571] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 228.776899][ T6571] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 228.916498][ T6660] loop4: detected capacity change from 0 to 32768 [ 228.931480][ T6660] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (6660) [ 228.958347][ T6660] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 228.991646][ T6660] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 229.003198][ T6660] BTRFS info (device loop4): using free space tree [ 229.102795][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 229.110845][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 229.126298][ T6535] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.221938][ T6571] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.259948][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 229.279592][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 229.288400][ T6660] BTRFS info (device loop4): enabling ssd optimizations [ 229.378138][ T6535] device veth0_vlan entered promiscuous mode [ 229.585972][ T9] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 229.660295][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.675845][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 229.687094][ T5804] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 229.696922][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 229.717497][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 229.740056][ T6571] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.025096][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 230.039218][ T6721] netlink: 576 bytes leftover after parsing attributes in process `syz-executor.3'. [ 230.060395][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 230.083129][ T6535] device veth1_vlan entered promiscuous mode [ 230.137453][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 230.156322][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 230.188098][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.218348][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.235757][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.243177][ T5848] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.305054][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.313449][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.354962][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.383037][ T3619] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.390343][ T3619] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.432410][ T3619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.523392][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.536194][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 230.552682][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 230.562995][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.583164][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 230.602597][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 230.613488][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 230.622830][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 230.632040][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 230.641663][ T6535] device veth0_macvtap entered promiscuous mode [ 230.683668][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 230.700501][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.719457][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.725198][ T3585] Bluetooth: hci3: command tx timeout [ 230.753135][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.783654][ T6535] device veth1_macvtap entered promiscuous mode [ 230.814115][ T3740] device hsr_slave_0 left promiscuous mode [ 230.821987][ T3740] device hsr_slave_1 left promiscuous mode [ 230.829492][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 230.847811][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 230.858639][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 230.867834][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 230.877431][ T3740] device bridge_slave_1 left promiscuous mode [ 230.883718][ T3740] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.893477][ T3740] device bridge_slave_0 left promiscuous mode [ 230.901227][ T3740] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.930167][ T3740] device veth1_macvtap left promiscuous mode [ 230.939683][ T3740] device veth0_macvtap left promiscuous mode [ 230.946874][ T3740] device veth1_vlan left promiscuous mode [ 230.952790][ T3740] device veth0_vlan left promiscuous mode [ 230.995618][ T6742] fuse: Bad value for 'fd' [ 231.016490][ T6742] autofs4:pid:6742:autofs_fill_super: called with bogus options [ 231.057060][ T6742] loop3: detected capacity change from 0 to 1024 [ 231.072899][ T6742] hfsplus: unable to parse mount options [ 231.107069][ T3740] bond2 (unregistering): Released all slaves [ 231.119899][ T6742] ext4: Unknown parameter 'gid' [ 231.127378][ T3740] bond1 (unregistering): Released all slaves [ 231.369913][ T3740] team0 (unregistering): Port device team_slave_1 removed [ 231.407400][ T3740] team0 (unregistering): Port device team_slave_0 removed [ 231.446267][ T3740] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 231.473887][ T3740] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 231.621323][ T3740] bond0 (unregistering): Released all slaves [ 231.636120][ T6749] netlink: 576 bytes leftover after parsing attributes in process `syz-executor.4'. [ 231.657996][ T6742] loop3: detected capacity change from 0 to 32768 [ 231.667521][ T6742] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (6742) [ 231.703639][ T6571] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 231.714480][ T6742] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 231.774078][ T6741] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'. [ 231.788094][ T6742] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 231.799869][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 231.807611][ T6742] BTRFS info (device loop3): using free space tree [ 231.825734][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.854842][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.871347][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.882488][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.892936][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.905851][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.916522][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.931363][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.975597][ T6535] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 231.984817][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 231.997931][ T3641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 232.031754][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.073172][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.094171][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.165266][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.173005][ T6742] BTRFS info (device loop3): enabling ssd optimizations [ 232.183362][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.206600][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.222768][ T6535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.240139][ T6535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.265540][ T6535] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.286748][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 232.307038][ T5848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 232.336888][ T6535] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.350819][ T6535] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.382520][ T6535] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.419301][ T6535] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.490410][ T5207] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 232.495580][ T4863] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 232.685507][ T4863] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.693952][ T4863] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.728723][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 232.731576][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.738089][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 232.784511][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.791022][ T6571] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.965400][ T4048] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 232.985309][ T4048] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 232.993407][ T4048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 233.025368][ T4048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 233.074922][ T6804] ipt_CLUSTERIP: unknown mode 209974702 [ 233.113805][ T4050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 233.126222][ T4050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 233.172643][ T6571] device veth0_vlan entered promiscuous mode [ 233.175197][ T26] audit: type=1326 audit(1718783966.113:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc10e07cf29 code=0x7ffc0000 [ 233.190670][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 233.264674][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 233.281281][ T26] audit: type=1326 audit(1718783966.153:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc10e07cf29 code=0x7ffc0000 [ 233.308854][ T6808] loop4: detected capacity change from 0 to 256 [ 233.321639][ T6571] device veth1_vlan entered promiscuous mode [ 233.345135][ T6808] exfat: Deprecated parameter 'utf8' [ 233.360809][ T6808] exfat: Deprecated parameter 'utf8' [ 233.396321][ T26] audit: type=1326 audit(1718783966.163:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc10e07cf29 code=0x7ffc0000 [ 233.443015][ T6808] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 233.446008][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 233.476563][ T26] audit: type=1326 audit(1718783966.183:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc10e07cf29 code=0x7ffc0000 [ 233.495555][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 233.533599][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 233.562046][ T4053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 233.570295][ T26] audit: type=1326 audit(1718783966.183:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc10e07cf29 code=0x7ffc0000 [ 233.588784][ T6571] device veth0_macvtap entered promiscuous mode [ 233.649418][ T26] audit: type=1326 audit(1718783966.183:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc10e07a6a7 code=0x7ffc0000 [ 233.679281][ T6571] device veth1_macvtap entered promiscuous mode [ 233.751700][ T26] audit: type=1326 audit(1718783966.183:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc10e040379 code=0x7ffc0000 [ 233.780954][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.824751][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.826962][ T26] audit: type=1326 audit(1718783966.183:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc10e07cf29 code=0x7ffc0000 [ 233.845405][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.896395][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.917929][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.931592][ T26] audit: type=1326 audit(1718783966.183:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc10e07a6a7 code=0x7ffc0000 [ 233.941164][ T6833] ipt_CLUSTERIP: unknown mode 209974702 [ 233.961819][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.973067][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.999197][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.004437][ T26] audit: type=1326 audit(1718783966.183:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6805 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc10e040379 code=0x7ffc0000 [ 234.029922][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.058088][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.086096][ T6571] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.129638][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 234.155651][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 234.185304][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 234.225431][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 234.272614][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.311270][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.341997][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.367649][ T6844] loop2: detected capacity change from 0 to 2048 [ 234.386075][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.397869][ T6844] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 234.409015][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.427215][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.458207][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.492394][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.517615][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.528419][ T6850] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 234.546869][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.580261][ T6571] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.613560][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 234.634580][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 234.663999][ T6571] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.693708][ T6571] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.719368][ T6571] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.744167][ T6571] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.973080][ T4552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.994447][ T4552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.029281][ T4050] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 235.060825][ T6874] devtmpfs: Too few inodes for current use [ 235.073776][ T4552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.085310][ T4552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.133896][ T6872] netlink: 576 bytes leftover after parsing attributes in process `syz-executor.2'. [ 235.135191][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 236.158470][ T6927] loop4: detected capacity change from 0 to 128 [ 236.260516][ T6931] loop2: detected capacity change from 0 to 256 [ 236.304924][ T6931] exfat: Deprecated parameter 'utf8' [ 236.310377][ T6931] exfat: Deprecated parameter 'utf8' [ 236.385696][ T6931] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 237.560049][ T6949] devtmpfs: Too few inodes for current use [ 237.763273][ T6961] loop1: detected capacity change from 0 to 128 [ 237.849913][ T6966] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 238.074336][ T6982] devtmpfs: Too few inodes for current use [ 238.116090][ T6984] fuse: Bad value for 'fd' [ 239.193874][ T7000] loop4: detected capacity change from 0 to 128 [ 239.228945][ T7001] loop2: detected capacity change from 0 to 128 [ 239.266166][ T7001] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 239.279052][ T7005] loop3: detected capacity change from 0 to 128 [ 239.441157][ T7013] loop3: detected capacity change from 0 to 512 [ 239.517623][ T7013] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #3: comm syz-executor.3: corrupted inode contents [ 239.580017][ T7013] EXT4-fs error (device loop3): ext4_dirty_inode:6072: inode #3: comm syz-executor.3: mark_inode_dirty error [ 239.606158][ T4050] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 239.676288][ T7013] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #3: comm syz-executor.3: corrupted inode contents [ 239.701985][ T7013] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz-executor.3: mark_inode_dirty error [ 239.731481][ T7013] __quota_error: 13 callbacks suppressed [ 239.731502][ T7013] Quota error (device loop3): write_blk: dquota write failed [ 239.749950][ T7013] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 239.764648][ T7013] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz-executor.3: Failed to acquire dquot type 0 [ 239.816553][ T7013] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #16: comm syz-executor.3: corrupted inode contents [ 239.834612][ T7013] EXT4-fs error (device loop3): ext4_dirty_inode:6072: inode #16: comm syz-executor.3: mark_inode_dirty error [ 239.845221][ T4050] usb 3-1: Using ep0 maxpacket: 32 [ 239.856714][ T7013] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #16: comm syz-executor.3: corrupted inode contents [ 239.895984][ T7013] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz-executor.3: mark_inode_dirty error [ 239.929872][ T7040] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.0'. [ 239.950689][ T7013] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #16: comm syz-executor.3: corrupted inode contents [ 239.964990][ T4050] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 239.981752][ T4050] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 239.984695][ T7013] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 240.004507][ T7013] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #16: comm syz-executor.3: corrupted inode