last executing test programs: 21.926110806s ago: executing program 1 (id=3625): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) prctl$PR_SET_MM(0x23, 0x0, &(0x7f00002d5000/0x2000)=nil) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001d80)=[{{&(0x7f00000001c0)={0xa, 0x4e22, 0x7ff, @remote}, 0x1c, &(0x7f0000000240)=[{&(0x7f00000004c0)="183113e4dda9bd3a9c3c79e2f394566924a274258dd5fab8f127c5b9d63ff926ccede57a690d21d7080133e2730f141e48c0fbd1343a624907ca34daad3dfc6143d4c4d59f2251a9914bed53a273d8f588f81cfbf48ee43873f5e5da31a797d5c6560d132994b3225583d497ff5db6c5d583eede0991f628692e617896de85eede56e8b56e73ef42f4242194a7ec75925100d3b715c19a41a419084e83d5b611abcdfc3db669c619c2018d9d200b16bdb072e2e834aaaad30a5c86f0f784210fb6895f76", 0xc4}], 0x1, &(0x7f00000002c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x5}}], 0x18}}, {{&(0x7f0000000340)={0xa, 0x4e22, 0x6eb, @loopback, 0x2}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000380)}, {&(0x7f00000003c0)="e128669f66a0f128d69ad5a6faa34e7b4431d1bc708cc1e98adadd01b708397d0cd074", 0x23}, {&(0x7f00000005c0)="8ff702ad0468b29a8df346c0d0bcbad476cd29afe107563732ea12058cbfcc140703aaa90d8419e63de044e374786276c5c1abb4c7f06dc094f5e1", 0x3b}], 0x3}}, {{&(0x7f00000006c0)={0xa, 0x4e20, 0x4, @private1, 0x1000}, 0x1c, &(0x7f0000001040)=[{&(0x7f0000000c00)="d432776d3dc55a66029914fc46302acd8e8920c3f5d423f985529730edea3653885fdd8aa1ac71de0f9d89b05cc41f8fc7773a94825eb9b853009aefc309952db467331bc7e25d20d5a5189f133d0b15c87f92b23973eb43fe3ed8fb5e79b52458c4c31dd18b2b33a276b2f2fdf2abba4bf98774a7bc352ef9c1b18c566bc4d8115bd3aed890ff978a549ef9efd222e9fe00d261f5224177af6856b5a7973ee956a3efc866196dddb43d6d13b761f4aee916b2a41e64e738c43e9f5c48071ada262d35804e5644", 0xc7}, {&(0x7f0000000d00)="6b1051b497e914cd46c169302139c3790ed48a60d1190f00ebdc80551d3acf31188ee879713953b4492377e752530bc62c98bb92f7c8ec6a9c42a545ff4a3c6cefd5349df456eda0205ce7a7d37b3e0b9a48dfb93f3fecd74a1c952a0f86428d1dcc0a9a2732b5cc34a15f40cfc387a1e87604fe37f7854f6f579077ec9df1c7f580caf4b02d027abd402ff07710432a29ed37139ac1db9e0280904204e16c686d3a73f4583b12361bacd23fff1a75969ad486", 0xb3}, {&(0x7f0000000700)="4d9dfa5b2bbc7ecf709ddbb9dad9417aeabd28cfeb8efac5b14d552b960fdd38", 0x20}, {&(0x7f0000000dc0)="b44a2acdec4bbac5dda59e1b5ff80c2c4e3f8867e0f7c91a6127142cd8ad97a552add9c15253b9bc7d4dbb8268bda0145f16cc2199e3a0dcd1afb7548912ea681b6863d370b407aadf90fbec92029adbc9de385d57b8db028de30ab4003156624d8b2982df465287fc5475676e96151a7d4a", 0x72}, {&(0x7f0000000e40)="354e727c9401b2fc5997492de0008d105c82ee0fc0422f0500978b110c02eba37b237b07db3c29c44ac55f3e4af511f9b3", 0x31}, {&(0x7f0000000e80)="d877817df154d02780e0fb68650142bc3527bb846079e8fb0589577aaa57266f1d61e0294bfc62f855b43b8a3404985a24aa48e19bf0c0bc59441e0fb8fe47f698a634a59888317db9e474d1cf0a8d9ec27006f5e11dd9f0b249afcf6ac9ec6969a224a6b83961ab27366dcb2b24b523565bc37323bb29feda6bbb0956aabc1754d2cf77d2350b", 0x87}, {&(0x7f0000000f40)="08bb14054512e9119494c4904fedf01564aced8199cba3d1a05389e44c5e3ea9db83d80bbd5277cfe44236f16342e24b16129525efb9efd8b99e17e3fb80b27361471de6aed0046e508d9bcb9568d38fbc3be5a05ec3302cebc6ca9f59b35d023a50896a56796f915b3f06ec730c672a3dbad593b164804c757d7893e9d6269d481cbfe03e341ad03f6de78d97756c7f2b37d455d6775a2a7ea92580d6d0a2d8059685459f06285da0cd009518f823653a7d1751d0a3f54cddfdaecf9120fd2808a5b0a0744cf5d09ebaf507dfc1f4a6826598c58b5893739d09709f5d08e02a5af3", 0xe2}], 0x7, &(0x7f00000010c0)=ANY=[@ANYBLOB="140000000000000029000000080000000800000000000000a80000000000000029000000360000003b11000000000000003f68fc3ed98530a0f17e42bc32f31d14cc9037088db27859efbe1fec2a8c7e51ed603a7ceada15f943ac30db810a4702fc9997880b95263d9de862f0922edc4f050202000502000305020000072000000002060ee0f400000000000000800400000000000000ff000000000000000106000000000000c20400000fff010700000000000000c2040000004100000000180000000000000029000000390000000c00020100000000480000000000000029000000390000001106027f00000000fc01000000000000000000000000000100000000000000000000ffffac1414bbfe80000000000000000000000000003d300000000000000029000000370000008902000000000000c910fc0200000000000000000000000000000102000000001400000000000000290000003e000000030000000000000030000000000000002900000036000000020200000000000007100000000202fe00000000000000000000000000000000580000000000000029000000040000002f070000000000008000000107000000000000000730000000000a0603000400000000000000ff070000000000000101000000000000010000000000000001000100000000000000200000000000000029000000370000000c000000000000000105000000000000"], 0x210}}, {{&(0x7f0000001300)={0xa, 0x4e24, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}, 0x1c, &(0x7f00000017c0)=[{&(0x7f0000001340)="06529878611b0e865383b897c7dcea9d93829c4108448b632edaba45ec4c0d201b9b9e7d9c1cc199a11620768d15e01bd840e1fd91fa6bf2b54bfa1586c1b7589f5a4f3c23989d5ad7171b8590106d29d3648acf5c93e861ef9a751d17e102fa0fd9a2196add712e249600e509019763d2f1779a220cba0b8173cc6fedc4f2a397688dd8980e4f38c8de4a52f7d9f8559c89bbabe334795e2be19b8b5f431e03e4351ca53b9bdfcd27e23d3d52dcebfef81d7e59", 0xb4}, {&(0x7f0000001440)="97ce2a49ea272b31252a2d45149fd674e1a8ce9cae70e8cfb15d3f01578bf8e9490299dea434dce787abcd9385083eef9ee2f7480e3f21f42dfc91", 0x3b}, {&(0x7f0000001480)="be3dde1fb5d8950a291937006d7d3b5696ede5d00b59a91cd9ef548ab09100759ff594b6f37437da830fddbba74f2c7910d13e", 0x33}, {&(0x7f00000014c0)="7865d8779a9e6d89feb819069cae9b5acda76896ea63da3c7b9519060118f3e9e3787754e535eebd90dfeee2ca68b2c6a39d5e2c1e900820bf78b707ae16f074d81aa368d9083e89cec59fd39acd015771f484864d618324335b393d2dfadaa7165761211601704a432adcd3d12d5fb56be8670e45fb70659c21e3ddf5ed9a29781e0ac45cd968372688ad84902eae290fa8cbe912d6398d2c11fa6f24f9e79e9e4b6f8393c78eb9ec399ae47e974961f55a4f07dfd8204c0f34a1070b054ec407f1f7533416b993c2e5", 0xca}, {&(0x7f00000015c0)="8649d2cacfbf70ec2b7feaa95bc6f6e1e26ad6db6a8f8646e6fc15304bfcc0a430aed84c2cf0398086501c8dc1b6fcded2e6db5c4ec374e76961ee9975958d30c0606e58f9f5cb9808399766123d44c1e18d8207e37a68beade43ee43c630fddc263e6aa23362b5b38cd671fabed74364e20498d7f87fcbfa12c4a2904041a3589d035602528c38475a6bc26ea873874b1ed77e487d4a05f8e4381b52dc72bf379f5f02ed80fbac07151ad6edcc837aae849e5467c5690e1a9863fc12f0944cd9062b8405a2004d4367c81a104f9dba8272e943210402fbc044dd3b039cb05f097c6578c623d131bfc556752fb88d2ad5ce19c59cf52a4a36993cc3044ad", 0xfe}, {&(0x7f00000016c0)="a1da234a0ffa376a335fce5dc57856e1c48625a7bbbe690aaad914e7975ec50c2c54fd079bb5b1742c10b506c0dd6872cd5d4834fca197c088a8a786abfffe77b18a0f39354b1fb5fde7f6d765336f27086eae79ee22c72a1532cb244f1b6376b9238c31fcb1682b2b20957a2a48dfe91c0d0384128ab60ccacedcbea0822b29c25723118f65b867f158c33ad642f7bd53499a399dc261f1ffa5743ff123e7100cbb1e4d1dbf033acabe17ce33c844e663d868a52cf5efaf2fe28d5cbf939f5caeed82a5a87520eaca46b77937b85abd043bd2e4c2fa0d12c04b4741d794a8aa7ea088b7978e904028812fe976", 0xed}], 0x6, &(0x7f0000001840)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xdbd}}, @dstopts={{0x18, 0x29, 0x37, {0xbe}}}, @rthdrdstopts={{0x110, 0x29, 0x37, {0x11, 0x1e, '\x00', [@pad1, @ra={0x5, 0x2, 0x7}, @generic={0x7f, 0xe7, "7be156a6040ad32ff091ce94a297d7eb0e56bc57adabcaa06d8a2e7d402e184a4feb3e75b2d4c3b7983cdb7ab70d98dc488db6054d3bb87c078c6a62d948c0cda10564bab8f9d33e6deada4e4715bf8d911b31fecd4c958d1cb8439765405c6b913ace788ec16839f4bd93110628578f92ba7f5411051fa6e78576cf1a558ace58c70703572cab43900435ca9b8965b7b184b2047492149e99b5dc6ce879aefb7ade118ba8cc0efc9fd1872dbc164e8d7ad0f5e1c0a63c6d0aa167174d34f34abb936c422bf26560faa74770b3cfe635cf7a4c46962263275c57f61cd4c1ddaef6156a72f5bb6d"}, @jumbo={0xc2, 0x4, 0x6}]}}}, @dstopts_2292={{0x1a0, 0x29, 0x4, {0x3c, 0x30, '\x00', [@padn={0x1, 0x1, [0x0]}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @ra={0x5, 0x2, 0xf}, @generic={0x1, 0x86, "56741932e4a25122435de1578a7dd5993de46f204dd2e2764810b61447531d05372cdd80a52bd2a78013d322999a574e2d920a3cdf450e843ddc8a48c1a4a6275f038b01c4d49539171e921a5c457f3f1e7bf92c53e5f82129a625efe13d2a224a9c28d269b8c375f5622c6fa34146eb0a9d3595545399afcfdd3b92b9f6059b1558db32a52b"}, @calipso={0x7, 0x20, {0x0, 0x6, 0x7a, 0x8, [0x0, 0x7fffffff, 0x3]}}, @hao={0xc9, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x1, 0x2, 0x85, 0x1, [0xe58]}}, @generic={0x0, 0x95, "748d9ffdbc09386f58432627f2615c535141b0451b5b31e692d9ace2bf5950d5ce2412e1b498f3f548c61135ed05d5f13774fc715171a80c6d0b0897afb2ab3889593b37143ff6629c69843576ff35fc7521f47bfeb18dfa63a53287b0141292fab525b0319532726b39afe22d23a5aca4d4ed6fa2ddf3133e7151fe2d348fbac0208c12f8d66476ef209200e9c16050526e0f0cc8"}]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x3b, 0x0, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x2}]}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x88, 0x8, 0x2, 0x0, 0x0, [@mcast1, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2]}}}, @dstopts={{0x40, 0x29, 0x37, {0x21, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x9, 0x6, [0x4, 0x6, 0x8]}}, @ra={0x5, 0x2, 0xc3}]}}}, @hopopts={{0xf8, 0x29, 0x36, {0x1d, 0x1b, '\x00', [@enc_lim={0x4, 0x1, 0x53}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @generic={0xf, 0xd3, "723f7424927451f52802e25641b71da43387a5c2d510f5aadaf7d6ee67f0da66218843aa948d538af34a021ce3cac3e469e1550943d641e22bcec67b2da57f9ed968bfddffb7c79c04f1dd9e9eea54e37e85f3c649d239ff81bd96575f9d7e4b721a854fd8119c47f12209cd00af74cef4f7fb6b27e194155b6f6d97046daf3e2ee30447a39f69a9ed61831611353abff79a2786b94c02ea8b6796fa8d36de2f5a9aa26cc5dfc34c453565941f22a038cc83215167f09367e7053ca5429baedeb9561f909e0e16612c963e2e92c1a31da91a2a"}]}}}, @rthdr_2292={{0xa8, 0x29, 0x39, {0x87, 0x12, 0x6, 0x0, 0x0, [@local, @private2, @private0={0xfc, 0x0, '\x00', 0x1}, @private0, @local, @private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1]}}}], 0x538}}], 0x4, 0x4800) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) add_key$fscrypt_provisioning(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x5, 0x2}, 0xe) syz_mount_image$udf(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x800048, &(0x7f00000001c0)=ANY=[], 0x1, 0x4b1, &(0x7f0000000740)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") open(&(0x7f0000000180)='./bus\x00', 0x4a37e, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0) ftruncate(r2, 0x2008002) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000000140)='ceph\x00', &(0x7f0000000180), &(0x7f0000000040), 0x1d4, r3) 21.51983038s ago: executing program 1 (id=3627): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2000000000c06e52d7b3e49592000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a30000000000900010073797a300000000008000540000000163c0000000c0a010300000000000000000100000008000440000000000900010073797a300000000014000380100000800c0001800400010010000000140000001000010000000000000000000000000a"], 0xc0}}, 0x0) r1 = syz_io_uring_setup(0x0, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)) r2 = syz_open_pts(0xffffffffffffffff, 0x62a100) ioctl$KDSIGACCEPT(r2, 0x4b4e, 0x2d) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_STOP(r3, 0x54a1) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r4, 0x5761, &(0x7f0000000080)={0x4, 0x0, [{0x101, 0xc713, 0xffff8000, [0x7, 0x1010, 0x7, 0x8000, 0x6]}, {0xffff404a, 0x5, 0xe03, [0x100, 0xa1, 0x0, 0x2, 0x0, 0x0, 0x7]}, {0x3ff, 0x0, 0x7ff, [0x0, 0x7ff, 0x0, 0x4, 0x6, 0x0, 0x4]}, {0x95a, 0x0, 0x0, [0x0, 0x80000001, 0x0, 0xca, 0x9, 0x8, 0x7fffffff]}]}) semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f00000001c0)=""/110) ioctl$SNDRV_TIMER_IOCTL_TREAD(r3, 0x40045402, &(0x7f0000000240)=0x1) syz_io_uring_setup(0x7464, &(0x7f0000000280)={0x0, 0x0, 0x400, 0x3, 0x129, 0x0, r4}, &(0x7f0000000300), &(0x7f0000000340)) fsetxattr(r2, &(0x7f0000000380)=@known='user.incfs.id\x00', &(0x7f00000003c0)='/dev/snd/timer\x00', 0xf, 0x2) socket$inet6(0xa, 0x0, 0x5809217b) r5 = semget$private(0x0, 0x3, 0x18b) semctl$GETPID(r5, 0x2, 0xb, &(0x7f0000000440)=""/65) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r4, 0x40bc5311, &(0x7f00000004c0)={0x0, 0x0, 'client1\x00', 0x6, "a9e139bc3aaf8b15", "99732f33e305d77f13f4a709ed312385399a446f8979fae149c72f1909c6a805", 0x4, 0xfffffe73}) msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000580)=""/122) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r4, 0x40505330, &(0x7f0000000600)={{0x0, 0x5}, {0xc8}, 0x0, 0x2, 0x81}) ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000680)={{0x2, 0x0, @multicast1}, {0x306}, 0xc, {0x2, 0x4e20, @multicast2}, 'bridge_slave_0\x00'}) ioctl$TIOCGRS485(r2, 0x542e, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r4, 0x40505330, &(0x7f0000000740)={{0x77}, {0x2, 0x9}, 0x1, 0x0, 0x6}) faccessat(r4, &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1) syz_io_uring_setup(0x0, &(0x7f0000000640)={0x0, 0x12a2, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180), 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x2000, @fd, 0x4, 0x0}) io_uring_enter(r1, 0xb15, 0x100000, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") syz_mount_image$hfs(&(0x7f0000000280), &(0x7f0000000100)='./file0\x00', 0x1210080, &(0x7f00000002c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c756d61736b3d30303030303030303030303030303030303030309b899d5dce5b891d", @ANYRESHEX=0xee01, @ANYRESOCT], 0x1, 0x31b, &(0x7f0000000800)="$eJzs3U1rE08cB/Dv7CZp8m/pf20rBY/VgqfS1oPixSLFi2/AgxRrm0LpWkEraEGMnkW8CYJHb55F34JexDegpx7Ek16KB1dmZmcf0tnNNm2zCfl+oEl2dx5+s7OT3UlIF0Q0tK4uf3t7YU/+iSoAF8BlwAFQByoATmO6/mB7Z3PHb67nFeSqHPJPQOcUB9KsbTdtWWU+lSPkyaUKxpLr6GQEQRB875jqV09iofIIPfYPcICRcHSq7fWeR3YyWrpdwyXRw2If+3iI8TLDISKi8oXnfyc8S4yF1++OA8yG1+GDfv5PXd/slxdHX4jO/45eDoTcP/+rTfF8T03hZO87ZpZoK8t6TATx7q5BH1mpDhCdZpUqFqexsek351qqgGe4Ekokm1KP6zANUbKiremnGcvcNEde2/ONqjZUZRsWM+KfPHSNH3/glb26lc8FYhKfxBexIjy8xnp0/VcJhNw5av94bT2l45/PLlG10tOpUq2M5++nVCVnTA98eBe3spG1X+twZSw2shTRfv3umThf1rJzYQLpjxV06xayW6dyTVpzLUbLf6y5ptpzNTaqfnNu7a6f+1HKsbHO6MQLcUPM4CfeYzlx/e/I1LPIHpmpUS5UyvDIyG1PRaXM6McUNYDvWEamUyDzULtm7eh8z3EblzB+/9Hu1qrvN++V/8IMlT6JRx+I4eEo18jnRBrU5YsqgGOr9G8QBNZNFfSiyVXV1Itv4ibvbq2Kll48WhVoRQWaTUvZiQEsAQjXmHeEbmp/EuUaiQsslP237G21xn5Amqh6cECaqlKbXIwUGimNLiq9/nhr1e/qnYgGTNzpmL5ZdjBUBnl5JfT8LzFfmVfvOvLBy5mNBJ0KT5S4kDEDmlCP/xWbwUXFZs7gRs2LDnOus+eBc201OjA1Pm0v1gvjRD9+K3n4rzLEMr7iFj//JyIiIiIiIiIiIiIiIiIiIiIiIiIaNIf9NUI3PydI17g3hP94g4iIiIiIiIiIiIiIiIiIiIiIiIiIiIjoaBL3/wVcdceYWun3/3UL3P/X3JeCiLr2LwAA///dF2Cj") 21.290152333s ago: executing program 1 (id=3629): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_open_dev$tty20(0xc, 0x4, 0x1) poll(&(0x7f00000030c0)=[{0xffffffffffffffff, 0x3039}, {0xffffffffffffffff, 0x10}, {0xffffffffffffffff, 0x80}, {0xffffffffffffffff, 0x8}, {}, {0xffffffffffffffff, 0x2}], 0x6, 0x0) 21.078618405s ago: executing program 1 (id=3631): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x1000d, 0xfffffffffffffc60}, 0x90) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b2a, &(0x7f0000000040)) 20.835155473s ago: executing program 1 (id=3634): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}}, 0x9c) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f0000002ac0)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000001600)=""/137, 0x89}], 0x1}}], 0x40000a4, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000380), 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="7472616e7cc3a83b23a8ca446e68010dfa01fa5488cf186d18eaa8568c701e62a6cbe1665d81950433a3edf3369cea7e6a03747b151779124c57f73e04648630f14d1340c7846ab751c8ca8eaa59ed62c46f3863d7fa443bd2e3543f65e89db5d6233c48fe2b54e03dc1cd3f806c0be229c321fd7a7c3ccd251aa5e3295df68108922c5d87cf4bd4cfeabb9769210ee39f1d1496d5000ff22fb550924d36dcf33346eb8797c142966ae7a58d18782540d55f76f6b3f16119b2c5e8facc81b404007e20d16794032d210ae0e578c0cbcb246c6a33228ea5415f5bc56232e709c8c11a6af24dc0288bc5389342701b1cbc9f932fe4eaecc663db61b8bd2accac22c81f7d74cc945fa5acff7c159e255e96eb2538903403a8065a4dca2227d6942594db931320c0224048638ac3a3855ec9bbfc27cc8fa87d27d16e344b449c45d9399da8610c9fe350f59bd194f364aed0266be4f2cd3a50047b4194f914fdc31bb2cf", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESHEX=r3]) r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000240)={0x4}) connect$inet(r5, &(0x7f0000000480)={0x2, 0x4e23, @remote}, 0x8) r6 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendto$inet6(r6, 0x0, 0x0, 0x20010004, 0x0, 0x0) connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x3, @dev={0xfe, 0x80, '\x00', 0x29}, 0x3ff}, 0x1c) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_REMOVE(r7, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0xfcffffff00000000}, 0x0) r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01030000000000000000340000000e0001006e657464657673696d0000000f0002006e657464657673696d3000005aeeac1d7575edc90763fa09d8c9c8d3e6f122db67085e722dece1a7f387ba1b77167564"], 0x34}}, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x0) 19.71734286s ago: executing program 1 (id=3638): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, 0x0, 0x8000) r4 = syz_io_uring_setup(0x10f, &(0x7f0000000340)={0x0, 0x0, 0x2}, &(0x7f0000000300)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x0, 0x0, 0x0, 0x4) syz_io_uring_submit(0x0, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index}) io_uring_enter(r4, 0x1000000, 0x0, 0x6, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r4, 0x18, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff]}, 0x1) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1}]}, 0x28}}, 0x0) 18.061788778s ago: executing program 0 (id=3644): r0 = socket$packet(0x11, 0x3, 0x300) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000802, 0xee00, &(0x7f0000000180)={0x10, 0x3ff, 0xfffffffffffffff9, 0x2, 0x5, 0x8, 0x200, 0x9, 0xae2}) socket(0x0, 0x803, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0xa04108, &(0x7f0000000ac0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x7}}, {@nolazytime}, {@commit={'commit', 0x3d, 0x1}}, {@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x80}}, {@init_itable_val={'init_itable', 0x3d, 0x2}}, {@dioread_nolock}, {@debug}]}, 0x11, 0x4b8, &(0x7f0000000540)="$eJzs3VFrW9cdAPD/vbYyJ3FmZ9tDFlgWlgwnbJHseEnMHrIMxvIU2Ja9Z54tG2PZMpacxCYMh32AwRjbYE972stgH2BQ8hFKIdC+l7a0lDZpH/rQVkXSVZq6UmwT2Zfavx+c3HPuvdL/f2J0dc+9R1IAh9bZiLgREQMRcTEiRrL1aVZuNhub7f2ePnkw0yxJNBq3P0giydZ1nivJlsfbD4mhiPjdzYg/Jl+PW1vfWJyuVMqrWbtUX1op1dY3Li0sTc+X58vLk5MTV6euTV2ZGu9LP0cj4vqv3vn7X/7z6+uv/PTem3feu/CnZlrD2fbn+9FP7a4XWv8XHYMRsboXwXIwkC0LOecBAMDONM/xvxMRP2qd/4/EQOvsFAAAADhIGr8Yjk+TiAYAAABwYKWtObBJWszmAgxHmhaL7Tm834tjaaVaq/9krrq2PNueKzsahXRuoVIez+YKj0YhabYnsjm2nfblLe3JiDgZEX8bOdpqF2eqldm8L34AAADAIXF8y/j/45H2+B8AAAA4YEZ3uf/QHuUBAAAA7J3djv8BAACAbx7jfwAAADjQfnPrVrM0Or9/PXt3fW2xevfSbLm2WFxamynOVFdXivPV6nzrO/uWtnu+SrW68rNYXrtfqpdr9VJtfePOUnVtuX5nwacGAAAAIC8nf/jojSQiNn9+tFWajuSdFLAvkt3s/Pbe5QHsv4G8EwByM5h3AkBuCnknAORuu+sAPSfvvNr/XAAAgL0x9v3e9/9dG4CDLc07AQBg37n/D4dXwQxAOPS+vc32l7//32jsKiEAAKDvhlslSYvZvcDhSNNiMeJE62cBCsncQqU8no0PXh8pfKvZnmg9MtndZ4cBAAAAAAAAAAAAAAAAAAAAAAAA4BBrNJJoAAAAAAdaRPpu0vo2/4ixkfPDW68PHEk+GWktI+Lev27/4/50vb460Vz/4bP19X9m6y/ncQUDAAAA2KozTu+M4wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgn54+eTDTKfsZ9/1fRsRot/iDMdRaDkUhIo59lMTgc49LImKgD/E3H0bEqW7xk2ZaMZpl0S3+0RzjpxFxvA/x4TB71Dz+3Oj2+kvjbGvZ/fU3mJWX1fv4lz47/g30OP6c2GGM04//V+oZ/2HE6cHux59O/KRH/HM7jP+H329s9NrW+HfEWNf3n+QrsUr1pZVSbX3j0sLS9Hx5vrw8OTlxdera1JWp8dLcQqWc/ds1xl9/8P/PX9T/Yz3ij27T//M77P9nj+8/+W67WugW/8K57u+/p3rET7P3vh9n9eb2sU59s11/3pn/vnbmRf2f7dH/7f7+F3bY/4u//fNbO9wVANgHtfWNxelKpbyqoqKi8qyS95EJAADoty9P+vPOBAAAAAAAAAAAAAAAAAAAAA6v/fg6sa0xN/PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC30RAAD//3e61PU=") r3 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0) semget$private(0x0, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0) r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r7, &(0x7f0000002100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_DIRENT(r7, &(0x7f0000000040)=ANY=[@ANYBLOB="3001000000000000", @ANYRES64=r8, @ANYBLOB='\a'], 0x130) r9 = dup2(r6, r5) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r5, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='netlink_extack\x00', r10}, 0x10) setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f00000005c0)=@nat={'nat\x00', 0x1b, 0x5, 0x4f8, 0x0, 0x2d8, 0xffffffff, 0x3a8, 0x0, 0x460, 0x460, 0xffffffff, 0x460, 0x460, 0x5, &(0x7f0000000340), {[{{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x4, 0x2, 0x1, 'syz0\x00'}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x2, @private=0xa010102, @local, @gre_key=0x8000, @port=0x4e22}}}}, {{@uncond, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x7, 0x0, 0x2}}, @common=@addrtype={{0x30}, {0x0, 0x404, 0x0, 0x1}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x10, @ipv6=@dev={0xfe, 0x80, '\x00', 0x42}, @ipv4=@rand_addr=0x64010102, @icmp_id=0x64, @icmp_id=0x65}}}, {{@uncond, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0x4, "84f3", 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x8, @remote, @broadcast, @port=0x3ff, @icmp_id=0x65}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x1a, @ipv6=@dev={0xfe, 0x80, '\x00', 0x15}, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key=0xfff9, @gre_key=0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x558) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000001900010000000000000000001d01000008000900", @ANYRES32=0x0, @ANYBLOB="88000a00", @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r12 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r12, 0xc0285700, &(0x7f0000000100)={0x0, "ff0f00000000000001a82d866bf4ff0713e4b89c3c00"}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) 16.835862574s ago: executing program 0 (id=3648): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) getpeername$packet(r2, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000004c0)=0x14) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000fc0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000500)={0x8fc, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [{{0x8}, {0x1b0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xee}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x345a}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x84, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffd}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x6c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x3c, 0x4, [{0x8d38, 0xb, 0xb, 0x5}, {0x7, 0x4, 0x5, 0x200}, {0xe, 0xa, 0x6, 0x3}, {0xa759, 0x50, 0x1, 0x8}, {0x1000, 0x81, 0x5, 0x46d3}, {0x8, 0x9, 0x80, 0x9}, {0x7, 0x5, 0x58, 0x4b6}]}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0x1ec, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x26}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x80000001}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}]}, 0x8fc}, 0x1, 0x0, 0x0, 0x20004004}, 0x44014) r6 = dup(r1) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0xa, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@multicast1, @in6=@private0, 0x0, 0x19f005bcd541b3}]}, 0x38}}, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_TYPE={0x5}}}}]}, 0x38}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) connect$unix(r2, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r7, 0xae9a) ioctl$KVM_RUN(r7, 0xae80, 0x0) 16.648807599s ago: executing program 4 (id=3649): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac0ff0000000071106b00000000009500000000000000"], &(0x7f0000000480)='GPL\x00'}, 0x90) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x6b3, &(0x7f00000000c0)="$eJzs3c9vHGcdB+DPrNdbb6iC0yZthIqIEqkgRSR2rBTChYAQyqFCVTlwthKnsbJxKttFboXABQQnJA79AwqSb5yQuAeFc7n1anGqhMQl4hBxMZrZWXvtXf+I7dgxPE80ft+Z95133vnOzDs741gb4P/WrctpPkqRW5ffXirnV1emOqsrUy/VxZ0kZb6RNLtJirmkeJzcLMuLvil96YBPZm+8+/mT1S+6c816quo3dlpviCF1l+spF5KM1Omg0b1uYlN7t5O8PFCltde2NlUsg3apTuHYrQ1Y3qH2P05vWfAs1y3wgundnYrufXPAeHIqyVj9OSD16NA4uh4+HzuNcgAAAPC/4rOHx90DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHnq7/8v6qlRp7mQovf9/63esjp/oj067g4AAAAAAAAAwCH42tM8zVJO9+bXiup3/hermbP5z1rypXyQhcxkPleylOksZjHzmUwy3tdQa2l6cXF+cn3N0vA1rw1d89pR7TEAAAAAAAAAnGDtbUt+mVsbv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAXQZGMdJOsJTm7XrDcaHYXp1XNJn/v5U+IYtjCR0ffDwAAADiQsX2s8+WneZqlnO7NrxXVM/9r1fPyWD7IXBYzm8V0MpM79TN0+dTfWF2Z6qyuTD0op8F2v/evZ+pG1WK67x6qLa8/rPe2fL6q0c7dzFZLruR2VedOGtWapfO9/gzv18dln4rv1gb60Bzas2Yd1nJjv9/uLcKheNZXEeN1l3sRmaj7VkbjTDcCRfWiJtkaiV2PTnPrltLI6PqWJtNYf/Nz9kAxH+5UnZb785vnGvMdLA9buB6JRqpIXOs7+17bORLJ1//yp5/c68zdv3d34fKx7NJ+jGyzvI5E7wzLVF8kXj/RkRg+DmxvoorEufX5W/lhfpzLuZB3Mp/Z/DTTWcxM9T61NF2fz+XP8Z0jdXPT3Du79aRVH5fuMdtLny7kB1VuOherdU9nNkUe5k5m8lb171om861cz/Xc6DvC57btd7Vv1VXf2HrV9470X4d2/tI36kw7yW/rdCAGteW1ru3OzsPSHfvLuJ7pi2t3JHyyXutM39g40RelV3rRGR3a+H7GxuZX6ky5jV/V6YthvI5EeQH17hK93r3ajUSzuhcNnud/qK6Nhc7c/fl70+9v0/7WAfnNOi1Pq5Wv7rWXww/F4SrPl1cyVo8km8+OsuzV8kCObC2brMrOro9AjYGyc1VZUfSu1B9te6W26s9wgy1dq8peH1o2VZWd7yvb9HkrD9PJnSOIHwAHNJ5TrfY/25+1P23/un2v/fbY91/69ktvtDL6t9HvNCdG3my8Ufw5n+bnG8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/i18+NH96U5nZn54prF90S6Z3VrekinqL/TZ17YOMdNKchjtjG1tZ7RccOS70951d9Z+kRx5nHtfIji8zu/KTDN7afDmbnU+3lcPG0mO9zw8usxIhp8AxzwwAc/d1cUH719d+PCjb84+mH5v5r2ZudHr129M3Lj+1tTVu7OdmYnuz+PuJfA8bNz0j7snAAAAAAAAAAAAwF4N+8OAiy8fxt/AtPzPQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQ3Lqc5qMUmZy4MlHOr65Mdcqpl9+o2UzSaCTFz5LicXIz3Snjfc0V+ePjrA3ZziezN979/MnqFxttNbv1k0adHsByPeVCkpE6Paz2bh+4veLfvT0sA3apFzg4bv8NAAD//wNS+MQ=") prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$inet(0x2, 0x5, 0x273) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x2000000000000074, 0x25d) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) socket$key(0xf, 0x3, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYRESOCT=r1, @ANYRES8, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16=r1, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=") ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) syz_open_procfs(0x0, &(0x7f0000000000)='clear_refs\x00') r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000002c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0) clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000008, 0x0, 0x100000000, 0x7ff}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x80247009, 0x0) close(r5) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2) 15.787381584s ago: executing program 2 (id=3652): socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) sched_setscheduler(r0, 0x1, &(0x7f00000002c0)=0x80007) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = add_key$user(&(0x7f0000000380), &(0x7f0000000400)={'syz', 0x0}, &(0x7f0000000480)="033d2b7f", 0x4, 0x0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r2}, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) r6 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r6, &(0x7f0000000100)={0x1d, r7, 0x2}, 0x18) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c0010000120010002bbd7000ffdbdf25130105c74e224e2306000000fc010020070000001000000068143a4d000000000900000000002001", @ANYRES32=r7, @ANYBLOB="ff07000002010000ffffffffff0000002e00010082693360930ca2628f4603f91b4edcf3a2cd18730bf39d607dc8ec489fe4d18f286f81f0e32c25d825b0000003010100968355eca9c9aa6a3c0339f3f2c06fa9e326fba9085116a579dcd30e0b218170aed031e10a01918d1c3b6e042422a4d6d96ec3a3e259c0f4aa3e5ae855e110f5a4294a1da741e42ed9fa4e99a679c8f8ea60a7154788a0f359babfb8f6c8ad8b15c146cd0dc08e804af568b2d089830a37597477ca3c159848d36d36b06e082104400fe27103a5001fb43a42026cdcea3b659563f0de2444df57e499a218e2f26d348b1af03b22b64575a4ae34a99a7886748118b2ab0408b66bcc126d8ffaa9da28b99de7d7fefc84fb6c452bb891c1ec6fb172423fb185ec3794c0bd130b6b2f6debf21fdf6d98c925271f49ad8762080ae6a78340eda5d850d91bba7cd80040000100177561d142389dbf9f6a18eeff25f840770754a022c3103a7e76f1ab88e9fac64dc3506f8b0b5b1847519b0b66277469b0e4f260cbe3463e33fcc50d"], 0x1c0}, 0x1, 0x0, 0x0, 0x4048080}, 0x40) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = add_key$user(&(0x7f0000000200), &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000240)="f20ea8accdb7", 0x6, 0xfffffffffffffffe) r9 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="300000001e008d2a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000014"], 0x30}}, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) sendmsg$nl_route(r10, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="d400000010000d0400"/20, @ANYRES32=r12, @ANYBLOB="0000000000000000b400128009000100766c616e00000000a400028004000380100004800c0001000000000000000000580004800d00010000000000020000000c00010000000000000000000c00010000000800000000000c00010000000000000000000c00010000000000200000000c00010000000000000000000c0001000000000000000000340003"], 0xd4}}, 0x0) r13 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r8, r13, r8}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 15.511143995s ago: executing program 0 (id=3654): recvmsg(0xffffffffffffffff, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/20, 0x13}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = open(&(0x7f0000000000)='.