last executing test programs: 8m19.286643509s ago: executing program 1 (id=269): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = accept(r0, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f1", 0x17}], 0x1, &(0x7f0000000480)=[@op={0x18}], 0x18}], 0x1, 0x0) 8m17.565504674s ago: executing program 1 (id=274): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$phonet_pipe(0x23, 0x5, 0x2) openat$vimc0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_open_dev$tty1(0xc, 0x4, 0x3) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 8m14.646393867s ago: executing program 1 (id=284): connect$unix(0xffffffffffffffff, 0x0, 0x0) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80) ftruncate(r2, 0x2007ffb) sendfile(r2, r2, 0x0, 0x1000000201005) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) sendfile(r4, r3, 0x0, 0x7ffff000) 8m10.696989044s ago: executing program 1 (id=294): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nolazytime}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f00000005c0)="$eJzs3MtvG8UfAPDvruP0119bEkp59AEECiLikTRtgR44AAKJQ5GQ4ADHKEmrUrdBTZBoVUGLUDkhhMQdceRf4AQXhDghcYU7qlShXNpyMlp7ndiO7SaOXUP8+UjbzOyjM9/Mjj07YyeAoTWR/ZNE7I6I3yNiLCLS5hMmqj9urVyeu71yeS6Jcvntv5Lssri5cnmudmqS/9yVZybTiPSzJA62KHfp4qWzs6XSwoU8P7187oPppYuXnjtzbvb0wumF80dPnDh+bObFF44+35M4szrdPPDx4qH9b7z31Zsnv2iIvymOHpnodPDJcrnHxQ3Wnrp0MjLAirAphYjImqtY6f9jUYi1xhuL1z8daOWAviqXy+Vd7Q9fKQPbWBKNeV0ehkXtjT57/q1tzYOAl/s3/Bi4G69UH4CyuG/lW/XIyOo8SLHp+baXJiLi3St/f5Nt0Z95CACABj9k459nW43/0nig7rx78rWh8Yi4NyL2RsR9EbEvIu6PqJz7YEQ8tMnymxdJ1o9/0utdBbZB2fjvpXxtq3H8t7oKNl7Ic3sq8ReTU2dKC0fy38lkFHdk+ZkOZfz42m9ftjtWP/7Ltqz82lgwr8f1kR2N18zPLs9uJeZ6N65GHBhpFX+yuhKQRMT+iDjQZRlnnv7uULtjd46/gx6sM5W/jXiq2v5Xoin+mqTz+uT0/6K0cGS6dles98uv195qV/6W4u+BrP3/3/L+X41/PKlfr13afBnX/vi87TNNt/f/aPJOJT2a7/todnn5wkzEaHKyWun6/UfXrq3la+dn8U8ebt3/98bab+JgRGQ38cMR8UhEPJrX/bGIeDwiDneI/+dXn3i/+/j7K4t/flPtv5YYjeY9rROFsz9931Do+Lr4b3du/+OV1GS+ZyOvfxupV3d3MwAAAPz3pBGxO5J0ajWdplNT1c/L74tIS4tLy8+cWvzw/Hz1OwLjUUxrM11jdfOhM/ljfTV/NSKqHy2oHT+Wzxt/XdhZyU/NLZbmBx08DLldbfp/5s/CoGsH9J3va8Hw0v9heOn/MLz0fxheLfr/zkHUA7j7Wr3/fzKAegB3X1P/t+wHQ2TEcB+GVtv5v+38l3+ACvP/MJSWdsadvyTfMVH7n7q8fNsmovivqMbWE+WkZeNGOuiKSfQzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF75JwAA//+QOeBZ") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) syz_mount_image$udf(&(0x7f0000000a40), &(0x7f0000000500)='./bus\x00', 0x4400, &(0x7f0000000b00)=ANY=[@ANYBLOB='shortad,rootdir=00000000000000000002,noadinicb\x00\x00\x00\x00=', @ANYRESDEC=0x0, @ANYRES32], 0x1, 0xa45, &(0x7f0000002540)="$eJzs20tsXNd5B/DvzCXlkZwmtJIoduK6EyQwVDoxqDdtNYBUMUTiyrYQim61KTQUKXlgvkJSgZwWiYoWCAxkIQRoFi1QeNNFgS7URTddGV0UBYoWQhdF0CAp6zSus2PQAl61DO6dM+TwIYm2RZGSfz9D/s/c+e7MeQxn7syZGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxG9/9fTAobTTrQAA7qeXRr4xcMT7PwB8pJz3+R8AAAAAAAAAAAAAAHa7FEX8eaR49SdL6WJ1va1+tjV99dro0PDmu+1NkaIWRVVf/qsfOnzk6LHjJwY7eef977Un4uWR86cbZ2amZucm5ucnxhuj061LM+MTW76HDft/JSLex/7r9VcD0Jh67er45cvzjcPPHllz87W+dx559EDfyRMvXNjfqR0dGh4e6arp6f3Aj77B7c7w2BNF/CxS1L/3bmpGRC02G4v3N5Z3ee5st71VJ/qrTowODVcdmWw1pxfKG1MtV9Ui+rp2OtUZo83nouf+duEOGhHXy+aXDe4vuzcy25xrjk1ONM415xZaC62Z6VRrP3PK/vRFLQZTxGxELBUb7643iviPSPH995bSWEQUnXF4pjox+O7tqW1DH7egnJC+IuJW3HbO7unfz8PqkSjijUjxgwsDcSmPazVsT0e8WOZTEd8sczHiRr6eyifIkxG/3OT5xIOlJ4r450gxk5bSeGfuq9eVs680vj59eaartvO68sC/P2yzNX8Wu/y1qR5FjFWv+Evpgx/sAAAAAACw+xTxd5Hi5tTBNBvda4qt6SuN882xyfa3wp3v/ht5r+Xl5eW+1M5GzoGcp3Key3kx52zO6zlv5Hwz582cb+W8lXMx51LOqOXHz9nIOZDzVM5zOS/mnM15PeeNnG/mvJnzrZy3ci7mXMoZ1r0AAAAAAAAA2GX2RhE/jhRf+NtvVecVR3Ve+idODh782he7zxn/zF3up6x9NiJuxtbOye3Npw6nWvnfve8XW1OPIr6Tz//7o51uDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsKNqUcRnIsUP31hKkSKiEXEx2rlY7HTrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA+inoo4Eyl+8dV6df1WRHw2Iv5/ufwvIhaX19npFgMAAAAAAAAAG6QiBiLFY08spb6IuNb3ziOPHug7eeKFC/uLKCKVJd31L4+cP904MzM1OzcxPz8x3hidbl2aGZ/Y6sPVz7amr14bHRrels7c1d5tbv/e+pmZ2dfnWldeXdj09n3102PzC3PNS5vfHHujFjHQvaW/avDo0HDV6MlWc7raNdVu08BaRGOrnQEAAAAAAADgobEvFXEsUrzaOpo668Y97TX/X2tfK1Zq//IPV38LMLkuO7p/P7CVy2mrDe2vFt4bo0PDwyNdm3t6N5aWbUqpiL+JFJ/7vcer9fAU+zZdGy/r9kSK4986muv6PlfWnVpTVe8fHRpuvDQz/eXTk5Mzl5oLzbHJicbIbPPS7X84sGerPQMAAAAAAACAD21fKuIvIsXvD9xKnfPO8/p/T/ta1/r/b1VL6JV6WpsrqrX9j1dr++3Lnzg52Bj+jdtt3471/7JNKRXx75HisT94vDqfvrP+P7Cutqz7n0jxb//0ZK6r7SnrDnW6077Hy63JiYGUx+rzz3Rqo6o9kWs/uVp7qKz9fKT4q6fX1g7m2k+t1h4ua/8kUvzfsc1rP71ae6Ss/eNI8TtvNzq1+8ras7n2wGrts5dmJsc3jk7Pmmvl/P99pDj3i6+lQ10Vm85/1+8/rq/LFRvm/M6X79X893Vtu57n9cd5/g/dZf7/IVL86U+fzHXtsT+cb3+s+v/q/P9upPjvX19bezzX7l+tPbTVbu20cv6/FClO/uhHK33O859HdnWGuuf/sz1rc+VZskPz/1jXtr7criPvcyw+iuZf//ZrzcnJiTkXdvbCi3lCdkt7tvVCeRSxC