contents [ 240.038801][ T4050] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 240.039267][ T7013] EXT4-fs error (device loop3): ext4_truncate:4300: inode #16: comm syz-executor.3: mark_inode_dirty error [ 240.079397][ T4050] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.081964][ T7013] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 240.121821][ T7013] EXT4-fs (loop3): 1 truncate cleaned up [ 240.134571][ T7013] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 240.155513][ T4050] hub 3-1:4.0: USB hub found [ 240.161545][ T7013] ext4 filesystem being mounted at /root/syzkaller-testdir384021633/syzkaller.LlAdxE/146/file1 supports timestamps until 2038 (0x7fffffff) [ 240.190213][ T7048] loop4: detected capacity change from 0 to 128 [ 240.272685][ T7013] EXT4-fs error (device loop3): ext4_generic_delete_entry:2680: inode #2: block 3: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=44, inode=12, rec_len=8, size=4096 fake=0 [ 240.308985][ T7052] loop1: detected capacity change from 0 to 64 [ 240.346557][ T7052] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 240.361176][ T7013] EXT4-fs error (device loop3) in ext4_delete_entry:2751: Corrupt filesystem [ 240.374903][ T4050] hub 3-1:4.0: 10 ports detected [ 240.382804][ T7052] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 240.394121][ T7013] EXT4-fs warning (device loop3): ext4_rename_delete:3735: inode #2: comm syz-executor.3: Deleting old file: nlink 5, error=-117 [ 240.394735][ T4050] hub 3-1:4.0: insufficient power available to use all downstream ports [ 240.410086][ T7052] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 240.450745][ T7013] syz-executor.3 (7013) used greatest stack depth: 19424 bytes left [ 240.565752][ T5207] EXT4-fs (loop3): unmounting filesystem. [ 240.657360][ T7062] sp0: Synchronizing with TNC [ 240.825388][ T7001] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 240.867727][ T4050] hub 3-1:4.0: set hub depth failed [ 241.005546][ T7076] loop4: detected capacity change from 0 to 128 [ 241.049852][ T4688] Bluetooth: (null): Invalid header checksum [ 241.056617][ T4688] Bluetooth: (null): Invalid header checksum [ 241.076993][ T4050] usb 3-1: USB disconnect, device number 4 [ 241.113601][ T7080] loop3: detected capacity change from 0 to 128 [ 241.154898][ T4863] Bluetooth: (null): Invalid header checksum [ 241.267781][ T7090] "syz-executor.3" (7090) uses obsolete ecb(arc4) skcipher [ 241.276506][ T3740] Bluetooth: (null): Invalid header checksum [ 241.341535][ T26] audit: type=1326 audit(1718783974.283:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774247cf29 code=0x7ffc0000 [ 241.374978][ T9] Bluetooth: (null): Invalid header checksum [ 241.391422][ T26] audit: type=1326 audit(1718783974.313:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774247cf29 code=0x7ffc0000 [ 241.471101][ T26] audit: type=1326 audit(1718783974.313:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f774247cf29 code=0x7ffc0000 [ 241.514424][ T9] Bluetooth: (null): Invalid header checksum [ 241.584983][ T26] audit: type=1326 audit(1718783974.313:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774247cf29 code=0x7ffc0000 [ 241.608391][ T9] Bluetooth: (null): Invalid header checksum [ 241.644480][ T26] audit: type=1326 audit(1718783974.313:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774247cf29 code=0x7ffc0000 [ 241.659945][ T7106] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 241.758144][ T26] audit: type=1326 audit(1718783974.313:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f774247cf29 code=0x7ffc0000 [ 241.783548][ T7106] device veth3 entered promiscuous mode [ 241.865649][ T26] audit: type=1326 audit(1718783974.313:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774247cf29 code=0x7ffc0000 [ 241.936840][ T7111] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.2'. [ 241.958211][ T26] audit: type=1326 audit(1718783974.313:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7092 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f774247a6a7 code=0x7ffc0000 [ 241.986103][ T7116] loop4: detected capacity change from 0 to 128 [ 242.278142][ T7128] process 'syz-executor.3' launched '/dev/fd/-1/./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 242.297237][ T7129] loop1: detected capacity change from 0 to 128 [ 242.589542][ T7129] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 242.683125][ T7141] loop3: detected capacity change from 0 to 128 [ 242.720406][ T7143] loop4: detected capacity change from 0 to 256 [ 242.841594][ T7147] "syz-executor.0" (7147) uses obsolete ecb(arc4) skcipher [ 242.904715][ T5848] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 243.184625][ T5848] usb 2-1: Using ep0 maxpacket: 32 [ 243.249384][ T7165] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.0'. [ 243.324738][ T5848] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.357619][ T5848] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.398683][ T5848] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 243.439851][ T5848] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.542269][ T7129] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 243.584588][ T5848] usb 2-1: can't set config #4, error -71 [ 243.599520][ T5848] usb 2-1: USB disconnect, device number 3 [ 243.662953][ T7138] loop2: detected capacity change from 0 to 40427 [ 243.707081][ T7138] F2FS-fs (loop2): invalid crc value [ 243.783120][ T7138] F2FS-fs (loop2): Found nat_bits in checkpoint [ 243.952150][ T7138] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 243.991099][ T7180] loop3: detected capacity change from 0 to 128 [ 244.000906][ T7138] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 