\x00', 0x100, 0x4) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f0000000140)='./bus\x00') syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0176123243429aa30391176f7c0e10e0147552b3604cf4d152d642f651d9b039f0fc5c7edd51e698a9a5eed06e56c191cf51b794ba0f3304aabbaac0ceb88a432955ebd7dd9e387def4b4d80d09395d2f26d050206"], 0x1, 0x174, &(0x7f0000000240)="$eJzskj9OAkEUxr9Zlj9aGE2saCCRKBbKsqgxNlpi7wEksCJxUWE3UQjFGmMoLIylJ+AaJl5AC+MBqCmItVkzs28ns17B+RV88755b2beY8+9npcF8DMfNXEEQQpL+GAMJoACi7yZEekz6SfpUyR4p7xj8u9J895geNFwXadfPChiJWEA+BaetLzDOwMzcdTXfNTki1MAYRiG3GsBPB1qTgpAT8nJm8CqaCKUObwRHmwAqPjd64o3GG51uo2203Yubbu2Z+1Y1q5dOeu4jhX9MuUKagVcNwHweS0o+2kAD5SziCRMeRrtM7U2o8ywvJasNZTaWBleZW0W8f8FnGAdOQA3AVPckjjFhGipDoYUBVVTeV90V05sbDev3NYYDCwum8CUZ1SnSMvAVoPafhA/e0xaIq2TTkinpIU/n4wpTnikqBwAGdw2fL9f5UOKVtKzpWcvB+rA+K0vRrK5NwMajUaj0Wg0Go1G89/5DQAA///T4Xqr") ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180)) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000002240)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './file0'}}]}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000300000000000000000013020000000000"], 0x0, 0x26, 0x0, 0x9}, 0x20) creat(&(0x7f0000000140)='./file1/file0\x00', 0x183) r1 = open$dir(&(0x7f0000000480)='./file2\x00', 0x220900, 0xa1103ca7541969d1) ioctl$FIDEDUPERANGE(r1, 0x2, 0x0) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) r3 = socket(0x40000000015, 0x5, 0x0) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f0000000d80), 0x36f, 0x20102, 0x0) connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24) sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000500000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10002, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x2031, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f0000000140)={[{@nossd_spread}, {@nodatacow}, {@enospc_debug}, {@nossd}, {@nodatasum}, {@autodefrag}, {@user_subvol_rm}, {@barrier}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=") mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(0x0, 0x0) 15.359869443s ago: executing program 4 (id=3655): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) getsockopt$packet_buf(r0, 0x107, 0x5, &(0x7f0000000000)=""/40, &(0x7f0000000040)=0x28) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @mcast1}}) 14.921414504s ago: executing program 0 (id=3656): socket$inet6_udp(0xa, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT, 0x4) r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_script(r1, &(0x7f00000002c0), 0x191) close(r1) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000007c0)) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x0) pipe2(0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8, 0x2}, [@l2cap_conf_req={{0x4, 0x0, 0x4}}]}}, 0x11) dup(r4) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xfffff000}], 0x2) r6 = socket$packet(0x11, 0x3, 0x300) dup(r6) r7 = fcntl$dupfd(r2, 0x0, r6) r8 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x74, 0x93, 0x1d, 0x40, 0xc45, 0x614a, 0xe6af, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9c, 0x80, 0xf4}}]}}]}}, 0x0) syz_usb_control_io(r8, 0x0, 0x0) syz_usb_control_io(r8, 0x0, &(0x7f0000000a80)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r7, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0}) mmap$dsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x100000d, 0x80010, r3, 0x0) syz_usb_control_io$cdc_ecm(r8, &(0x7f0000000300)={0x14, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f0000000280)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000480)={0x1c, &(0x7f0000000500)={0x20, 0xe, 0xed, "77104f62a1c9ab3fc6ac42c576cd3a28437ed4b94ec5973939b5b1abc7f3c1e08123bd74401486ccbbe32628e4d0eb803355a95aa492759ed76ddc46a0e6709f464a27ca5981d4b65e89414f405a6a0fc5e11fee1214a33c8b94e4c82954490d963931bf4bc9d81299fdc93494f2c84266c54c4a0e070394b0240b223edbec6a7a488feb81f41689a19a852a15fff1993a40bb3981513a4ea1cbb70298cdf832aa0e0fb9bb47cd51516bb6424de84e4fae59423582a188bc4dc679addfa04f4b5bc5fa383b025700c00f53e66717fc13117cc5dd22c1730eef5e7da0c58793dbd6a2fea6d8ef584318df6d8a9a"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x8}}) eventfd2(0x8001, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 13.899914692s ago: executing program 4 (id=3657): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000000a40)={0x2020}, 0x2) r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) (async) r3 = socket$nl_route(0x10, 0x3, 0x0) (async) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x4c}}, 0x0) (async) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, 0x0) (async) sendfile(r2, r1, 0x0, 0x3a) (async) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x38, 0x21, 0x107, 0x0, 0x0, {0x1, 0x2}, [@nested={0x10, 0x1, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @typed={0x14, 0xc, 0x0, 0x0, @ipv6=@private2}]}, 0x38}}, 0x0) 13.775467475s ago: executing program 2 (id=3658): openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioprio_set$pid(0x0, 0x0, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = dup(r3) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3) close_range(r5, 0xffffffffffffffff, 0x0) sendfile(r4, r4, 0x0, 0x20003) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r7, &(0x7f0000000040)=0xffffffffffffffff, 0x12) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRESHEX], 0x50}, 0x1, 0x0, 0x0, 0x2841}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x2}]}) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) setsockopt$inet6_udp_encap(r7, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) 13.250156047s ago: executing program 4 (id=3660): r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="5400000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000340012800c0001006d6163766c616e00240002800800010010000000100005800a"], 0x54}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) (fail_nth: 7) 11.917794188s ago: executing program 2 (id=3661): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac0ff0000000071106b00000000009500000000000000"], &(0x7f0000000480)='GPL\x00'}, 0x90) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x6b3, &(0x7f00000000c0)="$eJzs3c9vHGcdB+DPrNdbb6iC0yZthIqIEqkgRSR2rBTChYAQyqFCVTlwthKnsbJxKttFboXABQQnJA79AwqSb5yQuAeFc7n1anGqhMQl4hBxMZrZWXvtXf+I7dgxPE80ft+Z95133vnOzDs741gb4P/WrctpPkqRW5ffXirnV1emOqsrUy/VxZ0kZb6RNLtJirmkeJzcLMuLvil96YBPZm+8+/mT1S+6c816quo3dlpviCF1l+spF5KM1Omg0b1uYlN7t5O8PFCltde2NlUsg3apTuHYrQ1Y3qH2P05vWfAs1y3wgundnYrufXPAeHIqyVj9OSD16NA4uh4+HzuNcgAAAPC/4rOHx90DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHnq7/8v6qlRp7mQovf9/63esjp/oj067g4AAAAAAAAAwCH42tM8zVJO9+bXiup3/hermbP5z1rypXyQhcxkPleylOksZjHzmUwy3tdQa2l6cXF+cn3N0vA1rw1d89pR7TEAAAAAAAAAnGDtbUt+mVsbv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAXQZGMdJOsJTm7XrDcaHYXp1XNJn/v5U+IYtjCR0ffDwAAADiQsX2s8+WneZqlnO7NrxXVM/9r1fPyWD7IXBYzm8V0MpM79TN0+dTfWF2Z6qyuTD0op8F2v/evZ+pG1WK67x6qLa8/rPe2fL6q0c7dzFZLruR2VedOGtWapfO9/gzv18dln4rv1gb60Bzas2Yd1nJjv9/uLcKheNZXEeN1l3sRmaj7VkbjTDcCRfWiJtkaiV2PTnPrltLI6PqWJtNYf/Nz9kAxH+5UnZb785vnGvMdLA9buB6JRqpIXOs7+17bORLJ1//yp5/c68zdv3d34fKx7NJ+jGyzvI5E7wzLVF8kXj/RkRg+DmxvoorEufX5W/lhfpzLuZB3Mp/Z/DTTWcxM9T61NF2fz+XP8Z0jdXPT3Du79aRVH5fuMdtLny7kB1VuOherdU9nNkUe5k5m8lb171om861cz/Xc6DvC57btd7Vv1VXf2HrV9470X4d2/tI36kw7yW/rdCAGteW1ru3OzsPSHfvLuJ7pi2t3JHyyXutM39g40RelV3rRGR3a+H7GxuZX6ky5jV/V6YthvI5EeQH17hK93r3ajUSzuhcNnud/qK6Nhc7c/fl70+9v0/7WAfnNOi1Pq5Wv7rWXww/F4SrPl1cyVo8km8+OsuzV8kCObC2brMrOro9AjYGyc1VZUfSu1B9te6W26s9wgy1dq8peH1o2VZWd7yvb9HkrD9PJnSOIHwAHNJ5TrfY/25+1P23/un2v/fbY91/69ktvtDL6t9HvNCdG3my8Ufw5n+bnG8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/i18+NH96U5nZn54prF90S6Z3VrekinqL/TZ17YOMdNKchjtjG1tZ7RccOS70951d9Z+kRx5nHtfIji8zu/KTDN7afDmbnU+3lcPG0mO9zw8usxIhp8AxzwwAc/d1cUH719d+PCjb84+mH5v5r2ZudHr129M3Lj+1tTVu7OdmYnuz+PuJfA8bNz0j7snAAAAAAAAAAAAwF4N+8OAiy8fxt/AtPzPQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQ3Lqc5qMUmZy4MlHOr65Mdcqpl9+o2UzSaCTFz5LicXIz3Snjfc0V+ePjrA3ZziezN979/MnqFxttNbv1k0adHsByPeVCkpE6Paz2bh+4veLfvT0sA3apFzg4bv8NAAD//wNS+MQ=") prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$inet(0x2, 0x5, 0x273) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x2000000000000074, 0x25d) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) socket$key(0xf, 0x3, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYRESOCT=r1, @ANYRES8, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16=r1, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=") ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) syz_open_procfs(0x0, &(0x7f0000000000)='clear_refs\x00') r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000002c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0) clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000008, 0x0, 0x100000000, 0x7ff}) fanotify_init(0x200, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x80247009, 0x0) close(r5) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) 11.762532871s ago: executing program 4 (id=3662): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'vlan0\x00', &(0x7f0000000080)=@ethtool_wolinfo={0x6, 0x0, 0x0, "9cf40a86e36b"}}) move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) socket$kcm(0x10, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r3) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0da1d5ac51cbf6b2", @ANYRES16=r7, @ANYBLOB="00022cbd7000fcdbdf25420000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f70730000000005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f7073000000000500830000000000"], 0x84}, 0x1, 0x0, 0x0, 0x8094}, 0x81) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="05000000000000000000ecff000008000309", @ANYRES32=r6, @ANYBLOB="0800050003000000"], 0x24}}, 0x0) 11.623300163s ago: executing program 0 (id=3663): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) getpeername$packet(r2, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000004c0)=0x14) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000fc0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000500)={0x8fc, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [{{0x8}, {0x1b0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xee}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x345a}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x84, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffd}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x6c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x3c, 0x4, [{0x8d38, 0xb, 0xb, 0x5}, {0x7, 0x4, 0x5, 0x200}, {0xe, 0xa, 0x6, 0x3}, {0xa759, 0x50, 0x1, 0x8}, {0x1000, 0x81, 0x5, 0x46d3}, {0x8, 0x9, 0x80, 0x9}, {0x7, 0x5, 0x58, 0x4b6}]}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0x1ec, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x26}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x80000001}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}]}, 0x8fc}, 0x1, 0x0, 0x0, 0x20004004}, 0x44014) r6 = dup(r1) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0xa, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@multicast1, @in6=@private0, 0x0, 0x19f005bcd541b3}]}, 0x38}}, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_TYPE={0x5}}}}]}, 0x38}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) connect$unix(r2, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r7, 0xae9a) ioctl$KVM_RUN(r7, 0xae80, 0x0) 11.371819674s ago: executing program 3 (id=3664): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04050401c9"], 0x7) add_key(0x0, &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000100), 0x0, 0xfffffffffffffffe) syz_emit_ethernet(0x6e, &(0x7f0000001b80)={@local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x0, 0x0, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x1d, 0x0, [{0x0, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @rr={0x7, 0x7, 0x0, [@multicast1]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "f116177b"}]}]}}}}}}}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x200, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) r3 = open(&(0x7f00000000c0)='./file1\x00', 0x10d142, 0x0) ioctl$FICLONE(r3, 0x40049409, r3) fcntl$setlease(r2, 0x8, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x21) truncate(&(0x7f0000000080)='./file1\x00', 0x0) sendmsg$NFT_MSG_GETSET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000007c0)={0x20, 0xa, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0) 11.110535259s ago: executing program 4 (id=3665): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f00000000c0)=0x100000, 0x2c) r1 = socket$netlink(0x10, 0x3, 0x400000000000004) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000240)="480000001400190d09004beafd0d8c562c84ed7a80ffe05e959126dda8900db462060f000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7", 0x48}], 0x1) r2 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) open$dir(0x0, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301) ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000980)=@urb_type_bulk={0x3, {0x5, 0x1}, 0x600c, 0xc7, &(0x7f00000003c0)="68924ac614e07886a2bb2b00602eab62cb1908cf34c40aea9fc0223338648d5fae9790709fca03760074f49bc226420041ed7e80eeeeeb825271e7769edca4ef6d35cade8f8faf48d048b424201955d90a1354ae6be9f880a60b19171e30fe409ebdbc4058240c7df57a9b8257b7966d3af76cedb64597b3f651c9598c1302c4e81d83f1cf1b7c7d118f636fb669cf8cf05249723e268cb176d3313246cde296946dab605e135dd2b93042d3f9cecf55d34173befee87d43ee05c6cca73a189058eeb084b235d89767ddd4a12b9918ccd1a4d263bf8806c63f3d57444231bc2795b26b236addd8915079240ebb3f395d293f01", 0xf3, 0x0, 0xffffc38f, 0x8, 0x8, 0x2, &(0x7f00000004c0)="6d25f92cd8a9a63198ed059414b5afbeadc9c1b3ef1d8ba2c0bf5dd8ba2846fa6eb600db6e523de838c3872dc94b9c370e7fb0035c8a446adf302b31a8f7d324495128bc9ea457e351e8db0edf034fd835419e95d00c34f857367aba197a8e87582265"}) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) readv(r4, &(0x7f0000000900)=[{&(0x7f0000000640)=""/159, 0x9f}], 0x1) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x202, 0x0) rt_sigaction(0x19, &(0x7f00000000c0)={&(0x7f0000000080)="366465f029144d00000081f30fc27f5e06ae0d0fd82e2e460f01d626f00994aff7000000c4c1796f960600000040cd00c4e2f1453c99f340a56544ca0c00", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000)) ftruncate(r6, 0x4000000000800) ioctl$VHOST_SET_VRING_ADDR(r5, 0x4008af21, &(0x7f00000001c0)={0x0, 0x4000000, 0x0, 0x0, 0x0}) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000080)=0xb309) syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x12, &(0x7f0000000140)=@conn_svc_rsp={0x0, 0x0, 0xa, "4c4a39e4", {0x3, 0x101, 0x0, 0x8, 0x85, 0x9, 0xc}}) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r7, 0x890b, &(0x7f00000000c0)={@loopback, @private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffa, 0x8000, 0x1, 0x100, 0x7, 0x100000, r8}) r9 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f0000000780), 0x4) add_key(&(0x7f00000002c0)='logon\x00', &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000540)="140509de6374a93a4198871af71051e9a5e828d264e8a349e0144241fae8bd56e0f4bd5e7d82b4d5695b6ee98e2b2c099f9a7ce2f101c4f98d3380f34996c08d232b8b7a5e2e0d6afb0a0e603bb432dba728666dd0d01365d332ae1ee74ae85b9d28c34065797c9cbde9b7c07dcf5c3e79d54e49f8f4543ca8900d7cbe310ecff216b169249ba948de698158154a3f9ecd1bd82982d1e233b7e8b2ac9b93fa", 0x9f, 0xfffffffffffffffc) setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x7}, 0x4) syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x8, &(0x7f0000000080)=ANY=[]) r10 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC_PROXY(r10, 0x0, 0xd2, &(0x7f0000000040)={@remote, @local, 0x0, "5bc124a9f61874ca47cb07b9f68686573b0df3fe51604f4e7dfb79dbf5bcda2e", 0x4, 0x40, 0x1000, 0x550}, 0x3c) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast1, @local, @private1}) syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x8, &(0x7f0000000240)=ANY=[]) 10.537816232s ago: executing program 2 (id=3666): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x2}}}]}, 0x48}}, 0x0) (fail_nth: 2) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0x0, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x5}}]}}]}, 0x48}}, 0x0) getsockopt$IP_SET_OP_GET_BYINDEX(r5, 0x1, 0x53, &(0x7f0000000080), 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3200000, &(0x7f0000000180), 0x1, 0x595, &(0x7f0000000b40)="$eJzs3c9rHFUcAPDvTH40bdWkUAp6kEAPVmo3TeKPCh7qUbRY0Hsbkm0o2XRLdlOaWLA92IsXKYKIBdG7d4/Ff8C/oqCFIiXoQYSVSWbTbbObbNJNsu1+PjDte/Nm973vzry3b3YmTAA9azT7J414NSK+SSKGG8r6Iy8cXdtu5dGN6WxJolb77K8kknxdffsk//9wnvmvVqv99lXEyXRjvZWl5bmpUqm4kOfHIrk6VllaPnV5fmq2OFu8MjE5eeadyYn333u3Y7G+ef6f7z+999GZr4+vfPfLgyN3kjgbtS/XyhrjeAY3GzOjMZp/JgNx9qkNxztQWTdJ9rsB7Ehf3s8HIhsDhqMv7/VN1Yb3smnALsu+/mpAj0r0f+hR9XlA/dy+Q+fBz42HH66dAG2Mv3/tt5EYWj03OrSSPHFmlJ3vjnSg/qyOX/+8eydbonO/QwBs6eatiDjd379x/Evy8W/nTrexzdN1GP9g79zL5j9vNZv/pOvzn2gy/zncpO/uxNb9P33QgWpayuZ/HzSd/65ftBrpy3Mvr875BpJLl0vFbGx7JSJOxMCBLL/J9ZyL6cr9WqvCxvlftmT11+eCeTse9B948jUzU9WpZwq6wcNbEa81nf8m6/s/abL/s8/jfJt1HCvefb1V2dbxP3ZxO4G1qfZTxBtN9//jK1pZaqw63+r65Njq8TBWPyo2+vv2sd9b1b+d+HdDtv8PbR7/SNJ4vbay/Tp+HPq32Kpsp8f/YPL5anowX3d9qlpdGI8YTD7ZuH7i8Wvr+fr2Wfwnjm8+/jU7/g9u43i8ffR246ZDm8U/0OZ7dkoW/8y29v/2E/c//uKHVvW3t//fXk2dyNe0M/6128Bn+ewAAAAAAACg26QR8VIkaWE9naaFwtr9HUfjUFoqV6onL5UXr8xkZav3P6T1K93DDfdDjOf3w9bzE0/lJyPiSER823dwNV+YLpdm9jt4AAAAAAAAAAAAAAAAAAAA6BKHI4aa/f1/5o++/W4dsOs2eeR3K3v9nAJgl7Tu/3lJJ570BHSlxv5/YB/bAey9Hcz/gRdEG/0/3Yt2AHvP9z/0Lv0fepf+D71L/4fetZ3+//O5XWwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBjOnzuXLbWVRzems/zMtaXFufK1UzPFylxhfnG6MF1euFqYLZdnS8XCdHl+q/crlctXxydi8fpYtVipjlWWli/MlxevVC9cnp+aLV4oem44AAAAAAAAAAAAAAAAAAAAbFRZWp6bKpWKC12UGOyOZjx/iRiJ2KO6Iq2v6e+O2Fsl0vxA75b2PDeJfR6YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDB/wEAAP//uJYz3g==") r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r8, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d56549b}) creat(&(0x7f00000000c0)='./file0\x00', 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b80a0000000f23c80f21f866350c00a0000f23f866b9800000c00f326635000400000f300fc76a002e0f080f23742e3b5753baf80c66b8f494f78e66efbafc0c66b83ac8000066efda6509", 0x4f}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) getpid() 10.360993424s ago: executing program 0 (id=3667): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xaf}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="5400000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000340012800c0001006d6163766c616e00240002800800010010000000100005800a"], 0x54}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 9.880746026s ago: executing program 3 (id=3668): syz_clone3(&(0x7f0000000180)={0x100, &(0x7f0000000000), &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0, {0x3e}, &(0x7f00000000c0)=""/26, 0x1a, &(0x7f0000000100)=""/51, &(0x7f0000000140)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58) prlimit64(r0, 0xa, &(0x7f0000000200)={0xffffffff, 0x101}, &(0x7f0000000240)) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ptrace$ARCH_SET_GS(0x1e, r0, &(0x7f00000002c0), 0x1001) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000300)=0x0) ptrace$setsig(0x4203, r4, 0x800, &(0x7f0000000340)={0x33, 0x2, 0x10}) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101000, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000400)=0x3) r6 = socket$packet(0x11, 0x2, 0x300) epoll_create1(0x80000) ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000440)={'wg1\x00', 0x0}) connect$packet(r6, &(0x7f0000000480)={0x11, 0x11, r7, 0x1, 0x5, 0x6, @multicast}, 0x14) r8 = dup(r3) sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, 0x2, 0x3, 0x101, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}, @NFQA_CFG_FLAGS={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x20048001) capset(&(0x7f00000005c0)={0x20071026, r0}, &(0x7f0000000600)={0x800, 0x40, 0xa8, 0x0, 0x3, 0x1000}) r9 = getpgid(r0) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r8, 0x84, 0x20, &(0x7f0000000640)=0x8, 0x4) sendmsg$AUDIT_TTY_GET(r8, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x1429e0713daf2719}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x10, 0x3f8, 0x100, 0x70bd2d, 0x25dfdbfc, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) setsockopt$MISDN_TIME_STAMP(r8, 0x0, 0x1, &(0x7f0000000780), 0x4) tkill(r9, 0x3f) waitid$P_PIDFD(0x3, r8, 0x0, 0x8, &(0x7f00000007c0)) ioctl$int_out(0xffffffffffffffff, 0x2, &(0x7f0000000880)) ptrace$peek(0x3, r1, &(0x7f00000008c0)) socket$tipc(0x1e, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000900)={'wlan0\x00'}) getrlimit(0xa, &(0x7f0000000940)) r10 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000980), 0x8c100, 0x0) getsockopt$TIPC_SRC_DROPPABLE(r10, 0x10f, 0x80, &(0x7f00000009c0), &(0x7f0000000a00)=0x4) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000a40)={0x8, 0x7, 0x8000, 0x1}, 0x10) 9.542479242s ago: executing program 3 (id=3669): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) r4 = open(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) fcntl$notify(r4, 0x402, 0x15) openat$capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x25, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 8.44097795s ago: executing program 3 (id=3670): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800000, &(0x7f0000000100)=ANY=[@ANYBLOB='nobarrier,mode=lfs,fsync_mode=strict\x00acl,\x00'], 0x1, 0x552d, &(0x7f000000d000)="$eJzs3M1rI2UYAPAn7Xa7X65FPHjbgUVoYRM23Q/0VnUXP7BLWfXgSdMkDdlNMqVJ09qTB4/iwf9EFDx59G/w4NmbeFC8CUpmJrpdFVybtN3294PJM/PmnWeeN5TCMxMSwKm1kPz6cykux/mImI2ISxHZfqnYMit5eCEirkTEzCNbqRj/c+BsRFyIiMtxbnx6qXjr82vDq7d+euuXb76bP3Pxi6+/P5IFA8fCixHR3cz3d7p5TFt5fFCM14btLHZvDouYv9F9WBynedxprmcZdmrjebUs3mjl89PN7f4obnRq9VFstTey8c1efsH+sDXOk53woLaVHTea61ls99Mstvbyunb38v+Xe/1BnqdR5PsoSx+DwTjm483dZr6ezYdZrPcGxXieN200d0dxWMTiclFPO42sjvWDfNLH29vt3vZuMmxu9dtpL7lVqb5Uqd4uV7fSRnPQvFmudRu3byaLrc5oWnnQrHVXWmna6jQr9bS7lCy26vVytZos3mmut2u9pFqt3KhcL99aKvauJa/fey/pNJLFUXy13dsetDv9ZCPdSvIzlpLlyo2Xl5Kr1eSd1bVk7f7du6tr735w5/17r6y++Vox6W9lJYvL15eXy9Xr5eXq0ila/ydF0RNcPxxI6cmmz0+rDoCnyBT7/4iFPKf+H3jc9Pr/rfsR0+//Q/8/EU9V/3va+/8prB8O5An7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATo4f5r58I9tZyI8vFuPPFEPPFceliJiJiN//wWyc3Zdztsgz9y/z5x6r4dtSZBlG15gvtgsRsVJsvz077U8BAAAATq6vPr7yWd6t5y8LR10Qhym/aTNz6cMJ5StFxNzCjxPKNjN6eX5CybK/7zOxO6Fs2Q2scxNKlt9yOzOpbP/J7L5w7pFQysPMoZYDAAAciv2dwOF2IQAAABymT4+6AI5GKcaPMsfPgrNv3v/1QPD8viMAAADgKM3/v9NKk64DAAAAOHay/t/v/wEAAMDJlv/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAHO3eUozQQxwH435YKikZifDTxKPoGx/AIPvpoOICX4Ah4BS/AGfDNIxjY0OmSZcNudtNp2d18X9IO0ww/Zgg8zEwyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQp7/1evH75+dfXXN2+27yjAYAAAA4Z1uvF82LWapP2+fv2kcf2noREWVEnJu7V/HqJLOKiE8RUd/Rvr7Vhz8RTcLhM8bt9SYivrbX//d9fwsAAADwcm2Wq3marafb7NIdYkhp0aZ8+y1TXhER9exfprTykPcxU1jz+x7Fj0xpzQLWJFNYWnIb5Up7kObvfly1m9woilSU978/29gBAIABVSfFsLMQAAAAhvT9cPty6V7QXfW45kVcb2UetwLHqWi3916f1AAAAIBnqLh0BwAAAIDeNfP/vs7/mzr/DwAAAJ6EdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfdrW68VmuZp3zdntu8kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAK/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J/fDIhhKIqjd2Yy/75V9r/YuqS6hCrnEH7yJDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABu5H/EY50zXo0tyUjybLx7PZN8Omp8O2r8+mCuD8e8cCMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY2bmf1ziqOADgb2Z2tmlVXKPkEBELHvRi021t7U08KMGDf4IQ0m2N3fqjzcGWIuTiTXLuRfQoIijx1v+h5xZ6qbcecqjguTK/kpc04KpkZtP9fODN+84wmfd9sxDynTdZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYY/v93TgrNoMqTutj9x7fWi36+/v6wp3NB4tFK+KkzaSPhtfinWQh2plrPxkAAABmQ9bU9yGEh/nWctGng7L+z5tzipr/hxequKnn99f9Td/U/kX7/bdHr+wMNKjGKS56aW08Ov10Kr3Dm+V0e/Efz+iVd7589pKVH0j60cbL23l5P5Pv7t79oF+Gx9rIFgD4L041fR00fw8V/bDLxACYGb2o8G7q/2zQbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdjeCM81cRJCWOztxoX7j2+tHtTf2Xyw2LTzt29vxtcsLpGHEC6tjUenw1yLs5lu12/cvLIyHo+utR+8HkLoavT36ulf+WSCk0M4pDROdnTnZyxI6w97WvI5GkGHv5QAAHgm5XUr6vqH+dZycSyZD+HJj3vr/zejOExY/z/69Py9eKy4/h+2NsPpt7R+9cul6zduvr12deXy6PLo83fODN8dnr1w7tyFpfJZSbXtOk0AAACOsH7d4vo/nX96/f9EFIcJ6/+vvh9+E4+Vqf8PtLvo13UmAAAAs+2lk3/9mRxwPOn3w9cr6+vXhtV2Z/9Mte0g1X/tWN3i+j+b7zorAAAAoA3bG8me9f+LURwmXP9//qdXf4mvmYUQjtfr/6dWvxhfbG86U+1//Idw6E34413PEQAAgHY92fciw/G6xev/efn+f7pzZhpCeOuNKq6/BnCi+j/78Nuf47Hi9//PHvI8p126UN2Psl8IobfQdUYAAAA8y+bKNijr/z/yreXPfj3xcd/7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt+zsAAP//RP895g==") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x20, &(0x7f0000000340)={&(0x7f00000004c0)=""/224, 