5rhwh0u7PALE/dF+f7/L5Hi+bO11DmOye//H2tfWz3+e+87q+//z6/LFTv0/r+/a9vz+ailtyeivjA123sgoj7/+re/3JpqXpm4MjE9ePzY0ecGjx9/rndP59hu9dKWh+6hUM7/2Ujxyk//deVzzNrjv82P//etyxU7NP+f7O7TmuOaLQ/FR1I5/zcixXfffnfl8+adjv87n/8PfmFtrvz97dD8f6prW/Ub/49HPNe17eCnI05v9bEAAADgIbMvr5P/2W/+48o572s//8cXO7Xd3//czm44/x8AAAAAAD7q9qUi/jpS/O/Al1LnHLKt/P5zfF2u2KHf/x3o2jZ+n85r2fIgAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsQimKeCpSvPqTpbRYlNfb6mdb01evjQ4Nb77b3hQpalFU9eW/+qHDR44eO35isJN33v9eeyJeHjl/unFmZmp2bmJ+fmK8MTrdujQzPrHle/iw+6/XXw1AY+q1q+OXL883Dj97ZM3N1/reeeTRA30nT7xwYX+ndnRoeHikq6an9wM/+gbpNtv3RBGXI0X9e++m/ywiavHhx+Iuz53ttrfqRH/VidGh4aojk63m9EJ5Y6rlqlpEX9dOpzpjdB/m4kNpRFwvm182uL/s3shsc645NjnRONecW2gttGamU63d2rI/fVGLwRQxGxFLxca7640ixiLF999bSm8XEUVnHJ55aeQbA0fu3p7aNvSx2/J3N93cU/atiLgVD8Cc7WKPRBEfixQ/uDAQPyva41oN29MRL5b5VMQ3y1yMuJGvp/IJ8mTELzd5PvFg6YkizkWKmbSU/qvIc1+9rpx9pfH16cszXbWd15UH/v3hftrlr031KOLn1Sv+Uvq5v2cAAAAAgIdIEV+JFDenDqZqfXBlTbE1faVxvjk22f5av/PdfyPvtby8vNyX2tnIOZDzVM5zOS/mnM15PeeNnG/mvJnzrZy3ci7mXMoZtfz4ORs5B3Keynku58Wcszmv57yR882cN3O+lfNWzsWcSznD9+QAAAAAAADALlSLIh6PFD98YyktF+0F3ovRzkXrnA+9XwUAAP//qss40w==") r0 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) symlinkat(0x0, 0xffffffffffffffff, 0x0) unshare(0x2a020400) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mkdir(0x0, 0x0) mount$cgroup(0x0, 0x0, 0x0, 0x0, 0x0) chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00') r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0/../file0/../file0/../file0\x00') 8m9.049914727s ago: executing program 1 (id=307): prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) syz_open_procfs(0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x2000, 0x103) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x81) getdents(r0, 0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x10000, &(0x7f0000000480)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 8m5.896060213s ago: executing program 1 (id=315): read$char_usb(0xffffffffffffffff, &(0x7f0000000180)=""/225, 0xe1) vmsplice(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x39383ddd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 8m4.856777718s ago: executing program 32 (id=315): read$char_usb(0xffffffffffffffff, &(0x7f0000000180)=""/225, 0xe1) vmsplice(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x39383ddd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 14.349547134s ago: executing program 5 (id=1484): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x2008000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bc, &(0x7f0000000440)="$eJzs3EFrE08Yx/Hn37RNmtImfxBBQX3Qi16WNr4ADdKCGFBqU9SDsLUbDVmTshsiEbG5iFdfR/HoTVDfQC/ixbu3IgheehBXupttk5rWbU2a2H4/UGa2M7/OLN2WZwud9TuvHpcKrlEwqzKUUBkSaciGSHqz1/Rfsx3y+6PSqiGXxr9/PnP77r0b2VxuZk51Njt/OaOqk+fePXn2+vyH6vjCm8m3cVlL31//lvmydnLt1PrP+UdFV4uulitVNXWxUqmai7alS0W3ZKjesi3TtbRYdi2nbbxgV5aX62qWlyaSy47lumqW61qy6lqtaNWpq/nQLJbVMAydSMrxNhxhTn51bs7M7jrsxbq6I3RfvP1yrNMcx8k2Og/mV3u1LwAAMLj2rv+DWn/3+j+3ELRdrv9FqP97pNF29Yf6H0eC42TNZPPntx31PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t5npcK2/AjLiIJEQmv+71P9MYBv/9X+rRddFnLP+4lROyXtXwtH7TBeLYgRbHFkilJyQ//eWgK+rPXczNT6htpfsnN/EotH/PPJvDzoXSn/Nn/p4O8yvvNXK2ZH5Fk6/oZScmJzutntvPhcQgrtfyoXLzQkjckJR8fSEVsWfKf6+3882nVazdzO9Yf8+ftJsrpGgAAAAAADApDt6Tb33+Dsx8Nf0JCfh8P8vv4+8CO9+thOc1LNAAAAAAAh8KtPy2Ztm05B+jEReQv4ke1E5OB2MaOzlUROfRFRaTRn1tOiEjwGT1I/OtWPFLKizBnWEQG4kmI2On3byYAAAAA3bZd9O8j9OlFD3cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxE/U8sHB+yVuRtvPtwoE94i3LxQ79BgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAB8isAAP//0KwZYw==") socketpair$unix(0x1, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000"], 0x18}, 0xc800) r3 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0) sendfile(r3, r3, &(0x7f0000000080)=0x2, 0x7f03) 12.275265214s ago: executing program 0 (id=1490): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r6, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) 12.147508215s ago: executing program 0 (id=1493): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000840)=ANY=[], 0x2, 