244.221423][ T7186] "syz-executor.0" (7186) uses obsolete ecb(arc4) skcipher [ 245.995595][ T26] kauditd_printk_skb: 74 callbacks suppressed [ 245.995613][ T26] audit: type=1326 audit(1718783977.293:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a5e240379 code=0x7ffc0000 [ 246.128727][ T26] audit: type=1326 audit(1718783978.973:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a5e27a6a7 code=0x7ffc0000 [ 246.152743][ T26] audit: type=1326 audit(1718783978.973:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a5e240379 code=0x7ffc0000 [ 246.178363][ T26] audit: type=1326 audit(1718783978.973:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a5e27a6a7 code=0x7ffc0000 [ 246.202512][ T26] audit: type=1326 audit(1718783978.973:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a5e240379 code=0x7ffc0000 [ 246.225415][ T26] audit: type=1326 audit(1718783978.973:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a5e27a6a7 code=0x7ffc0000 [ 246.249486][ T26] audit: type=1326 audit(1718783978.973:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a5e240379 code=0x7ffc0000 [ 246.275573][ T26] audit: type=1326 audit(1718783978.973:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a5e27a6a7 code=0x7ffc0000 [ 246.310166][ T26] audit: type=1326 audit(1718783978.973:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a5e240379 code=0x7ffc0000 [ 246.354483][ T26] audit: type=1326 audit(1718783978.973:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a5e27a6a7 code=0x7ffc0000 [ 246.426352][ T7199] loop1: detected capacity change from 0 to 128 [ 246.917211][ T7226] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 247.421644][ T7235] "syz-executor.0" (7235) uses obsolete ecb(arc4) skcipher [ 248.012536][ T7220] loop1: detected capacity change from 0 to 40427 [ 248.041819][ T7251] loop3: detected capacity change from 0 to 2048 [ 248.079869][ T7220] F2FS-fs (loop1): Found nat_bits in checkpoint [ 248.107595][ T7258] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 248.246066][ T7251] loop3: detected capacity change from 2048 to 0 [ 248.249715][ T7220] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 248.281253][ C0] I/O error, dev loop3, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 248.291146][ T7266] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 248.392640][ T7220] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 248.418468][ C0] I/O error, dev loop3, sector 100 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 248.428089][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=226) [ 248.454570][ T5207] NILFS (loop3): error -5 truncating bmap (ino=15) [ 248.489245][ C1] I/O error, dev loop3, sector 66 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 248.504955][ T5207] NILFS (loop3): I/O error reading b-tree node block (ino=16, blocknr=15) [ 248.508787][ T7272] loop2: detected capacity change from 0 to 2048 [ 248.761747][ T5207] NILFS (loop3): error -5 truncating bmap (ino=16) [ 248.868228][ C1] I/O error, dev loop3, sector 90 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 248.931903][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=34) [ 248.993157][ T7272] NILFS (loop2): unrecognized mount option "ÿÿÿÿ" [ 249.262047][ T6465] syz-executor.1: attempt to access beyond end of device [ 249.262047][ T6465] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 249.268752][ T5207] NILFS (loop3): error -5 truncating bmap (ino=17) [ 249.401227][ C0] I/O error, dev loop3, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 249.416148][ T7277] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'. [ 249.424440][ T7258] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.483894][ C0] I/O error, dev loop3, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 249.493536][ T7258] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.512603][ T7272] loop2: detected capacity change from 0 to 1024 [ 249.521552][ C1] I/O error, dev loop3, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 249.530956][ T7258] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.561091][ C0] I/O error, dev loop3, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 249.571666][ T7258] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.607907][ T7272] hfsplus: bad catalog entry type [ 249.618526][ C1] I/O error, dev loop3, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 249.628620][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.707211][ C1] I/O error, dev loop3, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 249.716787][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.748154][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.769865][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 249.808975][ T5207] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 249.818997][ T5848] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 249.866043][ T4688] loop: Write error at byte offset 9223372036855820287, length 1024. [ 249.885275][ C1] Buffer I/O error on dev loop3, logical block 1020, lost sync page write [ 249.897562][ T5207] NILFS (loop3): unable to write superblock: err=-5 [ 250.036691][ T4552] loop: Write error at byte offset 9223372036854776831, length 1024. [ 250.048564][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 250.057260][ T5207] NILFS (loop3): unable to write superblock: err=-5 [ 250.095550][ T7292] hfsplus: xattr searching failed [ 250.582597][ T7297] loop1: detected capacity change from 0 to 128 [ 250.604128][ T7297] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 250.719109][ T5672] hfsplus: b-tree write err: -5, ino 4 [ 250.834934][ T5848] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 250.862884][ T7309] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 