0xe0, 0x0, &(0x7f0000000300)=""/1, 0x1}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x32600) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 8.104963855s ago: executing program 2 (id=3671): openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioprio_set$pid(0x0, 0x0, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = dup(r3) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3) close_range(r5, 0xffffffffffffffff, 0x0) sendfile(r4, r4, 0x0, 0x20003) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r7, &(0x7f0000000040)=0xffffffffffffffff, 0x12) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRESHEX], 0x50}, 0x1, 0x0, 0x0, 0x2841}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x2}]}) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) setsockopt$inet6_udp_encap(r7, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) 4.78882592s ago: executing program 3 (id=3672): socket$inet6_udp(0xa, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT, 0x4) r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_script(r1, &(0x7f00000002c0), 0x191) close(r1) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000007c0)) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x0) pipe2(0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8, 0x2}, [@l2cap_conf_req={{0x4, 0x0, 0x4}}]}}, 0x11) dup(r4) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xfffff000}], 0x2) r6 = socket$packet(0x11, 0x3, 0x300) dup(r6) r7 = fcntl$dupfd(r2, 0x0, r6) r8 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x74, 0x93, 0x1d, 0x40, 0xc45, 0x614a, 0xe6af, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9c, 0x80, 0xf4}}]}}]}}, 0x0) syz_usb_control_io(r8, 0x0, 0x0) syz_usb_control_io(r8, 0x0, &(0x7f0000000a80)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r7, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0}) mmap$dsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x100000d, 0x80010, r3, 0x0) syz_usb_control_io$cdc_ecm(r8, &(0x7f0000000300)={0x14, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f0000000280)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000480)={0x1c, &(0x7f0000000500)={0x20, 0xe, 0xed, "77104f62a1c9ab3fc6ac42c576cd3a28437ed4b94ec5973939b5b1abc7f3c1e08123bd74401486ccbbe32628e4d0eb803355a95aa492759ed76ddc46a0e6709f464a27ca5981d4b65e89414f405a6a0fc5e11fee1214a33c8b94e4c82954490d963931bf4bc9d81299fdc93494f2c84266c54c4a0e070394b0240b223edbec6a7a488feb81f41689a19a852a15fff1993a40bb3981513a4ea1cbb70298cdf832aa0e0fb9bb47cd51516bb6424de84e4fae59423582a188bc4dc679addfa04f4b5bc5fa383b025700c00f53e66717fc13117cc5dd22c1730eef5e7da0c58793dbd6a2fea6d8ef584318df6d8a9a"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x8}}) eventfd2(0x8001, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 137.987662ms ago: executing program 2 (id=3675): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac0ff0000000071106b00000000009500000000000000"], &(0x7f0000000480)='GPL\x00'}, 0x90) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x6b3, &(0x7f00000000c0)="$eJzs3c9vHGcdB+DPrNdbb6iC0yZthIqIEqkgRSR2rBTChYAQyqFCVTlwthKnsbJxKttFboXABQQnJA79AwqSb5yQuAeFc7n1anGqhMQl4hBxMZrZWXvtXf+I7dgxPE80ft+Z95133vnOzDs741gb4P/WrctpPkqRW5ffXirnV1emOqsrUy/VxZ0kZb6RNLtJirmkeJzcLMuLvil96YBPZm+8+/mT1S+6c816quo3dlpviCF1l+spF5KM1Omg0b1uYlN7t5O8PFCltde2NlUsg3apTuHYrQ1Y3qH2P05vWfAs1y3wgundnYrufXPAeHIqyVj9OSD16NA4uh4+HzuNcgAAAPC/4rOHx90DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHnq7/8v6qlRp7mQovf9/63esjp/oj067g4AAAAAAAAAwCH42tM8zVJO9+bXiup3/hermbP5z1rypXyQhcxkPleylOksZjHzmUwy3tdQa2l6cXF+cn3N0vA1rw1d89pR7TEAAAAAAAAAnGDtbUt+mVsbv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAXQZGMdJOsJTm7XrDcaHYXp1XNJn/v5U+IYtjCR0ffDwAAADiQsX2s8+WneZqlnO7NrxXVM/9r1fPyWD7IXBYzm8V0MpM79TN0+dTfWF2Z6qyuTD0op8F2v/evZ+pG1WK67x6qLa8/rPe2fL6q0c7dzFZLruR2VedOGtWapfO9/gzv18dln4rv1gb60Bzas2Yd1nJjv9/uLcKheNZXEeN1l3sRmaj7VkbjTDcCRfWiJtkaiV2PTnPrltLI6PqWJtNYf/Nz9kAxH+5UnZb785vnGvMdLA9buB6JRqpIXOs7+17bORLJ1//yp5/c68zdv3d34fKx7NJ+jGyzvI5E7wzLVF8kXj/RkRg+DmxvoorEufX5W/lhfpzLuZB3Mp/Z/DTTWcxM9T61NF2fz+XP8Z0jdXPT3Du79aRVH5fuMdtLny7kB1VuOherdU9nNkUe5k5m8lb171om861cz/Xc6DvC57btd7Vv1VXf2HrV9470X4d2/tI36kw7yW/rdCAGteW1ru3OzsPSHfvLuJ7pi2t3JHyyXutM39g40RelV3rRGR3a+H7GxuZX6ky5jV/V6YthvI5EeQH17hK93r3ajUSzuhcNnud/qK6Nhc7c/fl70+9v0/7WAfnNOi1Pq5Wv7rWXww/F4SrPl1cyVo8km8+OsuzV8kCObC2brMrOro9AjYGyc1VZUfSu1B9te6W26s9wgy1dq8peH1o2VZWd7yvb9HkrD9PJnSOIHwAHNJ5TrfY/25+1P23/un2v/fbY91/69ktvtDL6t9HvNCdG3my8Ufw5n+bnG8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/i18+NH96U5nZn54prF90S6Z3VrekinqL/TZ17YOMdNKchjtjG1tZ7RccOS70951d9Z+kRx5nHtfIji8zu/KTDN7afDmbnU+3lcPG0mO9zw8usxIhp8AxzwwAc/d1cUH719d+PCjb84+mH5v5r2ZudHr129M3Lj+1tTVu7OdmYnuz+PuJfA8bNz0j7snAAAAAAAAAAAAwF4N+8OAiy8fxt/AtPzPQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQ3Lqc5qMUmZy4MlHOr65Mdcqpl9+o2UzSaCTFz5LicXIz3Snjfc0V+ePjrA3ZziezN979/MnqFxttNbv1k0adHsByPeVCkpE6Paz2bh+4veLfvT0sA3apFzg4bv8NAAD//wNS+MQ=") prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$inet(0x2, 0x5, 0x273) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x2000000000000074, 0x25d) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) socket$key(0xf, 0x3, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYRESOCT=r1, @ANYRES8, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16=r1, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=") ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) syz_open_procfs(0x0, &(0x7f0000000000)='clear_refs\x00') r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000002c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0) clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000008, 0x0, 0x100000000, 0x7ff}) fanotify_init(0x200, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x80247009, 0x0) close(r5) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) 0s ago: executing program 3 (id=3676): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) prctl$PR_SET_MM(0x23, 0x0, &(0x7f00002d5000/0x2000)=nil) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001d80)=[{{&(0x7f00000001c0)={0xa, 0x4e22, 0x7ff, @remote}, 0x1c, &(0x7f0000000240)=[{&(0x7f00000004c0)="183113e4dda9bd3a9c3c79e2f394566924a274258dd5fab8f127c5b9d63ff926ccede57a690d21d7080133e2730f141e48c0fbd1343a624907ca34daad3dfc6143d4c4d59f2251a9914bed53a273d8f588f81cfbf48ee43873f5e5da31a797d5c6560d132994b3225583d497ff5db6c5d583eede0991f628692e617896de85eede56e8b56e73ef42f4242194a7ec75925100d3b715c19a41a419084e83d5b611abcdfc3db669c619c2018d9d200b16bdb072e2e834aaaad30a5c86f0f784210fb6895f76", 0xc4}], 0x1, &(0x7f00000002c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x5}}], 0x18}}, {{&(0x7f0000000340)={0xa, 0x4e22, 0x6eb, @loopback, 0x2}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000380)}, {&(0x7f00000003c0)="e128669f66a0f128d69ad5a6faa34e7b4431d1bc708cc1e98adadd01b708397d0cd074", 0x23}, {&(0x7f00000005c0)="8ff702ad0468b29a8df346c0d0bcbad476cd29afe107563732ea12058cbfcc140703aaa90d8419e63de044e374786276c5c1abb4c7f06dc094f5e1", 0x3b}], 0x3}}, {{&(0x7f00000006c0)={0xa, 0x4e20, 0x4, @private1, 0x1000}, 0x1c, &(0x7f0000001040)=[{&(0x7f0000000c00)="d432776d3dc55a66029914fc46302acd8e8920c3f5d423f985529730edea3653885fdd8aa1ac71de0f9d89b05cc41f8fc7773a94825eb9b853009aefc309952db467331bc7e25d20d5a5189f133d0b15c87f92b23973eb43fe3ed8fb5e79b52458c4c31dd18b2b33a276b2f2fdf2abba4bf98774a7bc352ef9c1b18c566bc4d8115bd3aed890ff978a549ef9efd222e9fe00d261f5224177af6856b5a7973ee956a3efc866196dddb43d6d13b761f4aee916b2a41e64e738c43e9f5c48071ada262d35804e5644", 0xc7}, {&(0x7f0000000d00)="6b1051b497e914cd46c169302139c3790ed48a60d1190f00ebdc80551d3acf31188ee879713953b4492377e752530bc62c98bb92f7c8ec6a9c42a545ff4a3c6cefd5349df456eda0205ce7a7d37b3e0b9a48dfb93f3fecd74a1c952a0f86428d1dcc0a9a2732b5cc34a15f40cfc387a1e87604fe37f7854f6f579077ec9df1c7f580caf4b02d027abd402ff07710432a29ed37139ac1db9e0280904204e16c686d3a73f4583b12361bacd23fff1a75969ad486", 0xb3}, {&(0x7f0000000700)="4d9dfa5b2bbc7ecf709ddbb9dad9417aeabd28cfeb8efac5b14d552b960fdd38", 0x20}, {&(0x7f0000000dc0)="b44a2acdec4bbac5dda59e1b5ff80c2c4e3f8867e0f7c91a6127142cd8ad97a552add9c15253b9bc7d4dbb8268bda0145f16cc2199e3a0dcd1afb7548912ea681b6863d370b407aadf90fbec92029adbc9de385d57b8db028de30ab4003156624d8b2982df465287fc5475676e96151a7d4a", 0x72}, {&(0x7f0000000e40)="354e727c9401b2fc5997492de0008d105c82ee0fc0422f0500978b110c02eba37b237b07db3c29c44ac55f3e4af511f9b3", 0x31}, {&(0x7f0000000e80)="d877817df154d02780e0fb68650142bc3527bb846079e8fb0589577aaa57266f1d61e0294bfc62f855b43b8a3404985a24aa48e19bf0c0bc59441e0fb8fe47f698a634a59888317db9e474d1cf0a8d9ec27006f5e11dd9f0b249afcf6ac9ec6969a224a6b83961ab27366dcb2b24b523565bc37323bb29feda6bbb0956aabc1754d2cf77d2350b", 0x87}, {&(0x7f0000000f40)="08bb14054512e9119494c4904fedf01564aced8199cba3d1a05389e44c5e3ea9db83d80bbd5277cfe44236f16342e24b16129525efb9efd8b99e17e3fb80b27361471de6aed0046e508d9bcb9568d38fbc3be5a05ec3302cebc6ca9f59b35d023a50896a56796f915b3f06ec730c672a3dbad593b164804c757d7893e9d6269d481cbfe03e341ad03f6de78d97756c7f2b37d455d6775a2a7ea92580d6d0a2d8059685459f06285da0cd009518f823653a7d1751d0a3f54cddfdaecf9120fd2808a5b0a0744cf5d09ebaf507dfc1f4a6826598c58b5893739d09709f5d08e02a5af3", 0xe2}], 0x7, &(0x7f00000010c0)=ANY=[@ANYBLOB="140000000000000029000000080000000800000000000000a80000000000000029000000360000003b11000000000000003f68fc3ed98530a0f17e42bc32f31d14cc9037088db27859efbe1fec2a8c7e51ed603a7ceada15f943ac30db810a4702fc9997880b95263d9de862f0922edc4f050202000502000305020000072000000002060ee0f400000000000000800400000000000000ff000000000000000106000000000000c20400000fff010700000000000000c2040000004100000000180000000000000029000000390000000c00020100000000480000000000000029000000390000001106027f00000000fc01000000000000000000000000000100000000000000000000ffffac1414bbfe80000000000000000000000000003d300000000000000029000000370000008902000000000000c910fc0200000000000000000000000000000102000000001400000000000000290000003e000000030000000000000030000000000000002900000036000000020200000000000007100000000202fe00000000000000000000000000000000580000000000000029000000040000002f070000000000008000000107000000000000000730000000000a0603000400000000000000ff070000000000000101000000000000010000000000000001000100000000000000200000000000000029000000370000000c000000000000000105000000000000"], 0x210}}, {{&(0x7f0000001300)={0xa, 0x4e24, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}, 0x1c, &(0x7f00000017c0)=[{&(0x7f0000001340)="06529878611b0e865383b897c7dcea9d93829c4108448b632edaba45ec4c0d201b9b9e7d9c1cc199a11620768d15e01bd840e1fd91fa6bf2b54bfa1586c1b7589f5a4f3c23989d5ad7171b8590106d29d3648acf5c93e861ef9a751d17e102fa0fd9a2196add712e249600e509019763d2f1779a220cba0b8173cc6fedc4f2a397688dd8980e4f38c8de4a52f7d9f8559c89bbabe334795e2be19b8b5f431e03e4351ca53b9bdfcd27e23d3d52dcebfef81d7e59", 0xb4}, {&(0x7f0000001440)="97ce2a49ea272b31252a2d45149fd674e1a8ce9cae70e8cfb15d3f01578bf8e9490299dea434dce787abcd9385083eef9ee2f7480e3f21f42dfc91", 0x3b}, {&(0x7f0000001480)="be3dde1fb5d8950a291937006d7d3b5696ede5d00b59a91cd9ef548ab09100759ff594b6f37437da830fddbba74f2c7910d13e", 0x33}, {&(0x7f00000014c0)="7865d8779a9e6d89feb819069cae9b5acda76896ea63da3c7b9519060118f3e9e3787754e535eebd90dfeee2ca68b2c6a39d5e2c1e900820bf78b707ae16f074d81aa368d9083e89cec59fd39acd015771f484864d618324335b393d2dfadaa7165761211601704a432adcd3d12d5fb56be8670e45fb70659c21e3ddf5ed9a29781e0ac45cd968372688ad84902eae290fa8cbe912d6398d2c11fa6f24f9e79e9e4b6f8393c78eb9ec399ae47e974961f55a4f07dfd8204c0f34a1070b054ec407f1f7533416b993c2e5", 0xca}, {&(0x7f00000015c0)="8649d2cacfbf70ec2b7feaa95bc6f6e1e26ad6db6a8f8646e6fc15304bfcc0a430aed84c2cf0398086501c8dc1b6fcded2e6db5c4ec374e76961ee9975958d30c0606e58f9f5cb9808399766123d44c1e18d8207e37a68beade43ee43c630fddc263e6aa23362b5b38cd671fabed74364e20498d7f87fcbfa12c4a2904041a3589d035602528c38475a6bc26ea873874b1ed77e487d4a05f8e4381b52dc72bf379f5f02ed80fbac07151ad6edcc837aae849e5467c5690e1a9863fc12f0944cd9062b8405a2004d4367c81a104f9dba8272e943210402fbc044dd3b039cb05f097c6578c623d131bfc556752fb88d2ad5ce19c59cf52a4a36993cc3044ad", 0xfe}, {&(0x7f00000016c0)="a1da234a0ffa376a335fce5dc57856e1c48625a7bbbe690aaad914e7975ec50c2c54fd079bb5b1742c10b506c0dd6872cd5d4834fca197c088a8a786abfffe77b18a0f39354b1fb5fde7f6d765336f27086eae79ee22c72a1532cb244f1b6376b9238c31fcb1682b2b20957a2a48dfe91c0d0384128ab60ccacedcbea0822b29c25723118f65b867f158c33ad642f7bd53499a399dc261f1ffa5743ff123e7100cbb1e4d1dbf033acabe17ce33c844e663d868a52cf5efaf2fe28d5cbf939f5caeed82a5a87520eaca46b77937b85abd043bd2e4c2fa0d12c04b4741d794a8aa7ea088b7978e904028812fe976", 0xed}], 0x6, &(0x7f0000001840)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xdbd}}, @dstopts={{0x18, 0x29, 0x37, {0xbe}}}, @rthdrdstopts={{0x110, 0x29, 0x37, {0x11, 0x1e, '\x00', [@pad1, @ra={0x5, 0x2, 0x7}, @generic={0x7f, 0xe7, "7be156a6040ad32ff091ce94a297d7eb0e56bc57adabcaa06d8a2e7d402e184a4feb3e75b2d4c3b7983cdb7ab70d98dc488db6054d3bb87c078c6a62d948c0cda10564bab8f9d33e6deada4e4715bf8d911b31fecd4c958d1cb8439765405c6b913ace788ec16839f4bd93110628578f92ba7f5411051fa6e78576cf1a558ace58c70703572cab43900435ca9b8965b7b184b2047492149e99b5dc6ce879aefb7ade118ba8cc0efc9fd1872dbc164e8d7ad0f5e1c0a63c6d0aa167174d34f34abb936c422bf26560faa74770b3cfe635cf7a4c46962263275c57f61cd4c1ddaef6156a72f5bb6d"}, @jumbo={0xc2, 0x4, 0x6}]}}}, @dstopts_2292={{0x1a0, 0x29, 0x4, {0x3c, 0x30, '\x00', [@padn={0x1, 0x1, [0x0]}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @ra={0x5, 0x2, 0xf}, @generic={0x1, 0x86, "56741932e4a25122435de1578a7dd5993de46f204dd2e2764810b61447531d05372cdd80a52bd2a78013d322999a574e2d920a3cdf450e843ddc8a48c1a4a6275f038b01c4d49539171e921a5c457f3f1e7bf92c53e5f82129a625efe13d2a224a9c28d269b8c375f5622c6fa34146eb0a9d3595545399afcfdd3b92b9f6059b1558db32a52b"}, @calipso={0x7, 0x20, {0x0, 0x6, 0x7a, 0x8, [0x0, 0x7fffffff, 0x3]}}, @hao={0xc9, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x1, 0x2, 0x85, 0x1, [0xe58]}}, @generic={0x0, 0x95, "748d9ffdbc09386f58432627f2615c535141b0451b5b31e692d9ace2bf5950d5ce2412e1b498f3f548c61135ed05d5f13774fc715171a80c6d0b0897afb2ab3889593b37143ff6629c69843576ff35fc7521f47bfeb18dfa63a53287b0141292fab525b0319532726b39afe22d23a5aca4d4ed6fa2ddf3133e7151fe2d348fbac0208c12f8d66476ef209200e9c16050526e0f0cc8"}]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x3b, 0x0, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x2}]}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x88, 0x8, 0x2, 0x0, 0x0, [@mcast1, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2]}}}, @dstopts={{0x40, 0x29, 0x37, {0x21, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x9, 0x6, [0x4, 0x6, 0x8]}}, @ra={0x5, 0x2, 0xc3}]}}}, @hopopts={{0xf8, 0x29, 0x36, {0x1d, 0x1b, '\x00', [@enc_lim={0x4, 0x1, 0x53}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @generic={0xf, 0xd3, "723f7424927451f52802e25641b71da43387a5c2d510f5aadaf7d6ee67f0da66218843aa948d538af34a021ce3cac3e469e1550943d641e22bcec67b2da57f9ed968bfddffb7c79c04f1dd9e9eea54e37e85f3c649d239ff81bd96575f9d7e4b721a854fd8119c47f12209cd00af74cef4f7fb6b27e194155b6f6d97046daf3e2ee30447a39f69a9ed61831611353abff79a2786b94c02ea8b6796fa8d36de2f5a9aa26cc5dfc34c453565941f22a038cc83215167f09367e7053ca5429baedeb9561f909e0e16612c963e2e92c1a31da91a2a"}]}}}, @rthdr_2292={{0xa8, 0x29, 0x39, {0x87, 0x12, 0x6, 0x0, 0x0, [@local, @private2, @private0={0xfc, 0x0, '\x00', 0x1}, @private0, @local, @private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1]}}}], 0x538}}], 0x4, 0x4800) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) add_key$fscrypt_provisioning(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x5, 0x2}, 0xe) syz_mount_image$udf(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x800048, &(0x7f00000001c0)=ANY=[], 0x1, 0x4b1, &(0x7f0000000740)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") open(&(0x7f0000000180)='./bus\x00', 0x4a37e, 0x0) r3 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0) ftruncate(r3, 0x2008002) r4 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000000140)='ceph\x00', &(0x7f0000000180), &(0x7f0000000040), 0x1d4, r4) kernel console output (not intermixed with test programs): 6d-cd80a5b93e5d [ 1395.000193][T19279] FAULT_INJECTION: forcing a failure. [ 1395.000193][T19279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1395.015986][T19275] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1395.046098][T19279] CPU: 1 UID: 0 PID: 19279 Comm: syz.3.3397 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1395.056023][T19279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1395.066071][T19279] Call Trace: [ 1395.069338][T19279] [ 1395.072258][T19279] dump_stack_lvl+0x241/0x360 [ 1395.076926][T19279] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1395.082112][T19279] ? __pfx__printk+0x10/0x10 [ 1395.086693][T19279] ? __pfx_lock_release+0x10/0x10 [ 1395.091708][T19279] should_fail_ex+0x3b0/0x4e0 [ 1395.096384][T19279] _copy_to_user+0x2f/0xb0 [ 1395.100813][T19279] rng_dev_read+0x3be/0x6d0 [ 1395.105331][T19279] ? __pfx_rng_dev_read+0x10/0x10 [ 1395.110377][T19279] ? security_file_permission+0x7f/0xa0 [ 1395.115926][T19279] ? rw_verify_area+0x52a/0x6b0 [ 1395.120780][T19279] vfs_readv+0x6c2/0xa90 [ 1395.125027][T19279] ? __pfx_rng_dev_read+0x10/0x10 [ 1395.130045][T19279] ? __pfx_vfs_readv+0x10/0x10 [ 1395.134820][T19279] ? __fget_files+0x29/0x470 [ 1395.139426][T19279] __x64_sys_preadv+0x1c7/0x2d0 [ 1395.144270][T19279] ? __pfx___x64_sys_preadv+0x10/0x10 [ 1395.149637][T19279] ? do_syscall_64+0x100/0x230 [ 1395.154395][T19279] ? do_syscall_64+0xb6/0x230 [ 1395.159063][T19279] do_syscall_64+0xf3/0x230 [ 1395.163558][T19279] ? clear_bhb_loop+0x35/0x90 [ 1395.168233][T19279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1395.174117][T19279] RIP: 0033:0x7f9c24375b59 [ 1395.178528][T19279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1395.198130][T19279] RSP: 002b:00007f9c2518e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 1395.206539][T19279] RAX: ffffffffffffffda RBX: 00007f9c24505f60 RCX: 00007f9c24375b59 [ 1395.214502][T19279] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000007 [ 1395.222467][T19279] RBP: 00007f9c2518e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1395.230443][T19279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1395.238405][T19279] R13: 000000000000000b R14: 00007f9c24505f60 R15: 00007ffe43737348 [ 1395.246384][T19279] [ 1395.430972][T19275] kvm: pic: non byte write [ 1395.645614][T17706] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1396.520876][ T5152] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 1396.778361][ T5152] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1396.919571][ T5152] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1397.088515][ T5152] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1397.193796][T19308] loop2: detected capacity change from 0 to 512 [ 1397.253730][ T5152] usb 4-1: Product: syz [ 1397.263851][ T5152] usb 4-1: Manufacturer: syz [ 1397.269482][T19308] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 1397.294915][ T5152] usb 4-1: SerialNumber: syz [ 1397.325952][ T5152] usb 4-1: config 0 descriptor?? [ 1397.338403][T19308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3398'. [ 1397.687542][T17706] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1397.718586][T19317] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3405'. [ 1398.031125][T19315] syz.0.3406 (19315): drop_caches: 2 [ 1398.074031][T19315] syz.0.3406 (19315): drop_caches: 2 [ 1398.368595][T19332] loop2: detected capacity change from 0 to 1024 [ 1398.403321][T19332] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1398.476660][T19332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1398.979111][T19342] block device autoloading is deprecated and will be removed. [ 1399.192834][T16213] usb 4-1: USB disconnect, device number 55 [ 1399.430165][T18648] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1399.672570][T19329] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3408'. [ 1399.681481][T19329] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3408'. [ 1400.384915][ T5179] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 1400.481431][ T29] audit: type=1326 audit(1721525964.918:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19356 comm="syz.2.3414" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd3ce975b59 code=0x0 [ 1400.572717][T19365] loop0: detected capacity change from 0 to 128 [ 1400.583465][T19365] udf: Unknown parameter ' [ 1400.583465][T19365] ' [ 1400.657784][ T5179] usb 2-1: New USB device found, idVendor=59cc, idProduct=980d, bcdDevice=70.8e [ 1400.861577][ T5179] usb 2-1: New USB device strings: Mfr=242, Product=0, SerialNumber=0 [ 1400.955368][ T5179] usb 2-1: Manufacturer: syz [ 1401.067021][ T5179] usb 2-1: config 0 descriptor?? [ 1401.121764][ T5179] usb-storage 2-1:0.0: USB Mass Storage device detected [ 1401.497124][ T5179] usb 2-1: USB disconnect, device number 56 [ 1401.902577][ T54] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1401.937629][T19387] syz.0.3420 (19387): drop_caches: 2 [ 1401.948700][T19387] syz.0.3420 (19387): drop_caches: 2 [ 1401.962215][T19387] syz.0.3420 (19387): drop_caches: 2 [ 1401.972213][T19387] syz.0.3420 (19387): drop_caches: 2 [ 1402.254531][T19393] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3421'. [ 1402.981703][T19404] loop2: detected capacity change from 0 to 4096 [ 1402.999773][T19407] loop0: detected capacity change from 0 to 2048 [ 1403.008729][T19404] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 1403.038437][T19404] ntfs3: loop2: Failed to load $Volume (-22). [ 1403.051390][T19407] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1404.012069][T19421] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3428'. [ 1404.028037][ T29] audit: type=1326 audit(1721525968.468:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19414 comm="syz.2.3428" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd3ce975b59 code=0x0 [ 1404.531699][T19427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3429'. [ 1404.751312][ T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1404.765218][ T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1404.779883][ T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1404.790690][ T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1404.802053][ T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1404.811988][ T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1404.962766][T17308] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1405.054874][ T5179] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 1405.148597][T17308] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1405.264859][ T5179] usb 4-1: Using ep0 maxpacket: 32 [ 1405.277742][ T5179] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 1405.294844][ T5179] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1405.342134][ T5179] usb 4-1: config 0 descriptor?? [ 1405.362857][ T5179] gspca_main: sunplus-2.14.0 probing 041e:400b [ 1405.392754][T17308] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1405.560986][T17308] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1405.836281][T19428] chnl_net:caif_netlink_parms(): no params data found [ 1406.891393][T17706] Bluetooth: hci4: command tx timeout [ 1407.151959][T19428] bridge0: port 1(bridge_slave_0) entered blocking state [ 1407.174698][T19428] bridge0: port 1(bridge_slave_0) entered disabled state [ 1407.195336][T19428] bridge_slave_0: entered allmulticast mode [ 1407.212178][T19428] bridge_slave_0: entered promiscuous mode [ 1407.283768][T19428] bridge0: port 2(bridge_slave_1) entered blocking state [ 1407.312258][T19428] bridge0: port 2(bridge_slave_1) entered disabled state [ 1407.344456][T19428] bridge_slave_1: entered allmulticast mode [ 1407.352225][T19428] bridge_slave_1: entered promiscuous mode [ 1407.560617][T19428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1407.613069][T19428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1407.663633][T17308] bridge_slave_1: left allmulticast mode [ 1407.690508][T17308] bridge_slave_1: left promiscuous mode [ 1407.715053][T17308] bridge0: port 2(bridge_slave_1) entered disabled state [ 1407.735750][ T5179] gspca_sunplus: reg_w_riv err -71 [ 1407.740982][ T5179] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 1407.785965][ T5179] usb 4-1: USB