0x69f, &(0x7f0000000f00)="$eJzs3V1v2+b5x/EfZdmW3T+C4r8hCII83ElWwMEyhZIbB0YGrBpF2dwkUSDlwQYGFFljF0HkdEsyYPFJ55M9AN0b2NlOdrAXMWDHfRc7GTag2M4G7EQDb1KyFD3FjeK0y/cjtKJuXuR9kVR4gZZ4SwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQI5Xdd2So3rQ3Nk1k3nVKGxMmZ+ubVE304mbM/uVnOQ/FQq6kDZd+ObJ7PPJ/67rUvrqkgrJU0FH75x/99438rne8lMS+jJ02hU+fX706H6ns//kJWIXdOrVv0nK9aZWsmMyJmjLbwZxGDQqW74J4tBsbmy4t7drsakFdT/ei9t+w3iRn2uHkVnzbprS5ua68Yt74U5zq1qp+73Gu98pu+6G+cFyeqAlFWNvO6jXg+aWjUlmJzF3zWc/TgP8SsOYg4ed/fVZW5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu5vWnzNzOfEDcxBLqn/f3Wkugpqake7MmMfnqqKFKoxYX6mV//fu+1P7Xew/veq/AXpe9nsi7L1/0r66sqk+j8hFyNjFxg3x5nQfrrHos3I6Kme60iPdF8ddbSvJ3NYt5G5OqH93lzWPsfHlnw1FShWqEANVWyLyVqMNrWhDbn6UNuqKZZRTYHq8hVrT7Ha8u07ylMkXxW1FSqS0Zo83ZRRSZva1LqMfBW1p1A7ampLVVX07263e6CHdr+vT8lRvaDShIDlwaDylDVNqv8/+TR9n2b136X+v63S98Fy+vT5tBjgK6CbXf8Pys1e7OrrywgAAAAAAMybY//67tjP7i9L6qoW1H33TacFAAAAAADmyFF3WZfkJNf/ki7L4fofAAAAAID/NY69x86RtGq/1O+c3An1Mn8EWDiDFAEAAAAAwCuyd/5fWZK6dtCKq3JOdf0PAAAAAAC+Bn4zMMZ+vjfGbrf3sX5OUtxadv78z2VFi85xa/dbzmElmVM5zGJGvgHQrl10zmUD9dqnJUn2ledfcrLeskEw++MOfnEwa6x/J3ohgaWFwRVMSMBJet7IZ6/0ma6li1zLxpl/cJSTnZP2sloL6n7RC+v3SqpUzuXa/m77548f/kKK+tt58LCzX/zok84Dm8tx0nR8mKz006F0cuN3xkkuz+x4C/aei3FbvKJar8vfNhurju3X7W3/giqHucGOph2Akz5/pevpMbu+msauHvVH3E+2v5Bsf6loD9nQ1keLzkkWpRe3fNyBmJBFwWZxI425sXZD5b+l0/2jkHMK316QysXRYzCURXkwi9n7wvnXyL4YyMI+9eYM7Iv1JIu/JCuakMX66bIYOSIA8KYc6LLsWeiy7CDm/SpUyOpurzz0Tmpfqu7Mru4fDFf3Z7/vdu0CC1I++2xiai8FJWf0NcfWoaV0k/IXx5zR3ayuFDThjO6+QnVL+vrTyW8gZWmPZPGfbrd7r2T7/d0LVfUPQ92N9BvXywvJLrz97PCndgD8xMf7H+8/LpfXN9z3XfdOWYt2M7KnBVF7AAAjZv/GzswI531dSyOuPfjHe+nUUMX7//5XCor6SJ+oowe61fsJgavj17o68DWEW+lVqwauWs35d+/Z36Ubji3p1sSrOltLB2LL/dhF9RYZrtQnseuv+SgAAHC2rs+ow+Prf2Go/t/SWhqxdnHsdfdwLc+ujvuX9JNiS7OT/2DeewMAgLeDH33hrLZ/7URR0PqwtLlZqrS3fROF3g9NFFS3fBM0237kbVeaW75pRWE79MK6aUVaDqp+bOKdViuM2qYWRqYVxsGu/eV3k/30e+w3Ks124MWtul+JfeOFzXbFa5tqEHumtfP9ehBv+5FdOG75XlALvEo7CJsmDncizy8aE/v+QGBQ9ZvtoBYkk03TioJGJdozPwrrOw3fVP3Yi4JWO0xX2OsraNbCqGFXW8x3x31fAACAt87T50eP7nc6+09enFhJLs3TlmNNiBmdWNLT58lVedKSz2YxRhAAAF8xJwX8FAvZzwFWXl9SAAAAAAAAAAAAAAAAAAAAAABgyOxb+k45sTjuZkGp3/Kzc1mLfqmTWwxH1uNo3omdZiJ32qV6o+gfPfp8SvBKv6W3+wdjjs9sA//+f9I7tkVpS37+fa1MObivY+K7B+kenRiTzBw7a7l/LPLz/+eQTDz+44RZ3W63O33x5eF9uDRtA4cn8pKeLL3CITj7cxGAs/XfAAAA//8xcjPe") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$nl_route(0x10, 0x3, 0x0) close_range(r1, r5, 0x2) r6 = socket$rds(0x15, 0x5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x20000000, @void, @value}, 0x94) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000003000000a00300000d"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)="53f49a3788bce6b29942deacdec778d5b3453cb02070a9611ca1f3ee8e7600000000785ce60000000d39ab9c13db3b3b8cac9a99972e518b163caf9e98b00cbcba8b75863e727b1cfa000000000000", &(0x7f0000000300)="f9ffff0000dfe86871235a46dddc79c95021ba4b8c550a2b12535ed96441655ed6596af24ba38e9b81e402df4b628233d5e70c127c5d222d891085f1a9a04716", 0x2, r7}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r7, &(0x7f00000004c0), &(0x7f0000001680)=""/129}, 0x20) r8 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r8, 0x0, 0x482, &(0x7f0000000400)={0x84, @rand_addr=0x64010102, 0x4e22, 0x4, 'none\x00', 0x1, 0x3, 0x2a}, 0x2c) r9 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADDDEST(r9, 0x0, 0x487, &(0x7f0000000000)={{0x16, @empty, 0x4e20, 0x3, 'rr\x00', 0x0, 0x323b, 0x52}, {@remote, 0x4e23, 0x4, 0xfffffffe, 0x12d5c, 0x12d5c}}, 0x44) bind$rds(r6, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r6, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) 10.125809415s ago: executing program 5 (id=1495): bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtaction={0x328, 0x30, 0x9, 0x0, 0x25dfdbff, {}, [{0x314}]}, 0x328}, 0x1, 0x0, 0x0, 0x814}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0) r4 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r4, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24) listen(r4, 0x4) close_range(0xffffffffffffffff, r4, 0x0) r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0x6, 0x0, 0x5, 0x0}) 10.125318925s ago: executing program 3 (id=1497): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0xfffffff7}}) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) truncate(&(0x7f0000000080)='./file2\x00', 0x1fff) openat(0xffffffffffffff9c, 0x0, 0x187842, 0x147) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00'}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x5a, 0x1}, 0x14}}, 0x0) 10.117769065s ago: executing program 0 (id=1506): r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}}, 0x20}}, 0x20044002) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0) r7 = socket(0x10, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) 9.981666337s ago: executing program 3 (id=1498): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0) preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x801) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) close(r3) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x0, 0x891018, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000300)='\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x48, 0x0) r4 = getpid() r5 = syz_pidfd_open(r4, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) setns(r5, 0x24020000) umount2(&(0x7f0000000040)='.