250.872849][ T5848] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 250.894220][ T5848] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 250.917957][ T7310] loop3: detected capacity change from 0 to 2048 [ 250.973383][ T7316] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 251.014860][ T5848] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 251.024681][ T5848] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 251.032824][ T5848] usb 5-1: SerialNumber: syz [ 251.064594][ T7310] loop3: detected capacity change from 2048 to 0 [ 251.078379][ T5848] usb 5-1: bad CDC descriptors [ 251.078764][ T7310] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.095587][ T5847] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 251.157602][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=226) [ 251.188118][ T5207] NILFS (loop3): error -5 truncating bmap (ino=15) [ 251.219426][ T5207] NILFS (loop3): I/O error reading b-tree node block (ino=16, blocknr=15) [ 251.234827][ T5207] NILFS (loop3): error -5 truncating bmap (ino=16) [ 251.249674][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=34) [ 251.268994][ T5207] NILFS (loop3): error -5 truncating bmap (ino=17) [ 251.295604][ T5848] usb 5-1: USB disconnect, device number 5 [ 251.335091][ T7316] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.354462][ T7316] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.366159][ T5847] usb 2-1: Using ep0 maxpacket: 32 [ 251.393812][ T7316] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.416298][ T7316] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.463633][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.489979][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.519901][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.529625][ T5847] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 251.550991][ T5207] NILFS (loop3): I/O error reading meta-data file (ino=3, block-offset=0) [ 251.559882][ T5847] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 251.569954][ T5207] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 251.579040][ T5847] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 251.590703][ T4552] loop: Write error at byte offset 9223372036855820287, length 1024. [ 251.599035][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.609567][ C1] Buffer I/O error on dev loop3, logical block 1020, lost sync page write [ 251.618326][ T5207] NILFS (loop3): unable to write superblock: err=-5 [ 251.625629][ T4552] loop: Write error at byte offset 9223372036854776831, length 1024. [ 251.636461][ C1] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 251.644920][ T5207] NILFS (loop3): unable to write superblock: err=-5 [ 251.665435][ T5207] ================================================================== [ 251.673584][ T5207] BUG: KASAN: use-after-free in lru_add_fn+0x2d4/0x1ac0 [ 251.680584][ T5207] Read of size 8 at addr ffff8880505a7228 by task syz-executor.3/5207 [ 251.688791][ T5207] [ 251.691243][ T5207] CPU: 1 PID: 5207 Comm: syz-executor.3 Not tainted 6.1.94-syzkaller #0 [ 251.699623][ T5207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 251.711723][ T5207] Call Trace: [ 251.715010][ T5207] [ 251.717950][ T5207] dump_stack_lvl+0x1e3/0x2cb [ 251.722664][ T5207] ? nf_tcp_handle_invalid+0x642/0x642 [ 251.728140][ T5207] ? panic+0x764/0x764 [ 251.732214][ T5207] ? _printk+0xd1/0x111 [ 251.736377][ T5207] ? __virt_addr_valid+0x17f/0x520 [ 251.741560][ T5207] ? __virt_addr_valid+0x17f/0x520 [ 251.746859][ T5207] print_report+0x15f/0x4f0 [ 251.751372][ T5207] ? __virt_addr_valid+0x17f/0x520 [ 251.756586][ T5207] ? __virt_addr_valid+0x17f/0x520 [ 251.761724][ T5207] ? __virt_addr_valid+0x44a/0x520 [ 251.766848][ T5207] ? __phys_addr+0xb6/0x170 [ 251.771359][ T5207] ? lru_add_fn+0x2d4/0x1ac0 [ 251.775957][ T5207] kasan_report+0x136/0x160 [ 251.780469][ T5207] ? lru_add_fn+0x2d4/0x1ac0 [ 251.785239][ T5207] ? lru_add_fn+0x214/0x1ac0 [ 251.789845][ T5207] kasan_check_range+0x27f/0x290 [ 251.794799][ T5207] lru_add_fn+0x2d4/0x1ac0 [ 251.799323][ T5207] folio_batch_move_lru+0x31a/0x720 [ 251.804536][ T5207] ? folio_add_lru+0xd70/0xd70 [ 251.809316][ T5207] ? lru_add_drain_cpu+0x8b0/0x8b0 [ 251.814443][ T5207] lru_add_drain_cpu+0x108/0x8b0 [ 251.819387][ T5207] ? percpu_counter_add_batch+0x142/0x160 [ 251.825210][ T5207] ? folio_add_lru_vma+0x1f0/0x1f0 [ 251.830339][ T5207] ? folio_account_redirty+0x1b3/0x670 [ 251.835812][ T5207] ? lru_add_drain+0x75/0x3e0 [ 251.840581][ T5207] lru_add_drain+0x11e/0x3e0 [ 251.845186][ T5207] __pagevec_release+0x51/0xf0 [ 251.849959][ T5207] write_cache_pages+0x12bb/0x15c0 [ 251.855089][ T5207] ? generic_writepages+0x160/0x160 [ 251.860302][ T5207] ? tag_pages_for_writeback+0x6a0/0x6a0 [ 251.865955][ T5207] ? blk_start_plug+0x95/0x110 [ 251.870734][ T5207] do_writepages+0x40f/0x670 [ 251.875339][ T5207] ? __writepage+0x120/0x120 [ 251.879961][ T5207] ? __lock_acquire+0x1f80/0x1f80 [ 251.884995][ T5207] ? do_raw_spin_lock+0x14a/0x370 [ 251.890117][ T5207] __writeback_single_inode+0x15d/0x11e0 [ 251.895776][ T5207] writeback_single_inode+0x22c/0x960 [ 251.901187][ T5207] ? write_inode_now+0x260/0x260 [ 251.906230][ T5207] write_inode_now+0x1cf/0x260 [ 251.911009][ T5207] ? bdi_split_work_to_wbs+0x990/0x990 [ 251.916573][ T5207] ? do_raw_spin_unlock+0x137/0x8a0 [ 251.921778][ T5207] iput+0x616/0x980 [ 251.925601][ T5207] nilfs_put_super+0xd3/0x150 [ 251.930287][ T5207] ? nilfs_free_inode+0x70/0x70 [ 251.935324][ T5207] generic_shutdown_super+0x130/0x340 [ 251.940706][ T5207] kill_block_super+0x7a/0xe0 [ 251.945414][ T5207] deactivate_locked_super+0xa0/0x110 [ 251.950797][ T5207] cleanup_mnt+0x490/0x520 [ 