disconnect, device number 56 [ 1407.819196][T17308] bridge_slave_0: left allmulticast mode [ 1407.828880][T17308] bridge_slave_0: left promiscuous mode [ 1407.845344][T17308] bridge0: port 1(bridge_slave_0) entered disabled state [ 1408.134958][ T5152] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 1408.464930][ T5152] usb 3-1: Using ep0 maxpacket: 16 [ 1408.702100][ T5152] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1408.718145][ T5152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1408.729929][ T5152] usb 3-1: Product: syz [ 1408.734245][ T5152] usb 3-1: Manufacturer: syz [ 1408.741736][ T5152] usb 3-1: SerialNumber: syz [ 1408.924926][T17706] Bluetooth: hci4: command tx timeout [ 1409.039042][ T5152] r8152-cfgselector 3-1: Unknown version 0x0000 [ 1409.045531][ T5152] r8152-cfgselector 3-1: config 0 descriptor?? [ 1409.330639][ T5152] r8152-cfgselector 3-1: Needed 1 retries to read version [ 1409.347928][ T5152] r8152-cfgselector 3-1: Unknown version 0x6810 [ 1409.361575][ T5152] r8152-cfgselector 3-1: bad CDC descriptors [ 1410.132955][T16240] r8152-cfgselector 3-1: USB disconnect, device number 51 [ 1410.306822][T19490] FAULT_INJECTION: forcing a failure. [ 1410.306822][T19490] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.327365][T19490] CPU: 0 UID: 0 PID: 19490 Comm: syz.3.3446 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1410.337315][T19490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1410.347398][T19490] Call Trace: [ 1410.350695][T19490] [ 1410.353642][T19490] dump_stack_lvl+0x241/0x360 [ 1410.358344][T19490] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1410.363564][T19490] ? __pfx__printk+0x10/0x10 [ 1410.368280][T19490] should_fail_ex+0x3b0/0x4e0 [ 1410.372979][T19490] should_failslab+0xac/0x100 [ 1410.377679][T19490] ? __hw_addr_add_ex+0x1a8/0x610 [ 1410.382723][T19490] __kmalloc_cache_noprof+0x6c/0x2c0 [ 1410.388041][T19490] __hw_addr_add_ex+0x1a8/0x610 [ 1410.392918][T19490] dev_addr_init+0x143/0x230 [ 1410.397531][T19490] ? __pfx_dev_addr_init+0x10/0x10 [ 1410.402675][T19490] alloc_netdev_mqs+0x2a1/0x1000 [ 1410.407638][T19490] ? __pfx_ax_setup+0x10/0x10 [ 1410.412433][T19490] mkiss_open+0x9f/0x870 [ 1410.416702][T19490] ? __pfx_up_write+0x10/0x10 [ 1410.421401][T19490] tty_ldisc_open+0xa6/0x110 [ 1410.426017][T19490] tty_set_ldisc+0x389/0x560 [ 1410.430632][T19490] tty_ioctl+0xbdc/0xdc0 [ 1410.432616][T19496] loop2: detected capacity change from 0 to 512 [ 1410.434877][T19490] ? __pfx_tty_ioctl+0x10/0x10 [ 1410.434946][T19490] __se_sys_ioctl+0xfc/0x170 [ 1410.434976][T19490] do_syscall_64+0xf3/0x230 [ 1410.442035][T19496] EXT4-fs: Ignoring removed oldalloc option [ 1410.445934][T19490] ? clear_bhb_loop+0x35/0x90 [ 1410.445965][T19490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1410.445986][T19490] RIP: 0033:0x7f9c24375b59 [ 1410.446006][T19490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1410.495719][T19490] RSP: 002b:00007f9c2518e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1410.504158][T19490] RAX: ffffffffffffffda RBX: 00007f9c24505f60 RCX: 00007f9c24375b59 [ 1410.512153][T19490] RDX: 00000000200000c0 RSI: 0000000000005423 RDI: 0000000000000004 [ 1410.520236][T19490] RBP: 00007f9c2518e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1410.521903][T19496] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.3448: Parent and EA inode have the same ino 15 [ 1410.528203][T19490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1410.528219][T19490] R13: 000000000000000b R14: 00007f9c24505f60 R15: 00007ffe43737348 [ 1410.528247][T19490] [ 1410.587673][T19496] EXT4-fs (loop2): Remounting filesystem read-only [ 1410.597948][T19496] EXT4-fs warning (device loop2): ext4_evict_inode:254: couldn't mark inode dirty (err -5) [ 1410.609605][T19496] EXT4-fs (loop2): 1 orphan inode deleted [ 1410.616818][T19496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1410.637168][T19496] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3448'. [ 1410.649442][T17308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1410.661938][T17308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1410.673235][T17308] bond0 (unregistering): Released all slaves [ 1410.699998][T19501] netlink: 'syz.2.3448': attribute type 12 has an invalid length. [ 1410.717646][T19501] netlink: 'syz.2.3448': attribute type 11 has an invalid length. [ 1410.737309][T19501] netlink: 190580 bytes leftover after parsing attributes in process `syz.2.3448'. [ 1410.890361][T19428] team0: Port device team_slave_0 added [ 1410.908084][ T29] audit: type=1326 audit(1721525975.348:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19504 comm="syz.1.3449" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd4e775b59 code=0x0 [ 1410.911595][T19428] team0: Port device team_slave_1 added [ 1411.007782][T17706] Bluetooth: hci4: command tx timeout [ 1411.022558][ T5154] usb 4-1: new full-speed USB device number 57 using dummy_hcd [ 1411.044937][ T9] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 1411.063826][T19428] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1411.072833][T19428] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1411.099613][T19428] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1411.146519][T19428] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1411.153482][T19428] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1411.183266][T19428] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1411.236261][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 1411.261219][ T5154] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1411.270841][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 1411.283081][ T5154] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1411.307847][T19511] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3450'. [ 1411.313525][ T9] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 1411.321898][ T5154] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1411.360396][ T5154] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1411.372536][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1411.387154][T17308] hsr_slave_0: left promiscuous mode [ 1411.402010][ T9] usb 3-1: config 0 descriptor?? [ 1411.419775][ T5154] usb 4-1: config 0 descriptor?? [ 1411.429620][T17308] hsr_slave_1: left promiscuous mode [ 1411.439806][ T5154] hub 4-1:0.0: USB hub found [ 1411.446522][T17308] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1411.470168][T17308] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1411.488864][T17308] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1411.499988][T17308] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1411.586958][T17308] veth1_macvtap: left promiscuous mode [ 1411.600484][T17308] veth0_macvtap: left promiscuous mode [ 1411.609142][T17308] veth1_vlan: left promiscuous mode [ 1411.614610][T17308] veth0_vlan: left promiscuous mode [ 1411.643249][ T5154] hub 4-1:0.0: config failed, can't read hub descriptor (err -22) [ 1411.661639][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 1411.669629][ T5154] usbhid 4-1:0.0: can't add hid device: -71 [ 1411.686727][ T5154] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 1411.695157][ T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1411.725174][ T9] usb 3-1: USB disconnect, device number 52 [ 1411.738613][ T5154] usb 4-1: USB disconnect, device number 57 [ 1411.747866][T16240] usb 1-1: new low-speed USB device number 55 using dummy_hcd [ 1411.955251][T16240] usb 1-1: Invalid ep0 maxpacket: 64 [ 1412.135302][T16240] usb 1-1: new low-speed USB device number 56 using dummy_hcd [ 1412.246966][T18648] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1412.415617][T19534] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1412.425048][T16240] usb 1-1: Invalid ep0 maxpacket: 64 [ 1412.435182][T16240] usb usb1-port1: attempt power cycle [ 1413.088210][T17706] Bluetooth: hci4: command tx timeout [ 1413.761052][T16240] usb 1-1: new low-speed USB device number 57 using dummy_hcd [ 1413.807342][T16240] usb 1-1: Invalid ep0 maxpacket: 64 [ 1413.841121][ T5179] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 1413.959297][T17308] team0 (unregistering): Port device team_slave_1 removed [ 1413.985230][T16240] usb 1-1: new low-speed USB device number 58 using dummy_hcd [ 1414.017054][T17308] team0 (unregistering): Port device team_slave_0 removed [ 1414.027995][T16240] usb 1-1: Invalid ep0 maxpacket: 64 [ 1414.038927][T16240] usb usb1-port1: unable to enumerate USB device [ 1414.044468][ T5179] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1414.067197][ T5179] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1414.084877][ T5179] usb 3-1: Product: syz [ 1414.089277][ T5179] usb 3-1: Manufacturer: syz [ 1414.093980][ T5179] usb 3-1: SerialNumber: syz [ 1414.138000][ T5179] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1414.257947][ T5152] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1415.089285][T19428] hsr_slave_0: entered promiscuous mode [ 1415.134139][T19428] hsr_slave_1: entered promiscuous mode [ 1415.152146][T19428] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1415.173715][T19428] Cannot create hsr debugfs directory [ 1415.342312][ T5152] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 1415.371232][ T5152] ath9k_htc: Failed to initialize the device [ 1415.497578][ T5152] usb 3-1: ath9k_htc: USB layer deinitialized [ 1415.912287][ T29] audit: type=1326 audit(1721525980.348:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19575 comm="syz.1.3460" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd4e775b59 code=0x0 [ 1416.544241][T19595] loop0: detected capacity change from 0 to 128 [ 1416.555794][T19595] udf: Unknown parameter ' [ 1416.555794][T19595] ' [ 1416.978076][ T9] usb 3-1: USB disconnect, device number 53 [ 1417.979339][T19613] loop0: detected capacity change from 0 to 64 [ 1417.987694][T15546] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1418.098919][T19613] Bluetooth: MGMT ver 1.23 [ 1418.218799][T15546] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1418.240545][T19618] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3469'. [ 1418.290660][T19618] nbd: must specify at least one socket [ 1418.352720][T19428] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1418.438414][T19428] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1418.446687][T19620] syz.3.3472 (19620): drop_caches: 2 [ 1418.464155][T19623] FAULT_INJECTION: forcing a failure. [ 1418.464155][T19623] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1418.465949][T19625] syz.3.3472 (19625): drop_caches: 2 [ 1418.491314][T19623] CPU: 1 UID: 0 PID: 19623 Comm: syz.1.3471 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1418.501249][T19623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1418.511330][T19623] Call Trace: [ 1418.514626][T19623] [ 1418.517574][T19623] dump_stack_lvl+0x241/0x360 [ 1418.522369][T19623] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1418.527588][T19623] ? __pfx__printk+0x10/0x10 [ 1418.532204][T19623] ? __pfx_lock_release+0x10/0x10 [ 1418.537251][T19623] ? __lock_acquire+0x1384/0x2050 [ 1418.542309][T19623] should_fail_ex+0x3b0/0x4e0 [ 1418.547005][T19623] _copy_from_user+0x2f/0xe0 [ 1418.551686][T19623] kstrtouint_from_user+0xc6/0x190 [ 1418.556797][T19623] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1418.562522][T19623] ? __pfx_lock_acquire+0x10/0x10 [ 1418.567553][T19623] proc_fail_nth_write+0xaa/0x2d0 [ 1418.572578][T19623] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1418.578471][T19623] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1418.584108][T19623] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1418.589785][T19623] vfs_write+0x2a2/0xc90 [ 1418.594033][T19623] ? __pfx_vfs_write+0x10/0x10 [ 1418.598883][T19623] ? __fget_files+0x29/0x470 [ 1418.603465][T19623] ? __fget_files+0x3f6/0x470 [ 1418.608143][T19623] ksys_write+0x1a0/0x2c0 [ 1418.612474][T19623] ? __pfx_ksys_write+0x10/0x10 [ 1418.617320][T19623] ? do_syscall_64+0x100/0x230 [ 1418.622075][T19623] ? do_syscall_64+0xb6/0x230 [ 1418.626742][T19623] do_syscall_64+0xf3/0x230 [ 1418.631237][T19623] ? clear_bhb_loop+0x35/0x90 [ 1418.635910][T19623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1418.641794][T19623] RIP: 0033:0x7efd4e7746df [ 1418.646201][T19623] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 1418.665887][T19623] RSP: 002b:00007efd4f590040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1418.674378][T19623] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007efd4e7746df [ 1418.682342][T19623] RDX: 0000000000000001 RSI: 00007efd4f5900b0 RDI: 0000000000000003 [ 1418.690304][T19623] RBP: 00007efd4f5900a0 R08: 0000000000000000 R09: 0000000000000000 [ 1418.698287][T19623] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1418.706266][T19623] R13: 000000000000000b R14: 00007efd4e905f60 R15: 00007ffeab3f9148 [ 1418.714258][T19623] [ 1418.734565][T19625] syz.3.3472 (19625): drop_caches: 2 [ 1418.754427][T19620] syz.3.3472 (19620): drop_caches: 2 [ 1418.856103][T17706] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1418.869293][T17706] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1418.887193][T15546] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1418.894961][T17706] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1418.908872][T17706] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1418.936643][T17706] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1418.944116][T17706] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1419.086038][T19428] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1419.104441][T19428] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1419.547373][T15546] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1419.752518][T19640] loop0: detected capacity change from 0 to 1024 [ 1419.824906][T19640] hfsplus: failed to load root directory [ 1420.112392][T19650] loop0: detected capacity change from 0 to 1024 [ 1420.606785][T17706] Bluetooth: hci2: command 0x0406 tx timeout [ 1420.726362][T19651] syz.1.3476 (19651): drop_caches: 2 [ 1421.014435][T17706] Bluetooth: hci1: command tx timeout [ 1421.016744][T19651] syz.1.3476 (19651): drop_caches: 2 [ 1421.057140][T19650] hfsplus: extend alloc file! (8192,65536,366) [ 1421.230405][ T29] audit: type=1326 audit(1721525985.658:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.273634][T19651] syz.1.3476 (19651): drop_caches: 2 [ 1421.310066][ T29] audit: type=1326 audit(1721525985.658:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.370690][T19651] syz.1.3476 (19651): drop_caches: 2 [ 1421.415833][T19650] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1421.430570][ T29] audit: type=1326 audit(1721525985.658:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.526690][T19640] kvm: pic: non byte write [ 1421.535450][ T29] audit: type=1326 audit(1721525985.658:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.587788][T19666] overlay: ./file0 is not a directory [ 1421.594351][ T29] audit: type=1326 audit(1721525985.658:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.623985][ T29] audit: type=1326 audit(1721525985.658:1897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.653978][ T29] audit: type=1326 audit(1721525985.658:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.679745][ T29] audit: type=1326 audit(1721525985.668:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.704593][ T29] audit: type=1326 audit(1721525985.668:1900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.766953][ T29] audit: type=1326 audit(1721525985.668:1901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19656 comm="syz.3.3478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9c24375b59 code=0x7ffc0000 [ 1421.857459][T15546] bridge_slave_1: left allmulticast mode [ 1421.868282][T15546] bridge_slave_1: left promiscuous mode [ 1421.882189][T15546] bridge0: port 2(bridge_slave_1) entered disabled state [ 1421.986081][T15546] bridge_slave_0: left allmulticast mode [ 1422.023827][T15546] bridge_slave_0: left promiscuous mode [ 1422.034001][T15546] bridge0: port 1(bridge_slave_0) entered disabled state [ 1422.085183][ T1800] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 1422.306294][ T1800] usb 4-1: Using ep0 maxpacket: 8 [ 1422.460224][ T1800] usb 4-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.24 [ 1423.240091][ T1800] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1423.248642][T17706] Bluetooth: hci1: command tx timeout [ 1423.298217][ T1800] usb 4-1: config 0 descriptor?? [ 1423.328603][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.337040][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 1423.372419][ T1800] usb 4-1: bad CDC descriptors [ 1423.421012][ T1800] cdc_acm 4-1:0.0: Zero length descriptor references [ 1423.460973][ T1800] cdc_acm 4-1:0.0: probe with driver cdc_acm failed with error -22 [ 1424.147792][ T1800] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 1424.272578][T15546] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1424.302121][T15546] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1424.329459][T15546] bond0 (unregistering): Released all slaves [ 1424.365257][T19428] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1424.398219][ T1800] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 1424.432465][ T1800] usb 2-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice= 0.00 [ 1424.451788][ T1800] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1424.473455][T19428] 8021q: adding VLAN 0 to HW filter on device team0 [ 1424.561896][ T1800] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 1424.595440][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state [ 1424.602644][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1424.637996][T19210] udevd[19210]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1424.814703][T19631] chnl_net:caif_netlink_parms(): no params data found [ 1424.888814][T19715] loop0: detected capacity change from 0 to 128 [ 1424.896949][T19715] udf: Unknown parameter ' [ 1424.896949][T19715] ' [ 1425.325383][T17706] Bluetooth: hci1: command tx timeout [ 1425.584332][ T5179] bridge0: port 2(bridge_slave_1) entered blocking state [ 1425.591551][ T5179] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1425.618821][ T1800] usb 4-1: USB disconnect, device number 58 [ 1426.226444][T19732] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3487'. [ 1426.641404][T19631] bridge0: port 1(bridge_slave_0) entered blocking state [ 1426.665481][T19631] bridge0: port 1(bridge_slave_0) entered disabled state [ 1426.678760][T19631] bridge_slave_0: entered allmulticast mode [ 1426.701368][T19631] bridge_slave_0: entered promiscuous mode [ 1426.728596][T19631] bridge0: port 2(bridge_slave_1) entered blocking state [ 1426.804202][ T9] usb 2-1: USB disconnect, device number 57 [ 1426.816799][T19631] bridge0: port 2(bridge_slave_1) entered disabled state [ 1426.864134][T19631] bridge_slave_1: entered allmulticast mode [ 1426.878276][T19631] bridge_slave_1: entered promiscuous mode [ 1426.932699][T15546] hsr_slave_0: left promiscuous mode [ 1426.959162][T15546] hsr_slave_1: left promiscuous mode [ 1426.982435][T15546] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1427.044168][T15546] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1427.084502][T15546] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1427.111551][T15546] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1427.194857][T15546] veth1_macvtap: left promiscuous mode [ 1427.214295][T15546] veth0_macvtap: left promiscuous mode [ 1427.220317][T15546] veth1_vlan: left promiscuous mode [ 1427.239988][T15546] veth0_vlan: left promiscuous mode [ 1427.310251][T19746] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3489'. [ 1427.406588][T17706] Bluetooth: hci1: command tx timeout [ 1427.804966][ T5154] usb 2-1: new low-speed USB device number 58 using dummy_hcd [ 1427.945770][T19754] loop0: detected capacity change from 0 to 1024 [ 1428.001960][T19754] FAULT_INJECTION: forcing a failure. [ 1428.001960][T19754] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1428.019060][ T5154] usb 2-1: Invalid ep0 maxpacket: 64 [ 1428.027206][T19754] CPU: 1 UID: 0 PID: 19754 Comm: syz.0.3490 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1428.037145][T19754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1428.047305][T19754] Call Trace: [ 1428.050572][T19754] [ 1428.053491][T19754] dump_stack_lvl+0x241/0x360 [ 1428.058219][T19754] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1428.063431][T19754] ? __pfx__printk+0x10/0x10 [ 1428.068016][T19754] ? __pfx_lock_release+0x10/0x10 [ 1428.073053][T19754] should_fail_ex+0x3b0/0x4e0 [ 1428.077739][T19754] strncpy_from_user+0x36/0x2e0 [ 1428.082594][T19754] ? kmem_cache_alloc_noprof+0x185/0x2a0 [ 1428.088232][T19754] getname_flags+0xf1/0x540 [ 1428.092737][T19754] user_path_at+0x24/0x60 [ 1428.097067][T19754] __x64_sys_listxattr+0x109/0x230 [ 1428.102173][T19754] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1428.108153][T19754] ? __pfx___x64_sys_listxattr+0x10/0x10 [ 1428.113779][T19754] ? do_syscall_64+0x100/0x230 [ 1428.118539][T19754] ? do_syscall_64+0xb6/0x230 [ 1428.123211][T19754] do_syscall_64+0xf3/0x230 [ 1428.127879][T19754] ? clear_bhb_loop+0x35/0x90 [ 1428.132550][T19754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1428.138435][T19754] RIP: 0033:0x7f7991975b59 [ 1428.142843][T19754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1428.162533][T19754] RSP: 002b:00007f799277a048 EFLAGS: 00000246 ORIG_RAX: 00000000000000c2 [ 1428.170944][T19754] RAX: ffffffffffffffda RBX: 00007f7991b05f60 RCX: 00007f7991975b59 [ 1428.178908][T19754] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 1428.186870][T19754] RBP: 00007f799277a0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1428.194832][T19754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1428.202803][T19754] R13: 000000000000000b R14: 00007f7991b05f60 R15: 00007fff6db2d338 [ 1428.210785][T19754] [ 1428.272306][ T2815] hfsplus: b-tree write err: -5, ino 4 [ 1428.289764][ T5154] usb 2-1: new low-speed USB device number 59 using dummy_hcd [ 1428.379658][T15546] team0 (unregistering): Port device team_slave_1 removed [ 1428.432398][T15546] team0 (unregistering): Port device team_slave_0 removed [ 1428.476298][ T5154] usb 2-1: Invalid ep0 maxpacket: 64 [ 1428.583040][ T5154] usb usb2-port1: attempt power cycle [ 1429.031942][ T5154] usb 2-1: new low-speed USB device number 60 using dummy_hcd [ 1429.074082][ T5154] usb 2-1: Invalid ep0 maxpacket: 64 [ 1429.321371][ T5154] usb 2-1: new low-speed USB device number 61 using dummy_hcd [ 1429.364187][ T5154] usb 2-1: Invalid ep0 maxpacket: 64 [ 1429.370144][ T5154] usb usb2-port1: unable to enumerate USB device [ 1429.743051][T19767] FAULT_INJECTION: forcing a failure. [ 1429.743051][T19767] name failslab, interval 1, probability 0, space 0, times 0 [ 1429.781661][T19631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1429.800924][T19767] CPU: 1 UID: 0 PID: 19767 Comm: syz.3.3493 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1429.808303][T19631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1429.810837][T19767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1429.810852][T19767] Call Trace: [ 1429.833174][T19767] [ 1429.836097][T19767] dump_stack_lvl+0x241/0x360 [ 1429.840766][T19767] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1429.845957][T19767] ? __pfx__printk+0x10/0x10 [ 1429.850542][T19767] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 1429.856092][T19767] ? __pfx___might_resched+0x10/0x10 [ 1429.861372][T19767] should_fail_ex+0x3b0/0x4e0 [ 1429.866043][T19767] ? security_file_alloc+0x28/0x130 [ 1429.871235][T19767] should_failslab+0xac/0x100 [ 1429.875914][T19767] ? security_file_alloc+0x28/0x130 [ 1429.881114][T19767] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1429.886485][T19767] security_file_alloc+0x28/0x130 [ 1429.891512][T19767] init_file+0x99/0x200 [ 1429.895674][T19767] alloc_empty_file+0xb8/0x1d0 [ 1429.900434][T19767] path_openat+0x105/0x3470 [ 1429.904964][T19767] ? __lock_acquire+0x1384/0x2050 [ 1429.909989][T19767] ? __pfx_path_openat+0x10/0x10 [ 1429.914943][T19767] do_filp_open+0x235/0x490 [ 1429.919452][T19767] ? __pfx_do_filp_open+0x10/0x10 [ 1429.924568][T19767] ? _raw_spin_unlock+0x28/0x50 [ 1429.929418][T19767] ? alloc_fd+0x5a1/0x640 [ 1429.933739][T19767] do_sys_openat2+0x13e/0x1d0 [ 1429.938406][T19767] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1429.944379][T19767] ? __pfx_do_sys_openat2+0x10/0x10 [ 1429.949569][T19767] ? __fget_files+0x3f6/0x470 [ 1429.954246][T19767] __x64_sys_openat+0x247/0x2a0 [ 1429.959085][T19767] ? __pfx___x64_sys_openat+0x10/0x10 [ 1429.964443][T19767] ? do_syscall_64+0x100/0x230 [ 1429.969192][T19767] ? do_syscall_64+0xb6/0x230 [ 1429.973856][T19767] do_syscall_64+0xf3/0x230 [ 1429.978347][T19767] ? clear_bhb_loop+0x35/0x90 [ 1429.983011][T19767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1429.988888][T19767] RIP: 0033:0x7f9c24375b59 [ 1429.993288][T19767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1430.012899][T19767] RSP: 002b:00007f9c2518e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1430.021303][T19767] RAX: ffffffffffffffda RBX: 00007f9c24505f60 RCX: 00007f9c24375b59 [ 1430.029348][T19767] RDX: 000000000000275a RSI: 0000000020000080 RDI: ffffffffffffff9c [ 1430.037306][T19767] RBP: 00007f9c2518e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1430.045263][T19767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1430.053218][T19767] R13: 000000000000000b R14: 00007f9c24505f60 R15: 00007ffe43737348 [ 1430.061208][T19767] [ 1430.477164][T19631] team0: Port device team_slave_0 added [ 1430.492944][T19631] team0: Port device team_slave_1 added [ 1431.315612][T19631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1431.330413][T19631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1431.358201][T19631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1431.500023][T19631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1431.507103][T19631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1431.533227][T19631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1431.741411][T19794] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3497'. [ 1432.113017][T19428] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1432.374218][T19631] hsr_slave_0: entered promiscuous mode [ 1432.567440][T19804] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3498'. [ 1432.845947][T19631] hsr_slave_1: entered promiscuous mode [ 1432.935461][T19631] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1432.947149][T19631] Cannot create hsr debugfs directory [ 1434.378529][T19835] loop0: detected capacity change from 0 to 512 [ 1434.412844][T19835] EXT4-fs (loop0): blocks per group (71) and clusters per group (32768) inconsistent [ 1434.442617][T19428] veth0_vlan: entered promiscuous mode [ 1434.459907][T19832] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3502'. [ 1434.609564][T19842] syz.1.3503 (19842): drop_caches: 2 [ 1434.637837][T19835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3502'. [ 1434.649612][T19838] syz.1.3503 (19838): drop_caches: 2 [ 1434.672662][T19428] veth1_vlan: entered promiscuous mode [ 1434.698347][T19842] syz.1.3503 (19842): drop_caches: 2 [ 1434.747235][T19838] syz.1.3503 (19838): drop_caches: 2 [ 1434.770822][T19428] veth0_macvtap: entered promiscuous mode [ 1434.826168][T19428] veth1_macvtap: entered promiscuous mode [ 1434.912879][T19428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1434.930915][T19428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1434.949661][T19428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1435.152261][T19428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1435.165074][T19428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1435.169366][T19855] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3504'. [ 1435.188473][T19428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1435.202533][T19428] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1435.281984][T19428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1435.310937][T19428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1435.324520][T19428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1435.472872][T19428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1435.483234][T19428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1435.494193][T19428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1435.506041][T19428] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1435.615146][ T5179] usb 1-1: new low-speed USB device number 59 using dummy_hcd [ 1437.261038][T19631] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1437.284595][T19428] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1437.433984][T19428] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1437.443273][T19428] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1437.452613][T19428] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1437.525037][ T5179] usb 1-1: Invalid ep0 maxpacket: 64 [ 1437.639466][T19869] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3508'. [ 1437.652360][T19631] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1437.925033][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 1437.925056][ T29] audit: type=1326 audit(1721526002.118:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19866 comm="syz.3.3508" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c24375b59 code=0x0 [ 1437.963258][T19631] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1438.070598][T19631] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1438.301162][T15546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1438.324912][T15546] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1438.420365][T15546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1438.453939][T15546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1438.490286][T19876] loop0: detected capacity change from 0 to 4096 [ 1438.543470][T19876] ntfs3: Unknown parameter 'iocharse5' [ 1438.558474][T19631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1438.771792][T19631] 8021q: adding VLAN 0 to HW filter on device team0 [ 1438.843828][T16240] bridge0: port 1(bridge_slave_0) entered blocking state [ 1438.851084][T16240] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1439.017751][T19887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3509'. [ 1439.068427][T16240] bridge0: port 2(bridge_slave_1) entered blocking state [ 1439.075653][T16240] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1439.605556][T19894] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3513'. [ 1439.664728][T19894] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3513'. [ 1439.997921][T19631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1440.235755][T19631] veth0_vlan: entered promiscuous mode [ 1440.282654][T19631] veth1_vlan: entered promiscuous mode [ 1440.448965][T19631] veth0_macvtap: entered promiscuous mode [ 1440.482145][T19631] veth1_macvtap: entered promiscuous mode [ 1440.576033][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1440.605598][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1440.649150][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1440.725616][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1440.781758][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1440.820465][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1440.849179][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1440.894124][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1440.911685][T19919] loop0: detected capacity change from 0 to 512 [ 1440.958767][T19631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1440.995113][T19919] EXT4-fs (loop0): filesystem is read-only [ 1441.047013][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1441.075226][T19919] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 1441.079910][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1441.123609][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1441.154941][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1441.198275][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1441.239369][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1441.251489][T19919] EXT4-fs (loop0): filesystem is read-only [ 1441.264927][T19631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1441.273460][T19919] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1441.275838][T19631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1441.293613][T19631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1441.330642][T19631] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1441.343679][T19631] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1441.353103][T19631] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1441.361879][T19631] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1441.434203][T19919] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3512: bg 0: block 64: padding at end of block bitmap is not set [ 1441.671660][T17308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1441.705330][T19919] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 1441.726199][T17308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1441.801903][T19919] EXT4-fs (loop0): 1 orphan inode deleted [ 1441.818513][T19919] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1441.897150][T15546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1441.924708][T15546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1442.591980][T19960] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1442.748105][T19944] kvm: pic: non byte write [ 1442.944980][ T5152] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 1443.167970][ T5152] usb 5-1: config 97 has an invalid interface descriptor of length 3, skipping [ 1443.359213][ T5152] usb 5-1: config 97 has an invalid descriptor of length 0, skipping remainder of the config [ 1443.579243][T19969] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3520'. [ 1443.851864][ T5152] usb 5-1: config 97 has 0 interfaces, different from the descriptor's value: 1 [ 1443.862610][ T5152] usb 5-1: New USB device found, idVendor=0480, idProduct=d010, bcdDevice=17.4d [ 1443.872898][ T5152] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1444.116153][ T5152] usb 5-1: string descriptor 0 read error: -71 [ 1444.157609][ T5152] usb 5-1: USB disconnect, device number 48 [ 1445.433683][ T29] audit: type=1326 audit(1721526009.628:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19981 comm="syz.4.3523" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2db5575b59 code=0x0 [ 1445.982394][T19990] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3524'. [ 1446.433855][T19994] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 1446.817549][T20006] loop2: detected capacity change from 0 to 128 [ 1446.824613][T20006] udf: Unknown parameter ' [ 1446.824613][T20006] ' [ 1447.278132][T17706] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 1447.675165][ T8] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 1447.706528][T20023] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1447.792416][T20023] kvm: pic: non byte write [ 1447.978008][ T8] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1447.996111][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1448.006900][ T8] usb 5-1: config 0 descriptor?? [ 1448.020135][ T8] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1448.979313][T20036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3538'. [ 1448.989585][ T8] gspca_sonixj: reg_w1 err -110 [ 1448.994655][ T8] sonixj 5-1:0.0: probe with driver sonixj failed with error -110 [ 1449.457933][T20038] FAULT_INJECTION: forcing a failure. [ 1449.457933][T20038] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1449.500527][T20038] CPU: 0 UID: 0 PID: 20038 Comm: syz.3.3539 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1449.510479][T20038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1449.520543][T20038] Call Trace: [ 1449.523814][T20038] [ 1449.526733][T20038] dump_stack_lvl+0x241/0x360 [ 1449.531400][T20038] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1449.536584][T20038] ? __pfx__printk+0x10/0x10 [ 1449.541167][T20038] ? __pfx_lock_release+0x10/0x10 [ 1449.546189][T20038] should_fail_ex+0x3b0/0x4e0 [ 1449.550855][T20038] _copy_to_user+0x2f/0xb0 [ 1449.555260][T20038] bpf_test_finish+0x22c/0x8b0 [ 1449.560134][T20038] ? __pfx_bpf_test_finish+0x10/0x10 [ 1449.565452][T20038] ? convert___skb_to_skb+0x41/0x620 [ 1449.570762][T20038] ? convert_skb_to___skb+0x2d3/0x510 [ 1449.576162][T20038] bpf_prog_test_run_skb+0xfe5/0x1820 [ 1449.581580][T20038] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 1449.587416][T20038] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 1449.593251][T20038] bpf_prog_test_run+0x33a/0x3b0 [ 1449.598219][T20038] __sys_bpf+0x48d/0x810 [ 1449.602576][T20038] ? __pfx___sys_bpf+0x10/0x10 [ 1449.607378][T20038] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1449.613389][T20038] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1449.619746][T20038] ? do_syscall_64+0x100/0x230 [ 1449.624532][T20038] __x64_sys_bpf+0x7c/0x90 [ 1449.628966][T20038] do_syscall_64+0xf3/0x230 [ 1449.633465][T20038] ? clear_bhb_loop+0x35/0x90 [ 1449.638138][T20038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1449.644113][T20038] RIP: 0033:0x7f9c24375b59 [ 1449.648515][T20038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1449.668122][T20038] RSP: 002b:00007f9c2518e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1449.676633][T20038] RAX: ffffffffffffffda RBX: 00007f9c24505f60 RCX: 00007f9c24375b59 [ 1449.684603][T20038] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a [ 1449.692561][T20038] RBP: 00007f9c2518e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1449.700520][T20038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1449.708477][T20038] R13: 000000000000000b R14: 00007f9c24505f60 R15: 00007ffe43737348 [ 1449.716451][T20038] [ 1450.015853][T20047] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 1450.118692][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1450.131702][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1450.140332][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1450.191968][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1450.200088][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1450.212342][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1451.134634][ T8] usb 5-1: USB disconnect, device number 49 [ 1452.324881][T17706] Bluetooth: hci5: command tx timeout [ 1452.329097][T20048] chnl_net:caif_netlink_parms(): no params data found [ 1452.898314][T20073] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3546'. [ 1453.846495][T20048] bridge0: port 1(bridge_slave_0) entered blocking state [ 1453.853653][T20048] bridge0: port 1(bridge_slave_0) entered disabled state [ 1453.912048][T20048] bridge_slave_0: entered allmulticast mode [ 1453.952624][T20048] bridge_slave_0: entered promiscuous mode [ 1453.976152][T20048] bridge0: port 2(bridge_slave_1) entered blocking state [ 1454.036494][T20048] bridge0: port 2(bridge_slave_1) entered disabled state [ 1454.055030][T20048] bridge_slave_1: entered allmulticast mode [ 1454.072788][T20048] bridge_slave_1: entered promiscuous mode [ 1454.388893][T17706] Bluetooth: hci5: command tx timeout [ 1454.530253][T20048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1454.647028][T20048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1455.004118][T20048] team0: Port device team_slave_0 added [ 1455.029797][T20048] team0: Port device team_slave_1 added [ 1455.253041][T20048] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1455.278537][T20048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1455.379389][T20048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1455.475526][T20048] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1455.482510][T20048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1455.619481][T20048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1456.445320][T17706] Bluetooth: hci5: command tx timeout [ 1456.691710][T20048] hsr_slave_0: entered promiscuous mode [ 1456.740148][T20048] hsr_slave_1: entered promiscuous mode [ 1456.779799][T20048] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1456.828896][T20048] Cannot create hsr debugfs directory [ 1457.531861][T20048] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1457.625758][T20124] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3558'. [ 1458.529894][T17706] Bluetooth: hci5: command tx timeout [ 1458.712550][T20048] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1459.529516][T20141] loop2: detected capacity change from 0 to 64 [ 1459.613174][T20048] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1459.882098][T20048] bond0: (slave netdevsim0): Releasing backup interface [ 1459.936464][T20048] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1461.309442][T20048] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1461.433897][T20048] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1462.187585][T20048] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1462.323152][T20048] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1462.503638][T20169] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3567'. [ 1462.880337][T20048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1462.978726][T20048] 8021q: adding VLAN 0 to HW filter on device team0 [ 1463.033915][T16238] bridge0: port 1(bridge_slave_0) entered blocking state [ 1463.041073][T16238] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1463.136609][T16238] bridge0: port 2(bridge_slave_1) entered blocking state [ 1463.143788][T16238] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1463.338890][T20048] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1463.430024][T20179] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3570'. [ 1463.504029][T20179] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3570'. [ 1463.706549][T20189] loop2: detected capacity change from 0 to 64 [ 1463.736075][T20189] hfs: unable to parse mount options [ 1464.104422][T20048] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1464.277272][T20198] loop2: detected capacity change from 0 to 128 [ 1464.284346][T20198] udf: Unknown parameter ' [ 1464.284346][T20198] ' [ 1464.511352][T20048] veth0_vlan: entered promiscuous mode [ 1464.608337][T20048] veth1_vlan: entered promiscuous mode [ 1464.744213][T20048] veth0_macvtap: entered promiscuous mode [ 1464.845398][T17706] Bluetooth: hci4: command tx timeout [ 1464.907688][T20048] veth1_macvtap: entered promiscuous mode [ 1464.961960][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1465.014830][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.058061][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1465.115102][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.167572][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1465.179150][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.189663][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1465.200847][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.211320][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1465.605501][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.667298][T20048] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1465.700116][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1465.739400][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.770431][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1465.865654][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.935251][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1465.964923][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.994696][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1466.025118][T17706] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 1466.045068][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1466.127138][T20048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1466.195474][T20048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1466.254070][T20048] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1466.332151][T20048] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.385203][T20048] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.400828][ T5179] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 1466.456822][T20048] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.500855][T20048] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.656854][ T5179] usb 3-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1466.666544][ T5179] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1466.700863][ T5179] usb 3-1: config 0 descriptor?? [ 1466.778571][ T5179] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1467.007159][T17308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1467.094993][T17308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1467.176423][T17306] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1467.224683][T17306] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1467.602651][T20218] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1467.630411][ T5179] gspca_sonixj: reg_r err -71 [ 1467.953608][ T5179] sonixj 3-1:0.0: probe with driver sonixj failed with error -71 [ 1467.993819][ T5179] usb 3-1: USB disconnect, device number 54 [ 1468.689364][ T29] audit: type=1326 audit(1721526033.118:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20228 comm="syz.0.3580" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9f1e175b59 code=0x0 [ 1469.456403][T20242] loop2: detected capacity change from 0 to 64 [ 1469.536017][T20242] hfs: unable to parse mount options [ 1469.576719][T20237] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3583'. [ 1469.670228][T20237] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3583'. [ 1470.594844][ T29] audit: type=1326 audit(1721526035.008:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20262 comm="syz.4.3589" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2db5575b59 code=0x0 [ 1471.028024][T20271] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1472.345254][T17706] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 1472.429960][T20289] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 1472.699835][T20298] syz.1.3598 (20298): drop_caches: 2 [ 1472.729882][ T5179] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 1472.744119][T20294] syz.1.3598 (20294): drop_caches: 2 [ 1472.797970][T20294] syz.1.3598 (20294): drop_caches: 2 [ 1472.821055][T20298] syz.1.3598 (20298): drop_caches: 2 [ 1472.946851][ T5179] usb 3-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1472.956272][ T5179] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1472.975648][ T5179] usb 3-1: config 0 descriptor?? [ 1472.994505][ T5179] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1473.602833][ C1] eth0: bad gso: type: 1, size: 1408 [ 1473.980650][ T5179] gspca_sonixj: reg_r err -71 [ 1474.004988][ T5179] sonixj 3-1:0.0: probe with driver sonixj failed with error -71 [ 1474.049162][ T5179] usb 3-1: USB disconnect, device number 55 [ 1474.916998][T20325] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3605'. [ 1475.013001][T20314] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1475.180782][T12042] libceph: connect (1)[c::]:6789 error -101 [ 1475.190538][T12042] libceph: mon0 (1)[c::]:6789 connect error [ 1475.207596][T12042] libceph: connect (1)[c::]:6789 error -101 [ 1475.214497][T12042] libceph: mon0 (1)[c::]:6789 connect error [ 1475.465843][T20334] syzkaller1: entered promiscuous mode [ 1475.478945][T12042] libceph: connect (1)[c::]:6789 error -101 [ 1475.479256][T20334] syzkaller1: entered allmulticast mode [ 1475.505006][T12042] libceph: mon0 (1)[c::]:6789 connect error [ 1475.735121][T20325] ceph: No mds server is up or the cluster is laggy [ 1475.800474][T20341] syz.2.3610 (20341): drop_caches: 2 [ 1475.843859][T20341] syz.2.3610 (20341): drop_caches: 2 [ 1475.895799][T20342] overlayfs: statfs failed on './file0' [ 1475.940633][T20342] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3606'. [ 1475.967311][T20341] syz.2.3610 (20341): drop_caches: 2 [ 1476.004398][T20341] syz.2.3610 (20341): drop_caches: 2 [ 1476.153564][T20342] xfrm1: entered promiscuous mode [ 1476.191689][T20342] xfrm1: entered allmulticast mode [ 1476.884958][ T5179] usb 3-1: new high-speed USB device number 56 using dummy_hcd [ 1477.077004][ T5179] usb 3-1: config 0 has an invalid interface number: 94 but max is 0 [ 1477.087755][ T5179] usb 3-1: config 0 has no interface number 0 [ 1477.093876][ T5179] usb 3-1: too many endpoints for config 0 interface 94 altsetting 238: 246, using maximum allowed: 30 [ 1477.106770][ T5179] usb 3-1: config 0 interface 94 altsetting 238 endpoint 0x81 has an invalid bInterval 254, changing to 11 [ 1477.187018][ T5179] usb 3-1: config 0 interface 94 altsetting 238 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1477.229341][ T5179] usb 3-1: config 0 interface 94 altsetting 238 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 1477.345263][ T5179] usb 3-1: config 0 interface 94 has no altsetting 0 [ 1477.392297][ T5179] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 1477.460819][ T54] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 1477.460906][ T5179] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1477.573505][ T5179] usb 3-1: config 0 descriptor?? [ 1477.804913][ T54] Bluetooth: hci1: command tx timeout [ 1477.856197][ T5152] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 1478.125126][ T5152] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1478.454981][ T5152] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1478.483822][ T5152] usb 5-1: config 0 descriptor?? [ 1478.499171][ T5152] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1478.624909][ T9] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 1479.158061][T20387] syz.1.3624 (20387): drop_caches: 2 [ 1479.183155][T20387] syz.1.3624 (20387): drop_caches: 2 [ 1479.183712][T20388] syz.1.3624 (20388): drop_caches: 2 [ 1479.237592][T20388] syz.1.3624 (20388): drop_caches: 2 [ 1479.314467][ T5152] gspca_sonixj: reg_r err -71 [ 1479.330927][ T5152] sonixj 5-1:0.0: probe with driver sonixj failed with error -71 [ 1479.378147][ T5152] usb 5-1: USB disconnect, device number 50 [ 1479.580329][ T5154] usb 3-1: USB disconnect, device number 56 [ 1481.517853][T20430] syz.0.3622 (20430): drop_caches: 2 [ 1481.523873][T20430] syz.0.3622 (20430): drop_caches: 2 [ 1481.561684][T20431] syz.0.3622 (20431): drop_caches: 2 [ 1481.595362][T20428] Bluetooth: MGMT ver 1.23 [ 1481.599865][T20428] Bluetooth: hci3: unsupported parameter 65535 [ 1481.638127][T20428] Bluetooth: hci3: invalid length 0, exp 2 for type 16 [ 1481.809256][T20433] loop2: detected capacity change from 0 to 128 [ 1481.816346][T20433] udf: Unknown parameter ' [ 1481.816346][T20433] ' [ 1481.927073][T20431] syz.0.3622 (20431): drop_caches: 2 [ 1482.058315][T20440] loop2: detected capacity change from 0 to 64 [ 1482.197161][T20442] FAULT_INJECTION: forcing a failure. [ 1482.197161][T20442] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1482.231162][T20442] CPU: 1 UID: 0 PID: 20442 Comm: syz.2.3639 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1482.241080][T20442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1482.251163][T20442] Call