\x00', 0x2) 9.76944094s ago: executing program 0 (id=1499): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x2008000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bc, &(0x7f0000000440)="$eJzs3EFrE08Yx/Hn37RNmtImfxBBQX3Qi16WNr4ADdKCGFBqU9SDsLUbDVmTshsiEbG5iFdfR/HoTVDfQC/ixbu3IgheehBXupttk5rWbU2a2H4/UGa2M7/OLN2WZwud9TuvHpcKrlEwqzKUUBkSaciGSHqz1/Rfsx3y+6PSqiGXxr9/PnP77r0b2VxuZk51Njt/OaOqk+fePXn2+vyH6vjCm8m3cVlL31//lvmydnLt1PrP+UdFV4uulitVNXWxUqmai7alS0W3ZKjesi3TtbRYdi2nbbxgV5aX62qWlyaSy47lumqW61qy6lqtaNWpq/nQLJbVMAydSMrxNhxhTn51bs7M7jrsxbq6I3RfvP1yrNMcx8k2Og/mV3u1LwAAMLj2rv+DWn/3+j+3ELRdrv9FqP97pNF29Yf6H0eC42TNZPPntx31PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t5npcK2/AjLiIJEQmv+71P9MYBv/9X+rRddFnLP+4lROyXtXwtH7TBeLYgRbHFkilJyQ//eWgK+rPXczNT6htpfsnN/EotH/PPJvDzoXSn/Nn/p4O8yvvNXK2ZH5Fk6/oZScmJzutntvPhcQgrtfyoXLzQkjckJR8fSEVsWfKf6+3882nVazdzO9Yf8+ftJsrpGgAAAAAADApDt6Tb33+Dsx8Nf0JCfh8P8vv4+8CO9+thOc1LNAAAAAAAh8KtPy2Ztm05B+jEReQv4ke1E5OB2MaOzlUROfRFRaTRn1tOiEjwGT1I/OtWPFLKizBnWEQG4kmI2On3byYAAAAA3bZd9O8j9OlFD3cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxE/U8sHB+yVuRtvPtwoE94i3LxQ79BgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAB8isAAP//0KwZYw==") socketpair$unix(0x1, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000"], 0x18}, 0xc800) r3 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x3, 0x1, 0x5, 0x6, 0x3, 0x1, {0x5, 0x17d, 0x8, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0) sendfile(r3, r3, &(0x7f0000000080)=0x2, 0x7f03) 8.425047259s ago: executing program 5 (id=1501): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x85}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x2, 0x3, 0x0, 0x2, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, 'f'}, @sadb_x_sec_ctx={0x1, 0x18, 0x2, 0x11}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}]}, 0x60}, 0x1, 0x7}, 0x0) r4 = syz_open_dev$admmidi(&(0x7f0000000280), 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r4, 0xc0385720, &(0x7f00000001c0)={0x1}) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0xf0, 0x0, 0x0) chroot(0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r5 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r5, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) syz_usb_connect(0x3, 0x2d, &(0x7f00000009c0)={{0x12, 0x1, 0x310, 0x8a, 0x7d, 0x53, 0x8, 0xa5c, 0x2033, 0x73e4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x5, 0xaa, 0x20, 0xfa, [{{0x9, 0x4, 0xee, 0x0, 0x1, 0x58, 0xfa, 0x42, 0x5, [], [{{0x9, 0x5, 0xe, 0x1, 0x200, 0x0, 0x1, 0x1}}]}}]}}]}}, 0x0) setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f00000007c0)=ANY=[], 0x310) 8.3619174s ago: executing program 3 (id=1502): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdir(0x0, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x10d098, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r4, 0xc058534f, &(0x7f0000000400)={{}, 0x1, 0x8000000, 0x401, {0x0, 0x60}, 0x1, 0x2}) 7.546718042s ago: executing program 5 (id=1503): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r6, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) 7.317459525s ago: executing program 5 (id=1508): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdir(0x0, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x10d098, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r4, 0xc058534f, &(0x7f0000000400)={{}, 0x1, 0x8000000, 0x401, {0x0, 0x60}, 0x1, 0x2}) 5.6296398s ago: executing program 4 (id=1512): r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}}, 0x20}}, 0x20044002) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0) r7 = socket(0x10, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) 5.500609201s ago: executing program 4 (id=1513): r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x20044002) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r5}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0) r6 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r7, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) 5.363872983s ago: executing program 4 (id=1514): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) r1 = syz_open_dev$dri(0x0, 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "d20bddda7d1db9342de76eec7967fe97751f13a23aeaacb0565c1c2251560ed1"}}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x80, 0x0, 0x1, 0x401, 0xff97, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) 5.117050657s ago: executing program 2 (id=1515): bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtaction={0x328, 0x30, 0x9, 0x0, 0x25dfdbff, {}, [{0x314}]}, 0x328}, 0x1, 0x0, 0x0, 0x814}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0) r4 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r4, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24) listen(r4, 0x4) close_range(0xffffffffffffffff, r4, 0x0) r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0x6, 0x0, 0x5, 0x0}) 2.656211302s ago: executing program 4 (id=1516): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)) syz_io_uring_setup(0x27c6, 0x0, 0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(0x0, r0, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000003c0)='.\x00', &(0x7f0000000400)='./cgroup/../file0\x00', 0x0, 0x0, 0x1}) prctl$PR_SCHED_CORE(0x3e, 0x2000000000000001, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000340), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, r2) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = open(0x0, 0x2ae7c, 0x26) fallocate(r3, 0x0, 0x0, 0x1000f4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socketpair(0x28, 0xa, 0x8000, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='veno\x00', 0x5) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x5) sendto$inet(r5, &(0x7f0000000400)="001d71d52a3879c9c7649475728f8a25a071a59c20c131e0364e8828e50cfb69d0561b1bf87522000e42847c81695082fb23c905f5713aa8cadb181f50020730a3af1cb5a2ec28f6a78f19956ad27fa369f8adf71664f8eaff", 0x59, 0x4044000, 0x0, 0x0) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd32) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) 2.465890055s ago: executing program 2 (id=1517): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1b000000000000"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003001200850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4) sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x10) setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f00000000c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) sendto$inet6(r3, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) writev(r3, &(0x7f0000000100)=[{&(0x7f0000000180)="c2", 0x1}], 0x1) write$UHID_SET_REPORT_REPLY(r3, &(0x7f00000007c0)=ANY=[], 0xffe0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) syz_clone3(&(0x7f0000000400)={0xc0000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), {0x25}, &(0x7f0000000640)=""/4096, 0x1000, &(0x7f00000000c0)=""/45, 0x0}, 0x58) sched_setscheduler(0x0, 0x2, 0x0) syz_open_dev$MSR(&(0x7f0000000300), 0x20002000000, 0x0) 2.296501807s ago: executing program 4 (id=1518): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r6, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) 1.465102429s ago: executing program 4 (id=1519): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x2008000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bc, &(0x7f0000000440)="$eJzs3EFrE08Yx/Hn37RNmtImfxBBQX3Qi16WNr4ADdKCGFBqU9SDsLUbDVmTshsiEbG5iFdfR/HoTVDfQC/ixbu3IgheehBXupttk5rWbU2a2H4/UGa2M7/OLN2WZwud9TuvHpcKrlEwqzKUUBkSaciGSHqz1/Rfsx3y+6PSqiGXxr9/PnP77r0b2VxuZk51Njt/OaOqk+fePXn2+vyH6vjCm8m3cVlL31//lvmydnLt1PrP+UdFV4uulitVNXWxUqmai7alS0W3ZKjesi3TtbRYdi2nbbxgV5aX62qWlyaSy47lumqW61qy6lqtaNWpq/nQLJbVMAydSMrxNhxhTn51bs7M7jrsxbq6I3RfvP1yrNMcx8k2Og/mV3u1LwAAMLj2rv+DWn/3+j+3ELRdrv9FqP97pNF29Yf6H0eC42TNZPPntx31PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t5npcK2/AjLiIJEQmv+71P9MYBv/9X+rRddFnLP+4lROyXtXwtH7TBeLYgRbHFkilJyQ//eWgK+rPXczNT6htpfsnN/EotH/PPJvDzoXSn/Nn/p4O8yvvNXK2ZH5Fk6/oZScmJzutntvPhcQgrtfyoXLzQkjckJR8fSEVsWfKf6+3882nVazdzO9Yf8+ftJsrpGgAAAAAADApDt6Tb33+Dsx8Nf0JCfh8P8vv4+8CO9+thOc1LNAAAAAAAh8KtPy2Ztm05B+jEReQv4ke1E5OB2MaOzlUROfRFRaTRn1tOiEjwGT1I/OtWPFLKizBnWEQG4kmI2On3byYAAAAA3bZd9O8j9OlFD3cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxE/U8sHB+yVuRtvPtwoE94i3LxQ79BgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAB8isAAP//0KwZYw==") socketpair$unix(0x1, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000"], 0x18}, 0xc800) r3 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0) sendfile(r3, r3, &(0x7f0000000080)=0x2, 0x7f03) 1.44676922s ago: executing program 2 (id=1520): syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414", @ANYRES32=0x41424344], 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f00000023c0)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e733e", 0xd, 0xfffffffffffffffe) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'tunl0\x00', &(0x7f0000000180)={'erspan0\x00', 0x0, 0x0, 0x8000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x5e55b37311de6d89, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x6}}}}}) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac14"], 