251.955223][ T5207] ? lockdep_hardirqs_on+0x94/0x130 [ 251.960430][ T5207] task_work_run+0x246/0x300 [ 251.965041][ T5207] ? task_work_cancel+0x2b0/0x2b0 [ 251.970076][ T5207] ? exit_to_user_mode_loop+0x39/0x100 [ 251.975538][ T5207] exit_to_user_mode_loop+0xde/0x100 [ 251.980826][ T5207] exit_to_user_mode_prepare+0xb1/0x140 [ 251.986391][ T5207] syscall_exit_to_user_mode+0x60/0x270 [ 251.991952][ T5207] do_syscall_64+0x47/0xb0 [ 251.996476][ T5207] ? clear_bhb_loop+0x45/0xa0 [ 252.001257][ T5207] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 252.007254][ T5207] RIP: 0033:0x7f7a5e27e257 [ 252.011683][ T5207] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 252.031293][ T5207] RSP: 002b:00007ffdaa22e428 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6 [ 252.039726][ T5207] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 00007f7a5e27e257 [ 252.047740][ T5207] RDX: 0000000000000200 RSI: 0000000000000009 RDI: 00007ffdaa22f5d0 [ 252.055807][ T5207] RBP: 00007f7a5e2d96c6 R08: 0000000000000000 R09: 0000000000000000 [ 252.063780][ T5207] R10: 0000000000000100 R11: 0000000000000202 R12: 00007ffdaa22f5d0 [ 252.071755][ T5207] R13: 00007f7a5e2d96c6 R14: 000055555731f430 R15: 0000000000000007 [ 252.079757][ T5207] [ 252.082788][ T5207] [ 252.085109][ T5207] Allocated by task 7310: [ 252.089433][ T5207] kasan_set_track+0x4b/0x70 [ 252.094036][ T5207] __kasan_slab_alloc+0x65/0x70 [ 252.098903][ T5207] slab_post_alloc_hook+0x52/0x3a0 [ 252.104024][ T5207] kmem_cache_alloc_lru+0x10c/0x2d0 [ 252.109926][ T5207] nilfs_alloc_inode+0x2a/0xe0 [ 252.114698][ T5207] iget5_locked+0x9c/0x270 [ 252.119122][ T5207] nilfs_iget_locked+0x127/0x180 [ 252.124068][ T5207] nilfs_ifile_read+0x2e/0x170 [ 252.128848][ T5207] nilfs_attach_checkpoint+0x260/0x4d0 [ 252.134419][ T5207] nilfs_fill_super+0x349/0x660 [ 252.139298][ T5207] nilfs_mount+0x679/0x9a0 [ 252.143767][ T5207] legacy_get_tree+0xeb/0x180 [ 252.148502][ T5207] vfs_get_tree+0x88/0x270 [ 252.152943][ T5207] do_new_mount+0x2ba/0xb40 [ 252.157518][ T5207] __se_sys_mount+0x2d5/0x3c0 [ 252.162225][ T5207] do_syscall_64+0x3b/0xb0 [ 252.166701][ T5207] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 252.172656][ T5207] [ 252.175073][ T5207] Freed by task 3562: [ 252.179246][ T5207] kasan_set_track+0x4b/0x70 [ 252.184121][ T5207] kasan_save_free_info+0x27/0x40 [ 252.189152][ T5207] ____kasan_slab_free+0xd6/0x120 [ 252.194209][ T5207] kmem_cache_free+0x292/0x510 [ 252.198982][ T5207] rcu_core+0xad5/0x1810 [ 252.203231][ T5207] handle_softirqs+0x2ee/0xa40 [ 252.208115][ T5207] __irq_exit_rcu+0x157/0x240 [ 252.212895][ T5207] irq_exit_rcu+0x5/0x20 [ 252.217149][ T5207] sysvec_apic_timer_interrupt+0x43/0xb0 [ 252.222808][ T5207] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 252.228807][ T5207] [ 252.231130][ T5207] Last potentially related work creation: [ 252.236930][ T5207] kasan_save_stack+0x3b/0x60 [ 252.241644][ T5207] __kasan_record_aux_stack+0xb0/0xc0 [ 252.247911][ T5207] call_rcu+0x163/0xa10 [ 252.252158][ T5207] nilfs_put_root+0x93/0xb0 [ 252.256676][ T5207] nilfs_detach_log_writer+0x8c5/0xbd0 [ 252.262254][ T5207] nilfs_put_super+0x49/0x150 [ 252.266957][ T5207] generic_shutdown_super+0x130/0x340 [ 252.272368][ T5207] kill_block_super+0x7a/0xe0 [ 252.277057][ T5207] deactivate_locked_super+0xa0/0x110 [ 252.282461][ T5207] cleanup_mnt+0x490/0x520 [ 252.286899][ T5207] task_work_run+0x246/0x300 [ 252.291502][ T5207] exit_to_user_mode_loop+0xde/0x100 [ 252.296792][ T5207] exit_to_user_mode_prepare+0xb1/0x140 [ 252.302433][ T5207] syscall_exit_to_user_mode+0x60/0x270 [ 252.308355][ T5207] do_syscall_64+0x47/0xb0 [ 252.312784][ T5207] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 252.318689][ T5207] [ 252.321021][ T5207] The buggy address belongs to the object at ffff8880505a6ce8 [ 252.321021][ T5207] which belongs to the cache nilfs2_inode_cache of size 1512 [ 252.335871][ T5207] The buggy address is located 1344 bytes inside of [ 252.335871][ T5207] 1512-byte region [ffff8880505a6ce8, ffff8880505a72d0) [ 252.349339][ T5207] [ 252.351675][ T5207] The buggy address belongs to the physical page: [ 252.358205][ T5207] page:ffffea0001416800 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880505a2670 pfn:0x505a0 [ 252.369663][ T5207] head:ffffea0001416800 order:3 compound_mapcount:0 compound_pincount:0 [ 252.378004][ T5207] memcg:ffff88805af6f101 [ 252.382237][ T5207] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 252.390235][ T5207] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff888016fac140 [ 252.398819][ T5207] raw: ffff8880505a2670 000000008013000b 00000001ffffffff ffff88805af6f101 [ 252.407396][ T5207] page dumped because: kasan: bad access detected [ 252.413817][ T5207] page_owner tracks the page as allocated [ 252.419656][ T5207] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 6242, tgid 6241 (syz-executor.2), ts 206736217933, free_ts 103560041488 [ 252.443714][ T5207] post_alloc_hook+0x18d/0x1b0 [ 252.448492][ T5207] get_page_from_freelist+0x31a1/0x3320 [ 252.454040][ T5207] __alloc_pages+0x28d/0x770 [ 252.458645][ T5207] alloc_slab_page+0x6a/0x150 [ 252.463330][ T5207] new_slab+0x84/0x2d0 [ 252.467404][ T5207] ___slab_alloc+0xc20/0x1270 [ 252.472087][ T5207] kmem_cache_alloc_lru+0x1a5/0x2d0 [ 252.477290][ T5207] nilfs_alloc_inode+0x2a/0xe0 [ 252.482060][ T5207] iget5_locked+0x9c/0x270 [ 252.486482][ T5207] nilfs_iget_locked+0x127/0x180 [ 252.491440][ T5207] nilfs_dat_read+0xbb/0x300 [ 252.496039][ T5207] load_nilfs+0x4f1/0x1040 [ 252.500457][ T5207] nilfs_fill_super+0x2ca/0x660 [ 252.505330][ T5207] nilfs_mount+0x679/0x9a0 [ 252.509752][ T5207] legacy_get_tree+0xeb/0x180 [ 252.514435][ T5207] vfs_get_tree+0x88/0x270 [ 