Trace: [ 1482.254452][T20442] [ 1482.257400][T20442] dump_stack_lvl+0x241/0x360 [ 1482.262108][T20442] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1482.267337][T20442] ? __pfx__printk+0x10/0x10 [ 1482.271962][T20442] should_fail_ex+0x3b0/0x4e0 [ 1482.276680][T20442] strncpy_from_user+0x36/0x2e0 [ 1482.281638][T20442] ? kmem_cache_alloc_noprof+0x185/0x2a0 [ 1482.287302][T20442] getname_flags+0xf1/0x540 [ 1482.291826][T20442] __x64_sys_unlinkat+0xb1/0xf0 [ 1482.296681][T20442] do_syscall_64+0xf3/0x230 [ 1482.301164][T20442] ? clear_bhb_loop+0x35/0x90 [ 1482.305828][T20442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1482.311727][T20442] RIP: 0033:0x7f564c175b59 [ 1482.316140][T20442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1482.335759][T20442] RSP: 002b:00007f564bbff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 1482.344156][T20442] RAX: ffffffffffffffda RBX: 00007f564c306038 RCX: 00007f564c175b59 [ 1482.352113][T20442] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: ffffffffffffff9c [ 1482.360074][T20442] RBP: 00007f564bbff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1482.368031][T20442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1482.375986][T20442] R13: 000000000000006e R14: 00007f564c306038 R15: 00007ffe82d828b8 [ 1482.383952][T20442] [ 1483.248745][ T54] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 1483.294117][T20451] syz.3.3635 (20451): drop_caches: 2 [ 1483.380303][T20451] syz.3.3635 (20451): drop_caches: 2 [ 1483.390790][T17706] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1483.402082][T17706] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1483.412173][T20456] syz.3.3635 (20456): drop_caches: 2 [ 1483.417796][T17706] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1483.441245][T17706] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1483.446121][T20456] syz.3.3635 (20456): drop_caches: 2 [ 1483.459870][T17706] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1483.471087][T17706] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1483.485363][T17706] Bluetooth: hci5: command tx timeout [ 1483.627345][T20460] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3644'. [ 1483.688527][T17308] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1483.905819][T20462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3644'. [ 1484.101224][T20468] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3645'. [ 1484.440936][T17308] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1484.768505][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.775006][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 1484.830435][T17308] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1484.976324][ T54] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 1484.991583][T17308] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1485.013520][T20483] syz.2.3651 (20483): drop_caches: 2 [ 1485.048531][T20483] syz.2.3651 (20483): drop_caches: 2 [ 1485.107871][T20484] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns [ 1485.149720][T20484] kvm: pic: non byte write [ 1485.167469][T20483] syz.2.3651 (20483): drop_caches: 2 [ 1485.340755][T20483] syz.2.3651 (20483): drop_caches: 2 [ 1485.495567][T20453] chnl_net:caif_netlink_parms(): no params data found [ 1485.568704][T17706] Bluetooth: hci6: command tx timeout [ 1485.861828][T17308] bridge_slave_1: left allmulticast mode [ 1485.896808][T17308] bridge_slave_1: left promiscuous mode [ 1485.934532][T17308] bridge0: port 2(bridge_slave_1) entered disabled state [ 1485.995294][T17308] bridge_slave_0: left allmulticast mode [ 1486.000984][T17308] bridge_slave_0: left promiscuous mode [ 1486.034332][T17308] bridge0: port 1(bridge_slave_0) entered disabled state [ 1486.174283][T20505] overlay: filesystem on . not supported [ 1486.886068][ T1800] usb 1-1: new high-speed USB device number 61 using dummy_hcd [ 1487.143346][ T1800] usb 1-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1487.152545][ T1800] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1487.170765][ T1800] usb 1-1: config 0 descriptor?? [ 1487.182669][ T1800] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1487.273195][T17308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1487.338592][T17308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1487.375754][T17308] bond0 (unregistering): Released all slaves [ 1487.433746][T20509] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3652'. [ 1487.444881][T20509] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3652'. [ 1487.655864][T17706] Bluetooth: hci6: command tx timeout [ 1488.086745][T20453] bridge0: port 1(bridge_slave_0) entered blocking state [ 1488.135972][ T5152] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 1488.240104][T20536] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3658'. [ 1488.316464][ T29] audit: type=1326 audit(1721526052.748:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20522 comm="syz.2.3658" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f564c175b59 code=0x0 [ 1488.382740][T20453] bridge0: port 1(bridge_slave_0) entered disabled state [ 1488.430244][T20453] bridge_slave_0: entered allmulticast mode [ 1488.607228][ T1800] gspca_sonixj: reg_r err -71 [ 1488.611974][ T1800] sonixj 1-1:0.0: probe with driver sonixj failed with error -71 [ 1488.625162][ T1800] usb 1-1: USB disconnect, device number 61 [ 1488.635230][T20453] bridge_slave_0: entered promiscuous mode [ 1488.676868][T20453] bridge0: port 2(bridge_slave_1) entered blocking state [ 1488.775154][T20453] bridge0: port 2(bridge_slave_1) entered disabled state [ 1488.822284][T20453] bridge_slave_1: entered allmulticast mode [ 1488.851354][T20453] bridge_slave_1: entered promiscuous mode [ 1488.879938][T20539] FAULT_INJECTION: forcing a failure. [ 1488.879938][T20539] name failslab, interval 1, probability 0, space 0, times 0 [ 1488.920636][T20539] CPU: 0 UID: 0 PID: 20539 Comm: syz.4.3660 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1488.930579][T20539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1488.940655][T20539] Call Trace: [ 1488.943955][T20539] [ 1488.946902][T20539] dump_stack_lvl+0x241/0x360 [ 1488.951604][T20539] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1488.956822][T20539] ? __pfx__printk+0x10/0x10 [ 1488.961435][T20539] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 1488.966913][T20539] ? __pfx___might_resched+0x10/0x10 [ 1488.972226][T20539] should_fail_ex+0x3b0/0x4e0 [ 1488.976932][T20539] should_failslab+0xac/0x100 [ 1488.981633][T20539] ? rtnl_newlink+0xe9/0x2070 [ 1488.986339][T20539] __kmalloc_cache_noprof+0x6c/0x2c0 [ 1488.991650][T20539] rtnl_newlink+0xe9/0x2070 [ 1488.996197][T20539] ? __pfx_lock_acquire+0x10/0x10 [ 1489.001257][T20539] ? __mutex_lock+0x99b/0xd70 [ 1489.006043][T20539] ? __pfx_lock_release+0x10/0x10 [ 1489.011091][T20539] ? do_raw_spin_lock+0x14f/0x370 [ 1489.016140][T20539] ? __pfx_rtnl_newlink+0x10/0x10 [ 1489.021200][T20539] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1489.026514][T20539] ? __mutex_lock+0x9a5/0xd70 [ 1489.031217][T20539] ? __mutex_lock+0x527/0xd70 [ 1489.035920][T20539] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1489.041055][T20539] ? __pfx___mutex_lock+0x10/0x10 [ 1489.046113][T20539] ? __pfx_rtnl_newlink+0x10/0x10 [ 1489.051165][T20539] rtnetlink_rcv_msg+0x744/0xd00 [ 1489.056132][T20539] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1489.061276][T20539] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1489.066767][T20539] ? ref_tracker_free+0x643/0x7e0 [ 1489.071820][T20539] netlink_rcv_skb+0x1e3/0x430 [ 1489.076583][T20539] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1489.082040][T20539] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1489.087333][T20539] ? netlink_deliver_tap+0x2e/0x1b0 [ 1489.092524][T20539] netlink_unicast+0x7f6/0x990 [ 1489.097288][T20539] ? __pfx_netlink_unicast+0x10/0x10 [ 1489.102570][T20539] ? __virt_addr_valid+0x183/0x530 [ 1489.107672][T20539] ? __check_object_size+0x49c/0x900 [ 1489.112944][T20539] ? bpf_lsm_netlink_send+0x9/0x10 [ 1489.118053][T20539] netlink_sendmsg+0x8e4/0xcb0 [ 1489.122817][T20539] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1489.128091][T20539] ? __import_iovec+0x536/0x820 [ 1489.132941][T20539] ? aa_sock_msg_perm+0x91/0x160 [ 1489.137872][T20539] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1489.143143][T20539] ? security_socket_sendmsg+0x87/0xb0 [ 1489.148709][T20539] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1489.153996][T20539] __sock_sendmsg+0x221/0x270 [ 1489.158687][T20539] ____sys_sendmsg+0x525/0x7d0 [ 1489.163463][T20539] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1489.168760][T20539] __sys_sendmsg+0x2b0/0x3a0 [ 1489.173352][T20539] ? __pfx___sys_sendmsg+0x10/0x10 [ 1489.178459][T20539] ? vfs_write+0x7c4/0xc90 [ 1489.182903][T20539] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1489.189229][T20539] ? do_syscall_64+0x100/0x230 [ 1489.194007][T20539] ? do_syscall_64+0xb6/0x230 [ 1489.198687][T20539] do_syscall_64+0xf3/0x230 [ 1489.203194][T20539] ? clear_bhb_loop+0x35/0x90 [ 1489.207878][T20539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1489.213774][T20539] RIP: 0033:0x7f2db5575b59 [ 1489.218186][T20539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1489.237960][T20539] RSP: 002b:00007f2db6266048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1489.246371][T20539] RAX: ffffffffffffffda RBX: 00007f2db5705f60 RCX: 00007f2db5575b59 [ 1489.254333][T20539] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 1489.262296][T20539] RBP: 00007f2db62660a0 R08: 0000000000000000 R09: 0000000000000000 [ 1489.270267][T20539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1489.278230][T20539] R13: 000000000000000b R14: 00007f2db5705f60 R15: 00007fffee458e58 [ 1489.286206][T20539] [ 1489.591895][T20550] loop2: detected capacity change from 0 to 1024 [ 1489.611488][T20453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1489.637273][T20550] hfsplus: failed to load root directory [ 1489.668663][T20453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1489.725232][T17706] Bluetooth: hci6: command tx timeout [ 1489.878335][T20550] loop2: detected capacity change from 0 to 1024 [ 1489.936224][T20550] hfsplus: extend alloc file! (8192,65536,366) [ 1490.176392][T20453] team0: Port device team_slave_0 added [ 1490.318376][T17308] hsr_slave_0: left promiscuous mode [ 1490.407966][T17308] hsr_slave_1: left promiscuous mode [ 1490.446289][T17308] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1490.478503][T17308] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1490.548084][T17308] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1490.573615][T17308] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1490.664036][T17308] veth1_macvtap: left promiscuous mode [ 1490.688326][T17308] veth0_macvtap: left promiscuous mode [ 1490.718182][T17308] veth1_vlan: left promiscuous mode [ 1490.744208][T17308] veth0_vlan: left promiscuous mode [ 1490.834942][ T8] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 1491.021450][T20573] FAULT_INJECTION: forcing a failure. [ 1491.021450][T20573] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.054967][T20573] CPU: 0 UID: 0 PID: 20573 Comm: syz.2.3666 Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1491.064903][T20573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1491.074977][T20573] Call Trace: [ 1491.078266][T20573] [ 1491.081208][T20573] dump_stack_lvl+0x241/0x360 [ 1491.085914][T20573] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1491.091126][T20573] ? __pfx__printk+0x10/0x10 [ 1491.095739][T20573] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 1491.101737][T20573] ? __pfx___might_resched+0x10/0x10 [ 1491.107043][T20573] should_fail_ex+0x3b0/0x4e0 [ 1491.111736][T20573] should_failslab+0xac/0x100 [ 1491.116426][T20573] ? __alloc_skb+0x1c3/0x440 [ 1491.121029][T20573] kmem_cache_alloc_node_noprof+0x71/0x320 [ 1491.126857][T20573] __alloc_skb+0x1c3/0x440 [ 1491.131298][T20573] ? __pfx___alloc_skb+0x10/0x10 [ 1491.136246][T20573] ? netlink_autobind+0xd6/0x2f0 [ 1491.141254][T20573] ? netlink_autobind+0x2b0/0x2f0 [ 1491.146263][T20573] netlink_sendmsg+0x638/0xcb0 [ 1491.151015][T20573] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1491.156281][T20573] ? __import_iovec+0x536/0x820 [ 1491.161113][T20573] ? aa_sock_msg_perm+0x91/0x160 [ 1491.166053][T20573] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1491.171343][T20573] ? security_socket_sendmsg+0x87/0xb0 [ 1491.176798][T20573] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1491.182061][T20573] __sock_sendmsg+0x221/0x270 [ 1491.186727][T20573] ____sys_sendmsg+0x525/0x7d0 [ 1491.191478][T20573] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1491.196754][T20573] __sys_sendmsg+0x2b0/0x3a0 [ 1491.201345][T20573] ? __pfx___sys_sendmsg+0x10/0x10 [ 1491.206439][T20573] ? vfs_write+0x7c4/0xc90 [ 1491.210863][T20573] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1491.217175][T20573] ? do_syscall_64+0x100/0x230 [ 1491.221925][T20573] ? do_syscall_64+0xb6/0x230 [ 1491.226581][T20573] do_syscall_64+0xf3/0x230 [ 1491.231069][T20573] ? clear_bhb_loop+0x35/0x90 [ 1491.235746][T20573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1491.241662][T20573] RIP: 0033:0x7f564c175b59 [ 1491.246080][T20573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1491.265683][T20573] RSP: 002b:00007f564ce7d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1491.274121][T20573] RAX: ffffffffffffffda RBX: 00007f564c305f60 RCX: 00007f564c175b59 [ 1491.282079][T20573] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 1491.290037][T20573] RBP: 00007f564ce7d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1491.297990][T20573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1491.305942][T20573] R13: 000000000000000b R14: 00007f564c305f60 R15: 00007ffe82d828b8 [ 1491.313904][T20573] [ 1491.435011][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 1491.466349][ T8] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 1491.474652][ T8] usb 5-1: config 179 has no interface number 0 [ 1491.505575][ T8] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1491.526273][ T8] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 1491.564967][ T8] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1491.585832][T20573] loop2: detected capacity change from 0 to 1024 [ 1491.605816][ T8] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 1491.653406][ T8] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1491.687491][ T8] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1491.712390][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1491.743500][T20571] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1491.806451][T17706] Bluetooth: hci6: command tx timeout [ 1492.784305][T20573] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6 [ 1493.171670][ T9] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input9 [ 1493.794633][T20594] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3671'. [ 1494.670041][T17308] team0 (unregistering): Port device team_slave_1 removed [ 1494.827238][T17308] team0 (unregistering): Port device team_slave_0 removed [ 1495.580418][ C0] DEBUG: waiting rtnl_mutex for 519 jiffies. [ 1495.586589][ C0] task:kworker/0:4 state:D stack:18360 pid:5152 tgid:5152 ppid:2 flags:0x00004000 [ 1495.597044][ C0] Workqueue: events linkwatch_event [ 1495.602463][ C0] Call Trace: [ 1495.605872][ C0] [ 1495.608905][ C0] __schedule+0x1800/0x4a60 [ 1495.613554][ C0] ? __pfx___schedule+0x10/0x10 [ 1495.618595][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1495.624834][ C0] ? __pfx_lock_release+0x10/0x10 [ 1495.629999][ C0] ? kick_pool+0x45c/0x620 [ 1495.634569][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 1495.640139][ C0] ? schedule+0x90/0x320 [ 1495.644508][ C0] schedule+0x14b/0x320 [ 1495.648893][ C0] schedule_preempt_disabled+0x13/0x30 [ 1495.654699][ C0] __mutex_lock+0x6a4/0xd70 [ 1495.659485][ C0] ? __mutex_lock+0x527/0xd70 [ 1495.664312][ C0] ? linkwatch_event+0xe/0x60 [ 1495.669150][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1495.674320][ C0] ? get_rtnl_holder+0x144/0x190 [ 1495.679549][ C0] ? process_scheduled_works+0x945/0x1830 [ 1495.685550][ C0] linkwatch_event+0xe/0x60 [ 1495.690189][ C0] process_scheduled_works+0xa2c/0x1830 [ 1495.695932][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1495.702170][ C0] ? assign_work+0x364/0x3d0 [ 1495.706929][ C0] worker_thread+0x86d/0xd40 [ 1495.711750][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1495.717816][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1495.723069][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1495.728322][ C0] kthread+0x2f0/0x390 [ 1495.732513][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1495.737784][ C0] ? __pfx_kthread+0x10/0x10 [ 1495.742575][ C0] ret_from_fork+0x4b/0x80 [ 1495.747154][ C0] ? __pfx_kthread+0x10/0x10 [ 1495.751875][ C0] ret_from_fork_asm+0x1a/0x30 [ 1495.756814][ C0] [ 1495.759949][ C0] DEBUG: waiting rtnl_mutex for 565 jiffies. [ 1495.766061][ C0] task:dhcpcd state:D stack:20672 pid:4769 tgid:4769 ppid:4768 flags:0x00004002 [ 1495.776381][ C0] Call Trace: [ 1495.779798][ C0] [ 1495.782834][ C0] __schedule+0x1800/0x4a60 [ 1495.787522][ C0] ? __pfx___schedule+0x10/0x10 [ 1495.792591][ C0] ? __pfx_lock_release+0x10/0x10 [ 1495.797763][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1495.803350][ C0] ? schedule+0x90/0x320 [ 1495.807746][ C0] schedule+0x14b/0x320 [ 1495.812028][ C0] schedule_preempt_disabled+0x13/0x30 [ 1495.817643][ C0] __mutex_lock+0x6a4/0xd70 [ 1495.822361][ C0] ? __mutex_lock+0x527/0xd70 [ 1495.827186][ C0] ? rtnl_dumpit+0x9e/0x210 [ 1495.831805][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1495.836984][ C0] ? __alloc_skb+0x28f/0x440 [ 1495.841697][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1495.846886][ C0] ? get_rtnl_holder+0x144/0x190 [ 1495.852002][ C0] ? __pfx_rtnl_dump_ifinfo+0x10/0x10 [ 1495.857536][ C0] rtnl_dumpit+0x9e/0x210 [ 1495.861983][ C0] netlink_dump+0x647/0xd80 [ 1495.866658][ C0] ? __pfx_netlink_dump+0x10/0x10 [ 1495.871906][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1495.878099][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1495.883525][ C0] ? netlink_recvmsg+0x60a/0x11d0 [ 1495.888709][ C0] ? kmem_cache_free+0x145/0x350 [ 1495.893786][ C0] netlink_recvmsg+0x6bb/0x11d0 [ 1495.898807][ C0] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1495.904226][ C0] ? __pfx_aa_sk_perm+0x10/0x10 [ 1495.909240][ C0] ? __pfx___might_resched+0x10/0x10 [ 1495.914659][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1495.919826][ C0] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 1495.925304][ C0] ? security_socket_recvmsg+0x90/0xb0 [ 1495.930899][ C0] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1495.936341][ C0] sock_recvmsg+0x22f/0x280 [ 1495.940980][ C0] ____sys_recvmsg+0x1db/0x470 [ 1495.945906][ C0] ? __pfx_____sys_recvmsg+0x10/0x10 [ 1495.951438][ C0] __sys_recvmsg+0x2f0/0x3e0 [ 1495.956177][ C0] ? __pfx_lock_release+0x10/0x10 [ 1495.961341][ C0] ? __pfx___sys_recvmsg+0x10/0x10 [ 1495.966633][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1495.973181][ C0] ? do_syscall_64+0x100/0x230 [ 1495.978103][ C0] ? do_syscall_64+0xb6/0x230 [ 1495.982912][ C0] do_syscall_64+0xf3/0x230 [ 1495.987585][ C0] ? clear_bhb_loop+0x35/0x90 [ 1495.992396][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1495.998524][ C0] RIP: 0033:0x7f0ded35191e [ 1496.003088][ C0] RSP: 002b:00007fff5e708a88 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1496.011668][ C0] RAX: ffffffffffffffda RBX: 00007fff5e709bb0 RCX: 00007f0ded35191e [ 1496.019799][ C0] RDX: 0000000000000000 RSI: 00007fff5e709ad0 RDI: 000000000000000f [ 1496.027928][ C0] RBP: 00007fff5e709b40 R08: 00007fff5e709ab4 R09: 000000000000000c [ 1496.036055][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 [ 1496.044243][ C0] R13: 00007fff5e709ab4 R14: 00007fff5e709ad0 R15: 00007fff5e709ac0 [ 1496.052566][ C0] [ 1496.055822][ C0] DEBUG: waiting rtnl_mutex for 586 jiffies. [ 1496.061908][ C0] task:syz-executor state:D stack:21288 pid:20453 tgid:20453 ppid:20443 flags:0x00004000 [ 1496.072240][ C0] Call Trace: [ 1496.075668][ C0] [ 1496.078715][ C0] __schedule+0x1800/0x4a60 [ 1496.083370][ C0] ? __pfx___schedule+0x10/0x10 [ 1496.088386][ C0] ? __pfx_lock_release+0x10/0x10 [ 1496.093617][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1496.099245][ C0] ? schedule+0x90/0x320 [ 1496.103729][ C0] schedule+0x14b/0x320 [ 1496.108032][ C0] schedule_preempt_disabled+0x13/0x30 [ 1496.113615][ C0] __mutex_lock+0x6a4/0xd70 [ 1496.118285][ C0] ? __mutex_lock+0x527/0xd70 [ 1496.123099][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1496.128381][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1496.133552][ C0] ? get_rtnl_holder+0x144/0x190 [ 1496.138648][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1496.143719][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1496.148988][ C0] ? __lock_acquire+0x1384/0x2050 [ 1496.154139][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1496.159776][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1496.164670][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1496.170277][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1496.175719][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1496.181061][ C0] netlink_unicast+0x7f6/0x990 [ 1496.185989][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1496.191387][ C0] ? __virt_addr_valid+0x183/0x530 [ 1496.196657][ C0] ? __check_object_size+0x49c/0x900 [ 1496.202069][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1496.207341][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1496.212254][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1496.217863][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1496.223978][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1496.229071][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1496.234469][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1496.240090][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1496.245562][ C0] __sock_sendmsg+0x221/0x270 [ 1496.250385][ C0] __sys_sendto+0x3a4/0x4f0 [ 1496.255034][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1496.260219][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1496.266367][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1496.272844][ C0] __x64_sys_sendto+0xde/0x100 [ 1496.277759][ C0] do_syscall_64+0xf3/0x230 [ 1496.282384][ C0] ? clear_bhb_loop+0x35/0x90 [ 1496.287223][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1496.293249][ C0] RIP: 0033:0x7ff674d778ec [ 1496.297809][ C0] RSP: 002b:00007ffe5c5bd240 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1496.306383][ C0] RAX: ffffffffffffffda RBX: 00007ff675a34620 RCX: 00007ff674d778ec [ 1496.314571][ C0] RDX: 0000000000000028 RSI: 00007ff675a34670 RDI: 0000000000000003 [ 1496.322692][ C0] RBP: 0000000000000000 R08: 00007ffe5c5bd294 R09: 000000000000000c [ 1496.330821][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1496.338949][ C0] R13: 0000000000000000 R14: 00007ff675a34670 R15: 0000000000000000 [ 1496.347165][ C0] [ 1496.350305][ C0] DEBUG: holding rtnl_mutex for 613 jiffies. [ 1496.356451][ C0] task:kworker/u8:9 state:R running task stack:18544 pid:17308 tgid:17308 ppid:2 flags:0x00004008 [ 1496.368528][ C0] Workqueue: netns cleanup_net [ 1496.373441][ C0] Call Trace: [ 1496.376860][ C0] [ 1496.379822][ C0] sched_show_task+0x506/0x6d0 [ 1496.384719][ C0] ? report_rtnl_holders+0x2a5/0x400 [ 1496.390164][ C0] ? __pfx__printk+0x10/0x10 [ 1496.394906][ C0] ? __pfx_sched_show_task+0x10/0x10 [ 1496.400319][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1496.406375][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1496.412835][ C0] report_rtnl_holders+0x327/0x400 [ 1496.418128][ C0] call_timer_fn+0x18e/0x650 [ 1496.422857][ C0] ? call_timer_fn+0xc0/0x650 [ 1496.427785][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1496.433656][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 1496.438933][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1496.444694][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1496.450482][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1496.456275][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1496.461605][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1496.466996][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1496.472854][ C0] __run_timer_base+0x66a/0x8e0 [ 1496.477867][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 1496.483385][ C0] run_timer_softirq+0xb7/0x170 [ 1496.488406][ C0] handle_softirqs+0x2c4/0x970 [ 1496.493395][ C0] ? __irq_exit_rcu+0xf4/0x1c0 [ 1496.498432][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 1496.503931][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 1496.509318][ C0] __irq_exit_rcu+0xf4/0x1c0 [ 1496.514124][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 1496.519599][ C0] irq_exit_rcu+0x9/0x30 [ 1496.524064][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 1496.529874][ C0] [ 1496.532914][ C0] [ 1496.536008][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1496.542212][ C0] RIP: 0010:synchronize_rcu+0x0/0x360 [ 1496.547733][ C0] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 d5 1f 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 [ 1496.567607][ C0] RSP: 0018:ffffc9000369f5d8 EFLAGS: 00000206 [ 1496.573919][ C0] RAX: dffffc0000000000 RBX: 1ffff920006d3ec4 RCX: ffffffff94808903 [ 1496.582079][ C0] RDX: 0000000000000001 RSI: ffffffff8bcae220 RDI: ffffffff8c20aee0 [ 