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000100003040000000000000000", @ANYRES32=0x0, @ANYBLOB="e5fda988000000001800128008000100767469"], 0x40}}, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0) r2 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe) r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 1.42258541s ago: executing program 0 (id=1521): r0 = syz_open_dev$video4linux(0x0, 0x2, 0x0) ioctl$VIDIOC_QUERYMENU(r0, 0xc040564a, 0x0) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8) openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) r1 = gettid() timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000)=0x0) timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = memfd_create(0x0, 0x0) copy_file_range(r5, 0x0, r5, &(0x7f00000003c0)=0xffffffffffff7ffa, 0x1, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3) timer_delete(r2) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) fcntl$setsig(r3, 0xa, 0x12) read$dsp(0xffffffffffffffff, 0x0, 0x0) io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000040)={0x7}, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18) poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0xffffffffffbffff8) 1.342241651s ago: executing program 2 (id=1522): socket$inet_tcp(0x2, 0x1, 0x0) r0 = openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0xfffffff7}}) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) truncate(&(0x7f0000000080)='./file2\x00', 0x1fff) openat(0xffffffffffffff9c, 0x0, 0x187842, 0x147) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00'}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x5a, 0x1}, 0x14}}, 0x0) 1.247669773s ago: executing program 2 (id=1523): syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000640), 0xffffffffffffffff) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x74ed00, 0x0, 0x0, 0x40f00, 0x33, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file2\x00', 0x404, &(0x7f0000000300), 0x3, 0x434, &(0x7f0000000680)="$eJzs289rHFUcAPDv7Cap6Q+zlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tHpamd2ZZHezmybpJlvdzwemfW/mLe/73Zm3+2ZeNoCeNZL+k0Tsj4jfI2KoVm1sMFL779bK0vTfK0vTSVQqb/2VVNvdXFmazpvmr9uXV/oiCp8lcaRFvwuXr5yfKpdnL2X18cUL748vXL7y3NyFqXOz52YvTp4+ffLExAunJp/vSJ5pXjeHP5o/evi1d669MX3m2rs/f5vk+Tfl0SEjGx18slLpcHfddaCunPR1MRC2pFgbptFfHf9DUYy1kzcUr37a1eCAHVWpVCoPtD+8XAH+x5LodgRAd+Rf9On9b77t0tTjrnDjpdoNUJr3rWyrHemLQtamv+n+tpNGIuLM8j9fpVvszHMIAIAG36fzn2dbzf8KUf9c6N5sDaUUEfdFxMGIOBURhyLi/ohq2wcj4qEt9t+8SLJ+/lO4vq3ENimd/72YrW01zv/y2V+UilntQDX//uTsXHn2ePaejEb/nrQ+sUEfP7zy2xftjtXP/9It7T+fC2ZxXO/b0/iamanFqTvJud6NTyKG+1rln6yuBCQRcTgihrfZx9zT3xxtd+z2+W+gA+tMla8jnqqd/+Voyj+XbLw+OX5PlGePj+dXxXq//Hr1zXb931H+HZCe/70tr//V/EtJ/Xrtwtb7uPrH523vabZ7/Q8kbzfs+3BqcfHSRMRA8not6Pr9k03tJtfap/mPHms9/g/G2jtxJCLSi/jhiHgkIh7NYn8sIh6PiGMb5P/Ty0+8t/38d1aa/8yWzv9aYSCa97QuFM//+F1Dp6Wt5J+e/5PV0mi2ZzOff5uJa3tXMwAAAPz3FCJifySFsdVyoTA2Vvsb/kOxt1CeX1h85uz8Bxdnar8RKEV/IX/SNVT3PHQiu63P65NN9RPZc+Mvi4PV+tj0fHmm28lDj9vXZvyn/ix2Ozpgx/m9FvQu4x96V9P4L3UrDmD3+f6H3tVi/A92Iw5g97X6/v+4C3EAu69p/Fv2gx7i/h96l/EPvcv4h560MBi3/5G8gsK6QhTuijAUdqjQ7U8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvg3AAD//xJ85uU=") write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r1 = getpid() setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r4, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) socket$netlink(0x10, 0x3, 0x8000000004) dup(0xffffffffffffffff) r5 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r5, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 1.224291113s ago: executing program 3 (id=1524): r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, 0x0, &(0x7f0000000200)) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0) r6 = socket(0x10, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r7, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) 1.157444944s ago: executing program 3 (id=1525): r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}}, 0x20}}, 0x20044002) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0) r7 = socket(0x10, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="1400020000000000000000000000ffff"], 0x34}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) 979.378347ms ago: executing program 3 (id=1526): mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x759, &(0x7f00000001c0)={[{@noload}, {@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x10001}}, {@errors_remount}, {@inode_readahead_blks, 