252.518859][ T5207] page last free stack trace: [ 252.523528][ T5207] free_unref_page_prepare+0xf63/0x1120 [ 252.529075][ T5207] free_unref_page+0x33/0x3e0 [ 252.533764][ T5207] release_pages+0x68e/0x2b40 [ 252.538442][ T5207] tlb_flush_mmu+0xfc/0x210 [ 252.543039][ T5207] unmap_page_range+0x217c/0x2740 [ 252.548067][ T5207] unmap_vmas+0x48b/0x640 [ 252.552403][ T5207] exit_mmap+0x252/0x9f0 [ 252.556735][ T5207] __mmput+0x115/0x3c0 [ 252.560809][ T5207] exit_mm+0x226/0x300 [ 252.564887][ T5207] do_exit+0x9f6/0x26a0 [ 252.569065][ T5207] do_group_exit+0x202/0x2b0 [ 252.573663][ T5207] get_signal+0x16f7/0x17d0 [ 252.578262][ T5207] arch_do_signal_or_restart+0xb0/0x1a10 [ 252.583902][ T5207] exit_to_user_mode_loop+0x6a/0x100 [ 252.589194][ T5207] exit_to_user_mode_prepare+0xb1/0x140 [ 252.594751][ T5207] syscall_exit_to_user_mode+0x60/0x270 [ 252.600319][ T5207] [ 252.602639][ T5207] Memory state around the buggy address: [ 252.608266][ T5207] ffff8880505a7100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 252.616327][ T5207] ffff8880505a7180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 252.624393][ T5207] >ffff8880505a7200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 252.632452][ T5207] ^ [ 252.637885][ T5207] ffff8880505a7280: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 252.645951][ T5207] ffff8880505a7300: fc fc fc fc fc fc fc fc fc fc fa fb fb fb fb fb [ 252.654099][ T5207] ================================================================== [ 252.662160][ T5207] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 252.669350][ T5207] CPU: 1 PID: 5207 Comm: syz-executor.3 Not tainted 6.1.94-syzkaller #0 [ 252.677703][ T5207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 252.687766][ T5207] Call Trace: [ 252.691048][ T5207] [ 252.693979][ T5207] dump_stack_lvl+0x1e3/0x2cb [ 252.698690][ T5207] ? nf_tcp_handle_invalid+0x642/0x642 [ 252.704252][ T5207] ? panic+0x764/0x764 [ 252.708321][ T5207] ? lock_release+0xd6/0xa20 [ 252.712940][ T5207] ? vscnprintf+0x59/0x80 [ 252.717306][ T5207] panic+0x318/0x764 [ 252.721249][ T5207] ? check_panic_on_warn+0x1d/0xa0 [ 252.726368][ T5207] ? memcpy_page_flushcache+0xfc/0xfc [ 252.731948][ T5207] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 252.737857][ T5207] ? _raw_spin_unlock+0x40/0x40 [ 252.742719][ T5207] ? print_report+0x4a3/0x4f0 [ 252.747496][ T5207] check_panic_on_warn+0x7e/0xa0 [ 252.752459][ T5207] ? lru_add_fn+0x2d4/0x1ac0 [ 252.757428][ T5207] end_report+0x66/0x110 [ 252.761724][ T5207] kasan_report+0x143/0x160 [ 252.766240][ T5207] ? lru_add_fn+0x2d4/0x1ac0 [ 252.770921][ T5207] ? lru_add_fn+0x214/0x1ac0 [ 252.775513][ T5207] kasan_check_range+0x27f/0x290 [ 252.780453][ T5207] lru_add_fn+0x2d4/0x1ac0 [ 252.784874][ T5207] folio_batch_move_lru+0x31a/0x720 [ 252.790079][ T5207] ? folio_add_lru+0xd70/0xd70 [ 252.794845][ T5207] ? lru_add_drain_cpu+0x8b0/0x8b0 [ 252.799984][ T5207] lru_add_drain_cpu+0x108/0x8b0 [ 252.804939][ T5207] ? percpu_counter_add_batch+0x142/0x160 [ 252.810673][ T5207] ? folio_add_lru_vma+0x1f0/0x1f0 [ 252.815881][ T5207] ? folio_account_redirty+0x1b3/0x670 [ 252.821362][ T5207] ? lru_add_drain+0x75/0x3e0 [ 252.826134][ T5207] lru_add_drain+0x11e/0x3e0 [ 252.830750][ T5207] __pagevec_release+0x51/0xf0 [ 252.835609][ T5207] write_cache_pages+0x12bb/0x15c0 [ 252.841003][ T5207] ? generic_writepages+0x160/0x160 [ 252.846228][ T5207] ? tag_pages_for_writeback+0x6a0/0x6a0 [ 252.851891][ T5207] ? blk_start_plug+0x95/0x110 [ 252.856691][ T5207] do_writepages+0x40f/0x670 [ 252.861311][ T5207] ? __writepage+0x120/0x120 [ 252.865923][ T5207] ? __lock_acquire+0x1f80/0x1f80 [ 252.870971][ T5207] ? do_raw_spin_lock+0x14a/0x370 [ 252.876026][ T5207] __writeback_single_inode+0x15d/0x11e0 [ 252.881769][ T5207] writeback_single_inode+0x22c/0x960 [ 252.887156][ T5207] ? write_inode_now+0x260/0x260 [ 252.892112][ T5207] write_inode_now+0x1cf/0x260 [ 252.896888][ T5207] ? bdi_split_work_to_wbs+0x990/0x990 [ 252.902367][ T5207] ? do_raw_spin_unlock+0x137/0x8a0 [ 252.907574][ T5207] iput+0x616/0x980 [ 252.911392][ T5207] nilfs_put_super+0xd3/0x150 [ 252.916077][ T5207] ? nilfs_free_inode+0x70/0x70 [ 252.920937][ T5207] generic_shutdown_super+0x130/0x340 [ 252.926321][ T5207] kill_block_super+0x7a/0xe0 [ 252.931006][ T5207] deactivate_locked_super+0xa0/0x110 [ 252.936396][ T5207] cleanup_mnt+0x490/0x520 [ 252.940822][ T5207] ? lockdep_hardirqs_on+0x94/0x130 [ 252.946025][ T5207] task_work_run+0x246/0x300 [ 252.950627][ T5207] ? task_work_cancel+0x2b0/0x2b0 [ 252.955667][ T5207] ? exit_to_user_mode_loop+0x39/0x100 [ 252.961138][ T5207] exit_to_user_mode_loop+0xde/0x100 [ 252.966433][ T5207] exit_to_user_mode_prepare+0xb1/0x140 [ 252.972073][ T5207] syscall_exit_to_user_mode+0x60/0x270 [ 252.977633][ T5207] do_syscall_64+0x47/0xb0 [ 252.982060][ T5207] ? clear_bhb_loop+0x45/0xa0 [ 252.986756][ T5207] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 252.992658][ T5207] RIP: 0033:0x7f7a5e27e257 [ 252.997089][ T5207] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 253.016873][ T5207] RSP: 002b:00007ffdaa22e428 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6 [ 253.025547][ T5207] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 00007f7a5e27e257 [ 253.033519][ T5207] RDX: 0000000000000200 RSI: 0000000000000009 RDI: 00007ffdaa22f5d0 [ 253.041512][ T5207] RBP: 00007f7a5e2d96c6 R08: 0000000000000000 R09: 0000000000000000 [ 253.049498][ T5207] R10: 0000000000000100 R11: 0000000000000202 R12: 00007ffdaa22f5d0 [ 253.057475][ T5207] R13: 00007f7a5e2d96c6 R14: 000055555731f430 R15: 0000000000000007 [ 253.065662][ T5207] [ 253.069057][ T5207] Kernel Offset: disabled [ 253.073397][ T5207] Rebooting in 86400 seconds..