1496.590310][ C0] RBP: ffffc9000369f6b8 R08: ffffffff947f6347 R09: 1ffffffff28fec68 [ 1496.598472][ C0] R10: dffffc0000000000 R11: fffffbfff28fec69 R12: ffffffff947f3eb8 [ 1496.606610][ C0] R13: 1ffff920006d3ec0 R14: 0000000000000202 R15: ffffc9000369f620 [ 1496.614730][ C0] lockdep_unregister_key+0x4b7/0x540 [ 1496.620351][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 1496.626414][ C0] ? rcu_is_watching+0x15/0xb0 [ 1496.631310][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 1496.636072][ C0] __qdisc_destroy+0x165/0x410 [ 1496.641076][ C0] dev_shutdown+0x357/0x450 [ 1496.645746][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 1496.652328][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1496.659310][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1496.665526][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1496.671820][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1496.677642][ C0] ? __pfx___might_resched+0x10/0x10 [ 1496.683140][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1496.689465][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1496.694898][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1496.701247][ C0] cleanup_net+0x89d/0xcc0 [ 1496.706381][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1496.711551][ C0] ? process_scheduled_works+0x945/0x1830 [ 1496.717432][ C0] process_scheduled_works+0xa2c/0x1830 [ 1496.723142][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1496.729303][ C0] ? assign_work+0x364/0x3d0 [ 1496.734193][ C0] worker_thread+0x86d/0xd40 [ 1496.738995][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1496.744254][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1496.749547][ C0] kthread+0x2f0/0x390 [ 1496.753727][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1496.759040][ C0] ? __pfx_kthread+0x10/0x10 [ 1496.763751][ C0] ret_from_fork+0x4b/0x80 [ 1496.768352][ C0] ? __pfx_kthread+0x10/0x10 [ 1496.773089][ C0] ret_from_fork_asm+0x1a/0x30 [ 1496.778061][ C0] [ 1496.781282][ C0] [ 1496.781282][ C0] Showing all locks held in the system: [ 1496.789284][ C0] 2 locks held by syslogd/4537: [ 1496.794308][ C0] #0: ffff8880b953ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 1496.804530][ C0] #1: ffff8880b9528948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770 [ 1496.816222][ C0] 2 locks held by dhcpcd/4769: [ 1496.821109][ C0] #0: ffff8880687ea678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xcb/0xd80 [ 1496.831015][ C0] #1: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 1496.840231][ C0] 2 locks held by getty/4855: [ 1496.845079][ C0] #0: ffff88802add10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1496.855128][ C0] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1496.865543][ C0] 3 locks held by kworker/0:4/5152: [ 1496.870871][ C0] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1496.882208][ C0] #1: ffffc900040f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1496.893460][ C0] #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1496.902735][ C0] 3 locks held by kworker/1:5/5154: [ 1496.908095][ C0] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1496.919351][ C0] #1: ffffc90004117d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1496.930644][ C0] #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 1496.941297][ C0] 6 locks held by kworker/u8:9/17308: [ 1496.946822][ C0] #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1496.958039][ C0] #1: ffffc9000369fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1496.968966][ C0] #2: ffffffff8f5fddd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1496.978696][ C0] #3: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1496.988995][ C0] #4: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1496.999440][ C0] #5: ffffffff8e337a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1497.009677][ C0] 2 locks held by syz.0.3512/19876: [ 1497.015051][ C0] 1 lock held by syz-executor/20453: [ 1497.020455][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1497.030211][ C0] 1 lock held by syz.4.3665/20568: [ 1497.035607][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_route_ioctl+0x4cb/0x870 [ 1497.045270][ C0] 1 lock held by syz.4.3665/20570: [ 1497.050524][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: ip_mroute_setsockopt+0x15b/0x1190 [ 1497.060603][ C0] 1 lock held by syz.0.3667/20575: [ 1497.065860][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1497.075562][ C0] 1 lock held by syz.2.3671/20593: [ 1497.080801][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 1497.090165][ C0] 1 lock held by syz.3.3672/20599: [ 1497.095415][ C0] [ 1497.097851][ C0] ============================================= [ 1497.097851][ C0] [ 1497.206133][T17706] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 1497.569758][ T8] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 1497.827226][ T8] usb 4-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1497.845052][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1497.914260][ T8] usb 4-1: config 0 descriptor?? [ 1497.933209][ T8] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1498.135264][ C0] DEBUG: waiting rtnl_mutex for 775 jiffies. [ 1498.141440][ C0] task:kworker/0:4 state:D stack:18360 pid:5152 tgid:5152 ppid:2 flags:0x00004000 [ 1498.151903][ C0] Workqueue: events linkwatch_event [ 1498.157383][ C0] Call Trace: [ 1498.160807][ C0] [ 1498.163869][ C0] __schedule+0x1800/0x4a60 [ 1498.168588][ C0] ? __pfx___schedule+0x10/0x10 [ 1498.173659][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1498.179795][ C0] ? __pfx_lock_release+0x10/0x10 [ 1498.184986][ C0] ? kick_pool+0x45c/0x620 [ 1498.189671][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 1498.195355][ C0] ? schedule+0x90/0x320 [ 1498.199711][ C0] schedule+0x14b/0x320 [ 1498.203973][ C0] schedule_preempt_disabled+0x13/0x30 [ 1498.209606][ C0] __mutex_lock+0x6a4/0xd70 [ 1498.214241][ C0] ? __mutex_lock+0x527/0xd70 [ 1498.219089][ C0] ? linkwatch_event+0xe/0x60 [ 1498.223884][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1498.229087][ C0] ? get_rtnl_holder+0x144/0x190 [ 1498.234226][ C0] ? process_scheduled_works+0x945/0x1830 [ 1498.240115][ C0] linkwatch_event+0xe/0x60 [ 1498.244737][ C0] process_scheduled_works+0xa2c/0x1830 [ 1498.250471][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1498.256629][ C0] ? assign_work+0x364/0x3d0 [ 1498.261434][ C0] worker_thread+0x86d/0xd40 [ 1498.266185][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1498.272203][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1498.277392][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1498.282621][ C0] kthread+0x2f0/0x390 [ 1498.286804][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1498.292031][ C0] ? __pfx_kthread+0x10/0x10 [ 1498.296773][ C0] ret_from_fork+0x4b/0x80 [ 1498.301311][ C0] ? __pfx_kthread+0x10/0x10 [ 1498.306051][ C0] ret_from_fork_asm+0x1a/0x30 [ 1498.310961][ C0] [ 1498.314083][ C0] DEBUG: waiting rtnl_mutex for 691 jiffies. [ 1498.320215][ C0] task:syz.0.3667 state:D stack:23800 pid:20575 tgid:20574 ppid:20048 flags:0x00000004 [ 1498.330623][ C0] Call Trace: [ 1498.333997][ C0] [ 1498.337409][ C0] __schedule+0x1800/0x4a60 [ 1498.342064][ C0] ? __pfx___schedule+0x10/0x10 [ 1498.347080][ C0] ? __pfx_lock_release+0x10/0x10 [ 1498.352235][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1498.357861][ C0] ? schedule+0x90/0x320 [ 1498.362224][ C0] schedule+0x14b/0x320 [ 1498.366531][ C0] schedule_preempt_disabled+0x13/0x30 [ 1498.372118][ C0] __mutex_lock+0x6a4/0xd70 [ 1498.376786][ C0] ? __mutex_lock+0x527/0xd70 [ 1498.381589][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1498.386852][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1498.392008][ C0] ? get_rtnl_holder+0x144/0x190 [ 1498.397104][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1498.402162][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1498.407413][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1498.413009][ C0] ? ref_tracker_free+0x643/0x7e0 [ 1498.418200][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1498.423095][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1498.428712][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1498.434143][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1498.439465][ C0] netlink_unicast+0x7f6/0x990 [ 1498.444369][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1498.449788][ C0] ? __virt_addr_valid+0x183/0x530 [ 1498.455050][ C0] ? __check_object_size+0x49c/0x900 [ 1498.460491][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1498.465756][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1498.470651][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1498.476085][ C0] ? __import_iovec+0x536/0x820 [ 1498.481226][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1498.486312][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1498.491714][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1498.497320][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1498.502716][ C0] __sock_sendmsg+0x221/0x270 [ 1498.507551][ C0] ____sys_sendmsg+0x525/0x7d0 [ 1498.514842][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1498.520298][ C0] __sys_sendmsg+0x2b0/0x3a0 [ 1498.525072][ C0] ? __pfx___sys_sendmsg+0x10/0x10 [ 1498.530449][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1498.537069][ C0] ? do_syscall_64+0x100/0x230 [ 1498.541968][ C0] ? do_syscall_64+0xb6/0x230 [ 1498.546814][ C0] do_syscall_64+0xf3/0x230 [ 1498.551442][ C0] ? clear_bhb_loop+0x35/0x90 [ 1498.556273][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1498.562297][ C0] RIP: 0033:0x7f9f1e175b59 [ 1498.566874][ C0] RSP: 002b:00007f9f1efa4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1498.575448][ C0] RAX: ffffffffffffffda RBX: 00007f9f1e305f60 RCX: 00007f9f1e175b59 [ 1498.583591][ C0] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 1498.591734][ C0] RBP: 00007f9f1e1e4e5d R08: 0000000000000000 R09: 0000000000000000 [ 1498.599842][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1498.607964][ C0] R13: 000000000000000b R14: 00007f9f1e305f60 R15: 00007ffd05b52128 [ 1498.616122][ C0] [ 1498.619247][ C0] DEBUG: waiting rtnl_mutex for 560 jiffies. [ 1498.625374][ C0] task:syz.4.3665 state:D stack:24400 pid:20568 tgid:20566 ppid:19428 flags:0x00000004 [ 1498.635718][ C0] Call Trace: [ 1498.639118][ C0] [ 1498.642200][ C0] __schedule+0x1800/0x4a60 [ 1498.646892][ C0] ? __pfx___schedule+0x10/0x10 [ 1498.651959][ C0] ? __pfx_lock_release+0x10/0x10 [ 1498.657152][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1498.662746][ C0] ? schedule+0x90/0x320 [ 1498.667150][ C0] schedule+0x14b/0x320 [ 1498.671439][ C0] schedule_preempt_disabled+0x13/0x30 [ 1498.677053][ C0] __mutex_lock+0x6a4/0xd70 [ 1498.681686][ C0] ? __mutex_lock+0x527/0xd70 [ 1498.686520][ C0] ? ipv6_route_ioctl+0x4cb/0x870 [ 1498.691676][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1498.696862][ C0] ? bpf_lsm_capable+0x9/0x10 [ 1498.701664][ C0] ? security_capable+0x90/0xb0 [ 1498.706673][ C0] ? get_rtnl_holder+0x144/0x190 [ 1498.711816][ C0] ipv6_route_ioctl+0x4cb/0x870 [ 1498.716844][ C0] ? __pfx_ipv6_route_ioctl+0x10/0x10 [ 1498.722480][ C0] ? __might_fault+0xc6/0x120 [ 1498.727479][ C0] inet6_ioctl+0x21a/0x280 [ 1498.732006][ C0] ? __pfx_inet6_ioctl+0x10/0x10 [ 1498.737125][ C0] sock_do_ioctl+0x158/0x460 [ 1498.741932][ C0] ? __pfx_sock_do_ioctl+0x10/0x10 [ 1498.747220][ C0] sock_ioctl+0x629/0x8e0 [ 1498.751771][ C0] ? __pfx_sock_ioctl+0x10/0x10 [ 1498.756782][ C0] ? __fget_files+0x29/0x470 [ 1498.761489][ C0] ? __fget_files+0x3f6/0x470 [ 1498.766309][ C0] ? __fget_files+0x29/0x470 [ 1498.771030][ C0] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1498.776139][ C0] ? security_file_ioctl+0x87/0xb0 [ 1498.781387][ C0] ? __pfx_sock_ioctl+0x10/0x10 [ 1498.786408][ C0] __se_sys_ioctl+0xfc/0x170 [ 1498.791135][ C0] do_syscall_64+0xf3/0x230 [ 1498.795841][ C0] ? clear_bhb_loop+0x35/0x90 [ 1498.800648][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1498.806697][ C0] RIP: 0033:0x7f2db5575b59 [ 1498.811248][ C0] RSP: 002b:00007f2db6266048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1498.819857][ C0] RAX: ffffffffffffffda RBX: 00007f2db5705f60 RCX: 00007f2db5575b59 [ 1498.828010][ C0] RDX: 00000000200000c0 RSI: 000000000000890b RDI: 0000000000000009 [ 1498.836152][ C0] RBP: 00007f2db55e4e5d R08: 0000000000000000 R09: 0000000000000000 [ 1498.844235][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1498.852419][ C0] R13: 000000000000000b R14: 00007f2db5705f60 R15: 00007fffee458e58 [ 1498.860569][ C0] [ 1498.863708][ C0] DEBUG: waiting rtnl_mutex for 555 jiffies. [ 1498.869829][ C0] task:syz.4.3665 state:D stack:25272 pid:20570 tgid:20566 ppid:19428 flags:0x00000004 [ 1498.880275][ C0] Call Trace: [ 1498.883675][ C0] [ 1498.886796][ C0] __schedule+0x1800/0x4a60 [ 1498.891455][ C0] ? __pfx___schedule+0x10/0x10 [ 1498.896483][ C0] ? __pfx_lock_release+0x10/0x10 [ 1498.901733][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1498.907353][ C0] ? schedule+0x90/0x320 [ 1498.911717][ C0] schedule+0x14b/0x320 [ 1498.916025][ C0] schedule_preempt_disabled+0x13/0x30 [ 1498.921605][ C0] __mutex_lock+0x6a4/0xd70 [ 1498.926268][ C0] ? __mutex_lock+0x527/0xd70 [ 1498.931158][ C0] ? ip_mroute_setsockopt+0x15b/0x1190 [ 1498.936759][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1498.941912][ C0] ? get_rtnl_holder+0x144/0x190 [ 1498.947435][ C0] ip_mroute_setsockopt+0x15b/0x1190 [ 1498.952837][ C0] ? schedule+0x90/0x320 [ 1498.957229][ C0] ? schedule+0x90/0x320 [ 1498.961626][ C0] ? __pfx_ip_mroute_setsockopt+0x10/0x10 [ 1498.967513][ C0] do_ip_setsockopt+0x129f/0x3cd0 [ 1498.972747][ C0] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1498.978275][ C0] ? aa_sk_perm+0x96d/0xab0 [ 1498.982910][ C0] ? __pfx_aa_sk_perm+0x10/0x10 [ 1498.987920][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1498.993070][ C0] ? aa_sock_opt_perm+0x79/0x120 [ 1498.998156][ C0] ip_setsockopt+0x63/0x100 [ 1499.002781][ C0] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1499.008827][ C0] do_sock_setsockopt+0x3af/0x720 [ 1499.013984][ C0] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1499.019679][ C0] ? __fget_files+0x29/0x470 [ 1499.024380][ C0] ? __fget_files+0x3f6/0x470 [ 1499.029202][ C0] __sys_setsockopt+0x1ae/0x250 [ 1499.034177][ C0] __x64_sys_setsockopt+0xb5/0xd0 [ 1499.039352][ C0] do_syscall_64+0xf3/0x230 [ 1499.043991][ C0] ? clear_bhb_loop+0x35/0x90 [ 1499.048826][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1499.054856][ C0] RIP: 0033:0x7f2db5575b59 [ 1499.059394][ C0] RSP: 002b:00007f2db4fff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1499.067971][ C0] RAX: ffffffffffffffda RBX: 00007f2db5706038 RCX: 00007f2db5575b59 [ 1499.076087][ C0] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 000000000000000b [ 1499.084179][ C0] RBP: 00007f2db55e4e5d R08: 000000000000003c R09: 0000000000000000 [ 1499.092305][ C0] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000 [ 1499.100433][ C0] R13: 000000000000006e R14: 00007f2db5706038 R15: 00007fffee458e58 [ 1499.108575][ C0] [ 1499.111707][ C0] DEBUG: waiting rtnl_mutex for 900 jiffies. [ 1499.117818][ C0] task:dhcpcd state:D stack:20672 pid:4769 tgid:4769 ppid:4768 flags:0x00004002 [ 1499.128348][ C0] Call Trace: [ 1499.131731][ C0] [ 1499.134787][ C0] __schedule+0x1800/0x4a60 [ 1499.139435][ C0] ? __pfx___schedule+0x10/0x10 [ 1499.144422][ C0] ? __pfx_lock_release+0x10/0x10 [ 1499.149606][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1499.155206][ C0] ? schedule+0x90/0x320 [ 1499.159568][ C0] schedule+0x14b/0x320 [ 1499.163850][ C0] schedule_preempt_disabled+0x13/0x30 [ 1499.169474][ C0] __mutex_lock+0x6a4/0xd70 [ 1499.174104][ C0] ? __mutex_lock+0x527/0xd70 [ 1499.178946][ C0] ? rtnl_dumpit+0x9e/0x210 [ 1499.183669][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1499.188854][ C0] ? __alloc_skb+0x28f/0x440 [ 1499.193572][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1499.198778][ C0] ? get_rtnl_holder+0x144/0x190 [ 1499.203840][ C0] ? __pfx_rtnl_dump_ifinfo+0x10/0x10 [ 1499.209363][ C0] rtnl_dumpit+0x9e/0x210 [ 1499.213827][ C0] netlink_dump+0x647/0xd80 [ 1499.218492][ C0] ? __pfx_netlink_dump+0x10/0x10 [ 1499.223728][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1499.229886][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1499.235335][ C0] ? netlink_recvmsg+0x60a/0x11d0 [ 1499.240474][ C0] ? kmem_cache_free+0x145/0x350 [ 1499.245564][ C0] netlink_recvmsg+0x6bb/0x11d0 [ 1499.250551][ C0] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1499.256011][ C0] ? __pfx_aa_sk_perm+0x10/0x10 [ 1499.261019][ C0] ? __pfx___might_resched+0x10/0x10 [ 1499.266455][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1499.271562][ C0] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 1499.277022][ C0] ? security_socket_recvmsg+0x90/0xb0 [ 1499.282597][ C0] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1499.288042][ C0] sock_recvmsg+0x22f/0x280 [ 1499.292686][ C0] ____sys_recvmsg+0x1db/0x470 [ 1499.297618][ C0] ? __pfx_____sys_recvmsg+0x10/0x10 [ 1499.303147][ C0] __sys_recvmsg+0x2f0/0x3e0 [ 1499.307920][ C0] ? __pfx_lock_release+0x10/0x10 [ 1499.313153][ C0] ? __pfx___sys_recvmsg+0x10/0x10 [ 1499.318461][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1499.325050][ C0] ? do_syscall_64+0x100/0x230 [ 1499.329950][ C0] ? do_syscall_64+0xb6/0x230 [ 1499.334798][ C0] do_syscall_64+0xf3/0x230 [ 1499.339423][ C0] ? clear_bhb_loop+0x35/0x90 [ 1499.344256][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1499.350321][ C0] RIP: 0033:0x7f0ded35191e [ 1499.354887][ C0] RSP: 002b:00007fff5e708a88 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1499.363565][ C0] RAX: ffffffffffffffda RBX: 00007fff5e709bb0 RCX: 00007f0ded35191e [ 1499.371732][ C0] RDX: 0000000000000000 RSI: 00007fff5e709ad0 RDI: 000000000000000f [ 1499.379880][ C0] RBP: 00007fff5e709b40 R08: 00007fff5e709ab4 R09: 000000000000000c [ 1499.388042][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 [ 1499.396170][ C0] R13: 00007fff5e709ab4 R14: 00007fff5e709ad0 R15: 00007fff5e709ac0 [ 1499.404318][ C0] [ 1499.407500][ C0] DEBUG: waiting rtnl_mutex for 921 jiffies. [ 1499.413597][ C0] task:syz-executor state:D stack:21288 pid:20453 tgid:20453 ppid:20443 flags:0x00004000 [ 1499.423976][ C0] Call Trace: [ 1499.427402][ C0] [ 1499.430477][ C0] __schedule+0x1800/0x4a60 [ 1499.435203][ C0] ? __pfx___schedule+0x10/0x10 [ 1499.440306][ C0] ? __pfx_lock_release+0x10/0x10 [ 1499.446358][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1499.451959][ C0] ? schedule+0x90/0x320 [ 1499.456369][ C0] schedule+0x14b/0x320 [ 1499.460651][ C0] schedule_preempt_disabled+0x13/0x30 [ 1499.466289][ C0] __mutex_lock+0x6a4/0xd70 [ 1499.471025][ C0] ? __mutex_lock+0x527/0xd70 [ 1499.475876][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1499.481214][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1499.486416][ C0] ? get_rtnl_holder+0x144/0x190 [ 1499.491571][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1499.496691][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1499.502043][ C0] ? __lock_acquire+0x1384/0x2050 [ 1499.507251][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1499.512932][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1499.517869][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1499.523548][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1499.529027][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1499.534444][ C0] netlink_unicast+0x7f6/0x990 [ 1499.539393][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1499.544966][ C0] ? __virt_addr_valid+0x183/0x530 [ 1499.550211][ C0] ? __check_object_size+0x49c/0x900 [ 1499.555652][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1499.560895][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1499.565946][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1499.571425][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1499.577583][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1499.582753][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1499.588223][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1499.593903][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1499.599353][ C0] __sock_sendmsg+0x221/0x270 [ 1499.604232][ C0] __sys_sendto+0x3a4/0x4f0 [ 1499.608898][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1499.614073][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1499.620255][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1499.626867][ C0] __x64_sys_sendto+0xde/0x100 [ 1499.631856][ C0] do_syscall_64+0xf3/0x230 [ 1499.636513][ C0] ? clear_bhb_loop+0x35/0x90 [ 1499.641320][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1499.647383][ C0] RIP: 0033:0x7ff674d778ec [ 1499.651928][ C0] RSP: 002b:00007ffe5c5bd240 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1499.660521][ C0] RAX: ffffffffffffffda RBX: 00007ff675a34620 RCX: 00007ff674d778ec [ 1499.668830][ C0] RDX: 0000000000000028 RSI: 00007ff675a34670 RDI: 0000000000000003 [ 1499.677074][ C0] RBP: 0000000000000000 R08: 00007ffe5c5bd294 R09: 000000000000000c [ 1499.685224][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1499.693387][ C0] R13: 0000000000000000 R14: 00007ff675a34670 R15: 0000000000000000 [ 1499.701581][ C0] [ 1499.704868][ C0] DEBUG: holding rtnl_mutex for 948 jiffies. [ 1499.710962][ C0] task:kworker/u8:9 state:D stack:18544 pid:17308 tgid:17308 ppid:2 flags:0x00004000 [ 1499.721404][ C0] Workqueue: netns cleanup_net [ 1499.726451][ C0] Call Trace: [ 1499.729837][ C0] [ 1499.732866][ C0] __schedule+0x1800/0x4a60 [ 1499.737562][ C0] ? __pfx___schedule+0x10/0x10 [ 1499.742637][ C0] ? __pfx_lock_release+0x10/0x10 [ 1499.747980][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1499.754021][ C0] ? kthread_data+0x52/0xd0 [ 1499.758707][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1499.764040][ C0] ? schedule+0x90/0x320 [ 1499.768457][ C0] schedule+0x14b/0x320 [ 1499.772736][ C0] synchronize_rcu_expedited+0x684/0x830 [ 1499.778561][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1499.785022][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1499.790532][ C0] ? __pfx___might_resched+0x10/0x10 [ 1499.795999][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1499.802201][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1499.808445][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1499.814972][ C0] synchronize_rcu+0x11b/0x360 [ 1499.819985][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 1499.825446][ C0] lockdep_unregister_key+0x4b7/0x540 [ 1499.831028][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 1499.837099][ C0] ? rcu_is_watching+0x15/0xb0 [ 1499.841994][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 1499.846762][ C0] __qdisc_destroy+0x165/0x410 [ 1499.851772][ C0] dev_shutdown+0x9b/0x450 [ 1499.856360][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 1499.863008][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1499.869959][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1499.876109][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1499.882400][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1499.888199][ C0] ? __pfx___might_resched+0x10/0x10 [ 1499.893699][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1499.900028][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1499.905594][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1499.911980][ C0] cleanup_net+0x89d/0xcc0 [ 1499.916617][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1499.921786][ C0] ? process_scheduled_works+0x945/0x1830 [ 1499.927707][ C0] process_scheduled_works+0xa2c/0x1830 [ 1499.933506][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1499.939751][ C0] ? assign_work+0x364/0x3d0 [ 1499.944564][ C0] worker_thread+0x86d/0xd40 [ 1499.949338][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1499.954572][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1499.959933][ C0] kthread+0x2f0/0x390 [ 1499.964211][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1499.969493][ C0] ? __pfx_kthread+0x10/0x10 [ 1499.974234][ C0] ret_from_fork+0x4b/0x80 [ 1499.978883][ C0] ? __pfx_kthread+0x10/0x10 [ 1499.983684][ C0] ret_from_fork_asm+0x1a/0x30 [ 1499.988656][ C0] [ 1499.991892][ C0] [ 1499.991892][ C0] Showing all locks held in the system: [ 1499.999856][ C0] 5 locks held by kworker/0:0/8: [ 1500.004973][ C0] 1 lock held by kswapd0/90: [ 1500.009708][ C0] 4 locks held by kworker/u8:8/2815: [ 1500.015157][ C0] #0: ffff88802ae3d948 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1500.026788][ C0] #1: ffffc90009857d00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1500.040246][ C0] #2: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1500.050626][ C0] #3: ffffffff8e337a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1500.060830][ C0] 2 locks held by dhcpcd/4769: [ 1500.065855][ C0] #0: ffff8880687ea678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xcb/0xd80 [ 1500.075744][ C0] #1: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 1500.084860][ C0] 2 locks held by getty/4855: [ 1500.089681][ C0] #0: ffff88802add10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1500.099867][ C0] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1500.110307][ C0] 3 locks held by kworker/0:4/5152: [ 1500.115645][ C0] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1500.126921][ C0] #1: ffffc900040f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1500.138290][ C0] #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1500.147523][ C0] 3 locks held by kworker/1:5/5154: [ 1500.152849][ C0] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1500.164127][ C0] #1: ffffc90004117d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1500.175411][ C0] #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 1500.186200][ C0] 5 locks held by kworker/u8:9/17308: [ 1500.191802][ C0] #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1500.203033][ C0] #1: ffffc9000369fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1500.213878][ C0] #2: ffffffff8f5fddd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1500.223583][ C0] #3: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1500.233906][ C0] #4: ffffffff8e33ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 1500.245107][ C0] 1 lock held by syz-executor/20453: [ 1500.250506][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1500.260189][ C0] 1 lock held by syz.4.3665/20568: [ 1500.265449][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_route_ioctl+0x4cb/0x870 [ 1500.275064][ C0] 1 lock held by syz.4.3665/20570: [ 1500.280296][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: ip_mroute_setsockopt+0x15b/0x1190 [ 1500.290368][ C0] 1 lock held by syz.0.3667/20575: [ 1500.295639][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1500.305352][ C0] 1 lock held by syz.2.3671/20593: [ 1500.310584][ C0] #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 1500.320007][ C0] 4 locks held by udevd/20603: [ 1500.324943][ C0] #0: ffff88806d183790 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60 [ 1500.334008][ C0] #1: ffff88802783e488 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0 [ 1500.343815][ C0] #2: ffff88802e8ccc38 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 [ 1500.353527][ C0] #3: ffff8880700da190 (&dev->mutex){....}-{3:3}, at: uevent_show+0x17d/0x340 [ 1500.362832][ C0] [ 1500.365300][ C0] ============================================= [ 1500.365300][ C0] [ 1500.619137][ T8] gspca_sonixj: reg_r err -71 [ 1500.624030][ T8] sonixj 4-1:0.0: probe with driver sonixj failed with error -71 [ 1500.665755][ T8] usb 4-1: USB disconnect, device number 60 [ 1500.877628][T20453] team0: Port device team_slave_1 added [ 1500.983687][T20575] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3667'. [ 1501.181926][T20453] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1501.241703][T20453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1501.367370][T20609] loop2: detected capacity change from 0 to 1024 [ 1501.394031][T20453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1501.431036][T20609] hfsplus: failed to load root directory [ 1501.505022][T20453] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1501.512138][T20453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1501.665279][T20453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1501.836165][T20609] loop2: detected capacity change from 0 to 1024 [ 1501.966345][T20609] hfsplus: extend alloc file! (8192,65536,366) [ 1502.004831][ T54] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1502.102918][ T54] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1502.113673][ T54] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1502.122245][ T54] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1502.132929][ T54] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1502.140419][ T54] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1502.328308][T20453] hsr_slave_0: entered promiscuous mode [ 1502.436371][T20453] hsr_slave_1: entered promiscuous mode [ 1502.624102][T17706] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1502.635557][T17706] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1502.645537][T17706] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1502.661838][T17706] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1502.670175][T17706] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1502.677874][T17706] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1503.132882][ C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1503.132888][ T1800] usb 5-1: USB disconnect, device number 52 [ 1503.132939][ C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1503.156214][ C0] ================================================================== [ 1503.164291][ C0] BUG: KASAN: slab-use-after-free in register_lock_class+0x8db/0x980 [ 1503.172377][ C0] Read of size 1 at addr ffff8880496f1891 by task udevd/20602 [ 1503.179848][ C0] [ 1503.182178][ C0] CPU: 0 UID: 0 PID: 20602 Comm: udevd Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1503.191634][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1503.201669][ C0] Call Trace: [ 1503.204929][ C0] [ 1503.207754][ C0] dump_stack_lvl+0x241/0x360 [ 1503.212413][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1503.217585][ C0] ? __pfx__printk+0x10/0x10 [ 1503.222155][ C0] ? _printk+0xd5/0x120 [ 1503.226289][ C0] ? __virt_addr_valid+0x183/0x530 [ 1503.231372][ C0] ? __virt_addr_valid+0x183/0x530 [ 1503.236457][ C0] print_report+0x169/0x550 [ 1503.240937][ C0] ? __virt_addr_valid+0x183/0x530 [ 1503.246018][ C0] ? __virt_addr_valid+0x183/0x530 [ 1503.251101][ C0] ? __virt_addr_valid+0x45f/0x530 [ 1503.256184][ C0] ? __phys_addr+0xba/0x170 [ 1503.260662][ C0] ? register_lock_class+0x8db/0x980 [ 1503.265922][ C0] kasan_report+0x143/0x180 [ 1503.270399][ C0] ? register_lock_class+0x8db/0x980 [ 1503.275661][ C0] register_lock_class+0x8db/0x980 [ 1503.280751][ C0] ? __pfx_register_lock_class+0x10/0x10 [ 1503.286361][ C0] ? __lock_acquire+0x1384/0x2050 [ 1503.291363][ C0] __lock_acquire+0xf0/0x2050 [ 1503.296021][ C0] lock_acquire+0x1ed/0x550 [ 1503.300500][ C0] ? __wake_up_common_lock+0x25/0x1e0 [ 1503.305852][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1503.310855][ C0] ? __usb_hcd_giveback_urb+0x42c/0x6e0 [ 1503.316380][ C0] ? __pfx_lock_release+0x10/0x10 [ 1503.321397][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1503.326573][ C0] ? _raw_spin_lock_irqsave+0xe1/0x120 [ 1503.332034][ C0] _raw_spin_lock_irqsave+0xd5/0x120 [ 1503.337295][ C0] ? __wake_up_common_lock+0x25/0x1e0 [ 1503.342643][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 1503.348513][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1503.354379][ C0] __wake_up_common_lock+0x25/0x1e0 [ 1503.359556][ C0] __usb_hcd_giveback_urb+0x4ff/0x6e0 [ 1503.364908][ C0] ? __pfx___usb_hcd_giveback_urb+0x10/0x10 [ 1503.370779][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1503.375963][ C0] dummy_timer+0x830/0x45a0 [ 1503.380445][ C0] ? __pfx_lock_release+0x10/0x10 [ 1503.385448][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1503.391754][ C0] ? __hrtimer_run_queues+0x477/0xd50 [ 1503.397101][ C0] ? __pfx_lock_release+0x10/0x10 [ 1503.402102][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1503.407276][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 1503.412191][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 1503.417112][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 1503.422285][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 1503.428249][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1503.433945][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 1503.439990][ C0] hrtimer_interrupt+0x396/0x990 [ 1503.444912][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 1503.450872][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1503.456483][ C0] [ 1503.459392][ C0] [ 1503.462298][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1503.468256][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 1503.474302][ C0] Code: 8b 3d fc b9 4b 0c 48 89 de 5b e9 13 bb 5b 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 40 d7 03 00 65 8b 15 20 fe 6f 7e f7 c2 00 01 ff 00 [ 1503.493884][ C0] RSP: 0018:ffffc9000cddf298 EFLAGS: 00000293 [ 1503.499993][ C0] RAX: ffffffff81335832 RBX: 0000000000000001 RCX: ffff888029c5bc00 [ 1503.507941][ C0] RDX: ffff888029c5bc00 RSI: 0000000000000001 RDI: 0000000000000040 [ 1503.515887][ C0] RBP: 0000000000000000 R08: ffffffff81335827 R09: 0000000000000000 [ 1503.523832][ C0] R10: ffffc9000cddf340 R11: fffff520019bbe74 R12: 0000000000000001 [ 1503.531776][ C0] R13: ffff888029c5bc00 R14: ffffc9000cddf360 R15: ffffc9000cddf340 [ 1503.539743][ C0] ? get_stack_info+0xf7/0x180 [ 1503.544524][ C0] ? get_stack_info+0x102/0x180 [ 1503.549356][ C0] get_stack_info+0x102/0x180 [ 1503.554008][ C0] __unwind_start+0x481/0x7c0 [ 1503.558666][ C0] ? kernel_text_address+0xa7/0xe0 [ 1503.563751][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1503.569880][ C0] arch_stack_walk+0x103/0x1b0 [ 1503.574619][ C0] ? __unwind_start+0x2bc/0x7c0 [ 1503.579450][ C0] stack_trace_save+0x118/0x1d0 [ 1503.584277][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1503.589627][ C0] kasan_save_track+0x3f/0x80 [ 1503.594291][ C0] __kasan_slab_alloc+0x66/0x80 [ 1503.599114][ C0] ? seq_open+0x62/0x140 [ 1503.603332][ C0] kmem_cache_alloc_noprof+0x135/0x2a0 [ 1503.608765][ C0] seq_open+0x62/0x140 [ 1503.612812][ C0] kernfs_fop_open+0x635/0xd10 [ 1503.617666][ C0] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1503.622945][ C0] do_dentry_open+0x970/0x1440 [ 1503.627697][ C0] vfs_open+0x3e/0x330 [ 1503.631750][ C0] path_openat+0x2b3e/0x3470 [ 1503.636328][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1503.641679][ C0] ? __lock_acquire+0x1384/0x2050 [ 1503.646690][ C0] ? __pfx_path_openat+0x10/0x10 [ 1503.651612][ C0] do_filp_open+0x235/0x490 [ 1503.656098][ C0] ? __pfx_do_filp_open+0x10/0x10 [ 1503.661103][ C0] ? _raw_spin_unlock+0x28/0x50 [ 1503.666015][ C0] ? alloc_fd+0x5a1/0x640 [ 1503.670321][ C0] do_sys_openat2+0x13e/0x1d0 [ 1503.674971][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 1503.680176][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 1503.685348][ C0] ? sched_clock_cpu+0x76/0x490 [ 1503.690260][ C0] ? ktime_get+0x9b/0xb0 [ 1503.694477][ C0] ? lapic_next_event+0x11/0x20 [ 1503.699304][ C0] ? clockevents_program_event+0x240/0x350 [ 1503.705089][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 1503.710348][ C0] __x64_sys_openat+0x247/0x2a0 [ 1503.715175][ C0] ? __pfx___x64_sys_openat+0x10/0x10 [ 1503.720524][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1503.726827][ C0] ? __irq_exit_rcu+0x100/0x1c0 [ 1503.731653][ C0] ? do_syscall_64+0xb6/0x230 [ 1503.736307][ C0] do_syscall_64+0xf3/0x230 [ 1503.740783][ C0] ? clear_bhb_loop+0x35/0x90 [ 1503.745439][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1503.751306][ C0] RIP: 0033:0x7f11139759a4 [ 1503.755695][ C0] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 1503.775274][ C0] RSP: 002b:00007fffd107f1b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1503.783669][ C0] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f11139759a4 [ 1503.791616][ C0] RDX: 0000000000080000 RSI: 00007fffd107f2e8 RDI: 00000000ffffff9c [ 1503.799567][ C0] RBP: 00007fffd107f2e8 R08: 0000000000000008 R09: 0000000000000001 [ 1503.807510][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080000 [ 1503.815454][ C0] R13: 0000556da9473b42 R14: 0000000000000001 R15: 0000556da948f160 [ 1503.823421][ C0] [ 1503.826422][ C0] [ 1503.828740][ C0] Allocated by task 8: [ 1503.832779][ C0] kasan_save_track+0x3f/0x80 [ 1503.837445][ C0] __kasan_kmalloc+0x98/0xb0 [ 1503.842013][ C0] __kmalloc_cache_noprof+0x19c/0x2c0 [ 1503.847363][ C0] xpad_probe+0x3c8/0x1b90 [ 1503.851758][ C0] usb_probe_interface+0x645/0xbb0 [ 1503.856844][ C0] really_probe+0x2b8/0xad0 [ 1503.861325][ C0] __driver_probe_device+0x1a2/0x390 [ 1503.866587][ C0] driver_probe_device+0x50/0x430 [ 1503.871590][ C0] __device_attach_driver+0x2d6/0x530 [ 1503.876938][ C0] bus_for_each_drv+0x24e/0x2e0 [ 1503.881768][ C0] __device_attach+0x333/0x520 [ 1503.886506][ C0] bus_probe_device+0x189/0x260 [ 1503.891335][ C0] device_add+0x856/0xbf0 [ 1503.895640][ C0] usb_set_configuration+0x1976/0x1fb0 [ 1503.901071][ C0] usb_generic_driver_probe+0x88/0x140 [ 1503.906503][ C0] usb_probe_device+0x1b8/0x380 [ 1503.911333][ C0] really_probe+0x2b8/0xad0 [ 1503.916071][ C0] __driver_probe_device+0x1a2/0x390 [ 1503.921330][ C0] driver_probe_device+0x50/0x430 [ 1503.926332][ C0] __device_attach_driver+0x2d6/0x530 [ 1503.931768][ C0] bus_for_each_drv+0x24e/0x2e0 [ 1503.936589][ C0] __device_attach+0x333/0x520 [ 1503.941325][ C0] bus_probe_device+0x189/0x260 [ 1503.946147][ C0] device_add+0x856/0xbf0 [ 1503.950448][ C0] usb_new_device+0x104a/0x19a0 [ 1503.955270][ C0] hub_event+0x2d6d/0x5150 [ 1503.959659][ C0] process_scheduled_works+0xa2c/0x1830 [ 1503.965182][ C0] worker_thread+0x86d/0xd40 [ 1503.969831][ C0] kthread+0x2f0/0x390 [ 1503.973960][ C0] ret_from_fork+0x4b/0x80 [ 1503.978350][ C0] ret_from_fork_asm+0x1a/0x30 [ 1503.983089][ C0] [ 1503.985394][ C0] Freed by task 1800: [ 1503.989344][ C0] kasan_save_track+0x3f/0x80 [ 1503.994003][ C0] kasan_save_free_info+0x40/0x50 [ 1503.999005][ C0] poison_slab_object+0xe0/0x150 [ 1504.003913][ C0] __kasan_slab_free+0x37/0x60 [ 1504.008651][ C0] kfree+0x149/0x360 [ 1504.012518][ C0] xpad_disconnect+0x359/0x490 [ 1504.017339][ C0] usb_unbind_interface+0x25e/0x940 [ 1504.022513][ C0] device_release_driver_internal+0x503/0x7c0 [ 1504.028556][ C0] bus_remove_device+0x34f/0x420 [ 1504.033471][ C0] device_del+0x57a/0x9b0 [ 1504.037778][ C0] usb_disable_device+0x3bf/0x850 [ 1504.042775][ C0] usb_disconnect+0x340/0x950 [ 1504.047426][ C0] hub_event+0x1ebc/0x5150 [ 1504.051820][ C0] process_scheduled_works+0xa2c/0x1830 [ 1504.057341][ C0] worker_thread+0x86d/0xd40 [ 1504.061922][ C0] kthread+0x2f0/0x390 [ 1504.065962][ C0] ret_from_fork+0x4b/0x80 [ 1504.070368][ C0] ret_from_fork_asm+0x1a/0x30 [ 1504.075109][ C0] [ 1504.077410][ C0] Last potentially related work creation: [ 1504.083095][ C0] kasan_save_stack+0x3f/0x60 [ 1504.087746][ C0] __kasan_record_aux_stack+0xac/0xc0 [ 1504.093102][ C0] insert_work+0x3e/0x330 [ 1504.097415][ C0] __queue_work+0xc8b/0xf50 [ 1504.101892][ C0] queue_work_on+0x1c2/0x380 [ 1504.106472][ C0] xpad_irq_in+0xab0/0x2510 [ 1504.110948][ C0] __usb_hcd_giveback_urb+0x42c/0x6e0 [ 1504.116297][ C0] dummy_timer+0x830/0x45a0 [ 1504.120776][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 1504.125950][ C0] hrtimer_interrupt+0x396/0x990 [ 1504.130861][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 1504.136906][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1504.142514][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1504.148469][ C0] [ 1504.150768][ C0] Second to last potentially related work creation: [ 1504.157668][ C0] kasan_save_stack+0x3f/0x60 [ 1504.162321][ C0] __kasan_record_aux_stack+0xac/0xc0 [ 1504.167667][ C0] insert_work+0x3e/0x330 [ 1504.171970][ C0] __queue_work+0xc8b/0xf50 [ 1504.176571][ C0] queue_work_on+0x1c2/0x380 [ 1504.181136][ C0] xpad_irq_in+0xab0/0x2510 [ 1504.185609][ C0] __usb_hcd_giveback_urb+0x42c/0x6e0 [ 1504.190978][ C0] dummy_timer+0x830/0x45a0 [ 1504.195481][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 1504.200668][ C0] hrtimer_interrupt+0x396/0x990 [ 1504.205588][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 1504.211550][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1504.217158][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1504.223111][ C0] [ 1504.225413][ C0] The buggy address belongs to the object at ffff8880496f1800 [ 1504.225413][ C0] which belongs to the cache kmalloc-1k of size 1024 [ 1504.239437][ C0] The buggy address is located 145 bytes inside of [ 1504.239437][ C0] freed 1024-byte region [ffff8880496f1800, ffff8880496f1c00) [ 1504.253291][ C0] [ 1504.255589][ C0] The buggy address belongs to the physical page: [ 1504.261978][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x496f0 [ 1504.270710][ C0] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1504.279265][ C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1504.287219][ C0] page_type: 0xfdffffff(slab) [ 1504.291959][ C0] raw: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001 [ 1504.300516][ C0] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 1504.309163][ C0] head: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001 [ 1504.317804][ C0] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 1504.326446][ C0] head: 00fff00000000003 ffffea000125bc01 ffffffffffffffff 0000000000000000 [ 1504.335090][ C0] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 1504.343728][ C0] page dumped because: kasan: bad access detected [ 1504.350116][ C0] page_owner tracks the page as allocated [ 1504.355799][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 11, tgid 11 (kworker/u8:0), ts 1294232219711, free_ts 1289014486860 [ 1504.376430][ C0] post_alloc_hook+0x1f3/0x230 [ 1504.381181][ C0] get_page_from_freelist+0x2ccb/0x2d80 [ 1504.386700][ C0] __alloc_pages_noprof+0x256/0x6c0 [ 1504.391871][ C0] alloc_slab_page+0x5f/0x120 [ 1504.396524][ C0] allocate_slab+0x5a/0x2f0 [ 1504.401002][ C0] ___slab_alloc+0xcd1/0x14b0 [ 1504.405656][ C0] __slab_alloc+0x58/0xa0 [ 1504.409964][ C0] __kmalloc_noprof+0x25a/0x400 [ 1504.414791][ C0] ___neigh_create+0x691/0x2470 [ 1504.419617][ C0] ip6_finish_output2+0x1631/0x1680 [ 1504.424790][ C0] ip6_finish_output+0x41e/0x810 [ 1504.429706][ C0] ndisc_send_skb+0xab2/0x1380 [ 1504.434450][ C0] ndisc_send_ns+0xcc/0x160 [ 1504.438926][ C0] addrconf_dad_work+0xb45/0x16f0 [ 1504.443928][ C0] process_scheduled_works+0xa2c/0x1830 [ 1504.449452][ C0] worker_thread+0x86d/0xd40 [ 1504.454019][ C0] page last free pid 17702 tgid 17702 stack trace: [ 1504.460488][ C0] free_unref_page+0xd22/0xea0 [ 1504.465225][ C0] __put_partials+0xeb/0x130 [ 1504.469790][ C0] put_cpu_partial+0x17c/0x250 [ 1504.474527][ C0] __slab_free+0x2ea/0x3d0 [ 1504.478918][ C0] qlist_free_all+0x9e/0x140 [ 1504.483485][ C0] kasan_quarantine_reduce+0x14f/0x170 [ 1504.488918][ C0] __kasan_slab_alloc+0x23/0x80 [ 1504.493739][ C0] kmem_cache_alloc_node_noprof+0x16b/0x320 [ 1504.499607][ C0] __alloc_skb+0x1c3/0x440 [ 1504.503998][ C0] netlink_ack+0x13f/0xa30 [ 1504.508386][ C0] netlink_rcv_skb+0x262/0x430 [ 1504.513122][ C0] netlink_unicast+0x7f6/0x990 [ 1504.517860][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1504.522598][ C0] __sock_sendmsg+0x221/0x270 [ 1504.527250][ C0] __sys_sendto+0x3a4/0x4f0 [ 1504.531728][ C0] __x64_sys_sendto+0xde/0x100 [ 1504.536464][ C0] [ 1504.538765][ C0] Memory state around the buggy address: [ 1504.544374][ C0] ffff8880496f1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1504.552496][ C0] ffff8880496f1800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1504.560531][ C0] >ffff8880496f1880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1504.568561][ C0] ^ [ 1504.573119][ C0] ffff8880496f1900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1504.581153][ C0] ffff8880496f1980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1504.589182][ C0] ================================================================== [ 1504.597223][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1504.604389][ C0] CPU: 0 UID: 0 PID: 20602 Comm: udevd Not tainted 6.10.0-next-20240719-syzkaller #0 [ 1504.613816][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1504.623846][ C0] Call Trace: [ 1504.627113][ C0] [ 1504.629937][ C0] dump_stack_lvl+0x241/0x360 [ 1504.634594][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1504.639765][ C0] ? __pfx__printk+0x10/0x10 [ 1504.644330][ C0] ? rcu_is_watching+0x15/0xb0 [ 1504.649077][ C0] ? lock_release+0xbf/0xa30 [ 1504.653644][ C0] ? vscnprintf+0x5d/0x90 [ 1504.657951][ C0] panic+0x349/0x870 [ 1504.661825][ C0] ? check_panic_on_warn+0x21/0xb0 [ 1504.666911][ C0] ? __pfx_panic+0x10/0x10 [ 1504.671302][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1504.676484][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1504.682353][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1504.688654][ C0] ? print_report+0x502/0x550 [ 1504.693333][ C0] check_panic_on_warn+0x86/0xb0 [ 1504.698249][ C0] ? register_lock_class+0x8db/0x980 [ 1504.703510][ C0] end_report+0x77/0x160 [ 1504.707728][ C0] kasan_report+0x154/0x180 [ 1504.712205][ C0] ? register_lock_class+0x8db/0x980 [ 1504.717517][ C0] register_lock_class+0x8db/0x980 [ 1504.722630][ C0] ? __pfx_register_lock_class+0x10/0x10 [ 1504.728255][ C0] ? __lock_acquire+0x1384/0x2050 [ 1504.733267][ C0] __lock_acquire+0xf0/0x2050 [ 1504.737943][ C0] lock_acquire+0x1ed/0x550 [ 1504.742517][ C0] ? __wake_up_common_lock+0x25/0x1e0 [ 1504.747872][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1504.752880][ C0] ? __usb_hcd_giveback_urb+0x42c/0x6e0 [ 1504.758403][ C0] ? __pfx_lock_release+0x10/0x10 [ 1504.763406][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1504.768596][ C0] ? _raw_spin_lock_irqsave+0xe1/0x120 [ 1504.774047][ C0] _raw_spin_lock_irqsave+0xd5/0x120 [ 1504.779313][ C0] ? __wake_up_common_lock+0x25/0x1e0 [ 1504.784679][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 1504.790647][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1504.796527][ C0] __wake_up_common_lock+0x25/0x1e0 [ 1504.801799][ C0] __usb_hcd_giveback_urb+0x4ff/0x6e0 [ 1504.807243][ C0] ? __pfx___usb_hcd_giveback_urb+0x10/0x10 [ 1504.813117][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1504.818297][ C0] dummy_timer+0x830/0x45a0 [ 1504.822783][ C0] ? __pfx_lock_release+0x10/0x10 [ 1504.827787][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1504.834104][ C0] ? __hrtimer_run_queues+0x477/0xd50 [ 1504.839549][ C0] ? __pfx_lock_release+0x10/0x10 [ 1504.844557][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1504.849824][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 1504.854750][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 1504.859673][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 1504.864854][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 1504.870819][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1504.876522][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 1504.882572][ C0] hrtimer_interrupt+0x396/0x990 [ 1504.887489][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 1504.893449][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1504.899063][ C0] [ 1504.901970][ C0] [ 1504.904879][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1504.910835][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 1504.916881][ C0] Code: 8b 3d fc b9 4b 0c 48 89 de 5b e9 13 bb 5b 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 40 d7 03 00 65 8b 15 20 fe 6f 7e f7 c2 00 01 ff 00 [ 1504.936461][ C0] RSP: 0018:ffffc9000cddf298 EFLAGS: 00000293 [ 1504.942506][ C0] RAX: ffffffff81335832 RBX: 0000000000000001 RCX: ffff888029c5bc00 [ 1504.950453][ C0] RDX: ffff888029c5bc00 RSI: 0000000000000001 RDI: 0000000000000040 [ 1504.958406][ C0] RBP: 0000000000000000 R08: ffffffff81335827 R09: 0000000000000000 [ 1504.966350][ C0] R10: ffffc9000cddf340 R11: fffff520019bbe74 R12: 0000000000000001 [ 1504.974298][ C0] R13: ffff888029c5bc00 R14: ffffc9000cddf360 R15: ffffc9000cddf340 [ 1504.982261][ C0] ? get_stack_info+0xf7/0x180 [ 1504.987027][ C0] ? get_stack_info+0x102/0x180 [ 1504.992031][ C0] get_stack_info+0x102/0x180 [ 1504.996684][ C0] __unwind_start+0x481/0x7c0 [ 1505.001363][ C0] ? kernel_text_address+0xa7/0xe0 [ 1505.006460][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1505.012593][ C0] arch_stack_walk+0x103/0x1b0 [ 1505.017354][ C0] ? __unwind_start+0x2bc/0x7c0 [ 1505.022187][ C0] stack_trace_save+0x118/0x1d0 [ 1505.027016][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1505.032365][ C0] kasan_save_track+0x3f/0x80 [ 1505.037035][ C0] __kasan_slab_alloc+0x66/0x80 [ 1505.041944][ C0] ? seq_open+0x62/0x140 [ 1505.046163][ C0] kmem_cache_alloc_noprof+0x135/0x2a0 [ 1505.051598][ C0] seq_open+0x62/0x140 [ 1505.055642][ C0] kernfs_fop_open+0x635/0xd10 [ 1505.060383][ C0] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1505.065644][ C0] do_dentry_open+0x970/0x1440 [ 1505.070392][ C0] vfs_open+0x3e/0x330 [ 1505.074443][ C0] path_openat+0x2b3e/0x3470 [ 1505.079013][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1505.084452][ C0] ? __lock_acquire+0x1384/0x2050 [ 1505.089458][ C0] ? __pfx_path_openat+0x10/0x10 [ 1505.094376][ C0] do_filp_open+0x235/0x490 [ 1505.098863][ C0] ? __pfx_do_filp_open+0x10/0x10 [ 1505.104041][ C0] ? _raw_spin_unlock+0x28/0x50 [ 1505.108957][ C0] ? alloc_fd+0x5a1/0x640 [ 1505.113262][ C0] do_sys_openat2+0x13e/0x1d0 [ 1505.117915][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 1505.123090][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 1505.128259][ C0] ? sched_clock_cpu+0x76/0x490 [ 1505.133084][ C0] ? ktime_get+0x9b/0xb0 [ 1505.137301][ C0] ? lapic_next_event+0x11/0x20 [ 1505.142213][ C0] ? clockevents_program_event+0x240/0x350 [ 1505.147995][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 1505.153253][ C0] __x64_sys_openat+0x247/0x2a0 [ 1505.158083][ C0] ? __pfx___x64_sys_openat+0x10/0x10 [ 1505.163433][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1505.169738][ C0] ? __irq_exit_rcu+0x100/0x1c0 [ 1505.174568][ C0] ? do_syscall_64+0xb6/0x230 [ 1505.179232][ C0] do_syscall_64+0xf3/0x230 [ 1505.183711][ C0] ? clear_bhb_loop+0x35/0x90 [ 1505.188364][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1505.194235][ C0] RIP: 0033:0x7f11139759a4 [ 1505.198716][ C0] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 1505.218293][ C0] RSP: 002b:00007fffd107f1b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1505.226680][ C0] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f11139759a4 [ 1505.234626][ C0] RDX: 0000000000080000 RSI: 00007fffd107f2e8 RDI: 00000000ffffff9c [ 1505.242658][ C0] RBP: 00007fffd107f2e8 R08: 0000000000000008 R09: 0000000000000001 [ 1505.250688][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080000 [ 1505.258634][ C0] R13: 0000556da9473b42 R14: 0000000000000001 R15: 0000556da948f160 [ 1505.266588][ C0] [ 1506.331077][ C0] Shutting down cpus with NMI [ 1506.335899][ C0] Kernel Offset: disabled [ 1506.340213][ C0] Rebooting in 86400 seconds..