0x0}, {@abort}, {@barrier}, {@journal_checksum}, {@data_ordered}, {@noacl}, {@usrjquota}, {@nolazytime}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@norecovery}, {@nobarrier}, {@data_writeback}, {@orlov}], [{@audit}, {@uid_lt={'uid<', 0xee01}}], 0x2c}, 0x2, 0x51a, &(0x7f0000000e40)="$eJzs3EtvVNcdAPD/XI9tXHDt0iePlmlpVatVMTbPRReAWolNpUqtKrp0bYMoBirsSoCsYqoKpC5a8QlIsouUT5BVsomSKItE2YKyjSIh5A2ERXSjO3NnGPvO+MXYE8zvJ4197vOc/73njM+5Z8YBvLJKC9mPiF0R8SAihmqLz1Vqr+zX08X5yS8X5ydLkaZ/elyq7vdkcX6yca789858YSSJSP5Tin3FbPtnb9y8NDEzM30tXzE6l+SpyxMXpi9MXxk/efLokYETx8ePdSTOrExP9v7r6v49Z/967w+T5+797YO3svKm+fbmOGqGqz/71pxDT2FNJSq1a9Jb3PsX6yv+N95gU7pUzn4m3SsMa5bV2nJeRR/EUPRUl2qG4vf/7mrhgE2VpmnaX1jb+Fu2kDYrlWoHpOntFNgGStHtEgDdUf9D/2QxG6nOTxbHwdvbo9NRHQFlcT/NX7Ut5eoItjJcGxu1GMJ3xPci4tzCs/vZK1o+hwAA6Kx3TkfcPVPrd9RftS1J/KBpv2/nc0PDEfGdiNgdEd/N+y/fj6ju+8OI+FHTMYNrmAWoLFsu9n8+GcgTzd3Vjsn6f7/N57aW9v8aJR/uyZcGq/H3ls5fnJk+nF+Tkejtz5bHiqduPFZ793ef/r9d/pVG/y8L89n9LP96XzAvxxflZQ/opibmJl407rpHt6sX9lYx/lKUS/VUxJ6I2LuB82fX7OKv3tzfbnulqf97LouzEP//2p+8vIECLZO+HvHL2v1fiEb8A43ZzL48NTp3+R+jszdu/uZi8/zk2Inj48dGd8TM9OHReq0o+vDjO3/Mk4VhxJL4F5bc/3rT2NSJtOz+f6tl/W/MAg9nqcZ87ez687jz8G7bMc0K8eda1/++0p+r6fr87PWJublrYxF91Qnt6vqksX78+bHXJwaW7J/FP3KwdfvfHfHVa/lx+yIiq8Q/joifRMSBvOw/jYifRcTBFeJ//8zP/95uCLl6/Jsri39qXfe/XeLURxGtN/Vceu/tQsb/rRTi7237/ne0mhrJ10xNzO1YLa6VStqceOELCAAAAC+BA00D/SQidkWSHDoUsbPxZGV27tfnr/7zylTtOwLD0ZvUn3QNNT0PHcufDWfL2VHjTcvZ9iPV58ZpmqYD2XI2fp8ZLH7wENhCO6ttvpQcWtb+M58Xv9ICbDfrmkcrbV45gK23vP0/XPORnf9ABrC1OvA5GuAlpf3Dq2vN7X+zvgUHdE2r9n8r4mkXigJssVbt/y+FNae2pCzA1jL+h1fXxtu/DwPAy651+9e2YZtb05fkN5DYfXaFfUrlzcm0fSKJlf8LwHBEfU39fW/lE36WRHSmhD0djXRgyT1NWu6zIzqRVySr7lNexz9i2NpE0s3cHy9b0x8Rq9TeRmW7VU/c3JwSlht1o9oI3ujuuxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCL+zoAAP//XI7RYg==") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f00000002c0)) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000300)={0x8, 0x6}) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_open_procfs(0x0, 0x0) mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}]}) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140), 0x12) r6 = dup(r1) write$P9_RLERRORu(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="5300000007000046009d40"], 0x53) shmget$private(0x0, 0x3000, 0x78000000, &(0x7f0000068000/0x3000)=nil) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}}) 931.969947ms ago: executing program 5 (id=1527): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) r1 = syz_open_dev$dri(0x0, 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "d20bddda7d1db9342de76eec7967fe97751f13a23aeaacb0565c1c2251560ed1"}}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x80, 0x0, 0x1, 0x401, 0xff97, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) 41.70211ms ago: executing program 2 (id=1528): bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtaction={0x328, 0x30, 0x9, 0x0, 0x25dfdbff, {}, [{0x314}]}, 0x328}, 0x1, 0x0, 0x0, 0x814}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0) r4 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r4, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24) listen(r4, 0x4) close_range(0xffffffffffffffff, r4, 0x0) r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0x6, 0x0, 0x5, 0x0}) 0s ago: executing program 0 (id=1529): sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, 0x0, 0x8011) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) getsockname$ax25(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x31df9000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newsa={0xf0, 0x10, 0x713, 0x2, 0x0, {{@in=@rand_addr=0x64010101, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x0, 0x0, 0x0, 0x6, 0x0, 0x40, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x33}, @in=@broadcast, {0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x200000000000000}, {0x0, 0xfffffffffffffffd}, {}, 0x70bd2b, 0x0, 0x2, 0x0, 0x80, 0x66}}, 0xf0}}, 0x0) r5 = openat$mice(0xffffffffffffff9c, 0x0, 0x2) socket$inet6_udplite(0xa, 0x2, 0x88) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000a80)={0x0, 0xfffffffffffffffc, 0x0, 0x5, @scatter={0x0, 0x0, &(0x7f0000000800)}, &(0x7f00000008c0), &(0x7f0000000a00)=""/3, 0x3, 0x10, 0x0, &(0x7f0000000a40)}) r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f00000002c0)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000100)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f00000000c0)={{@my=0x1}, @any, 0x0, 0x0, 0x400005}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7aa, &(0x7f0000000000)={{@my=0x1}, @local}) kernel console output (not intermixed with test programs): E): veth0_macvtap: link becomes ready [ 77.715398][ T4172] device veth1_vlan entered promiscuous mode [ 77.725828][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 77.734269][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 77.744555][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 77.755777][ T4174] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.765715][ T4174] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.774620][ T4174] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.784038][ T4174] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.800674][ T4171] device veth0_macvtap entered promiscuous mode [ 77.852755][ T4171] device veth1_macvtap entered promiscuous mode [ 77.909421][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 77.919270][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 77.928817][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 77.939437][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 77.948952][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 77.958550][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 77.968695][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 77.982857][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.993922][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.007890][ T4173] device veth0_vlan entered promiscuous mode [ 78.025796][ T4172] device veth0_macvtap entered promiscuous mode [ 78.039753][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.049156][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.059167][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.087051][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.101883][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.111990][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.123792][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.135752][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.147544][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.160115][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.170467][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.187754][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.206172][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.214684][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.223720][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.233752][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.243301][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.253107][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.269287][ T4173] device veth1_vlan entered promiscuous mode [ 78.279054][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.287595][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.298538][ T4172] device veth1_macvtap entered promiscuous mode [ 78.310068][ T4171] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.319677][ T4171] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.328944][ T4171] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.340697][ T4171] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.362888][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.423579][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.441206][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.454560][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.471844][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.483705][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.496724][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.509585][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.520988][ T4197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.541548][ T4197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.543363][ T4173] device veth0_macvtap entered promiscuous mode [ 78.560007][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.574365][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.590050][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.603820][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.633588][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.672449][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.695709][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.713067][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.724945][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.741294][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.753950][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.773982][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.843103][ T4173] device veth1_macvtap entered promiscuous mode [ 78.860052][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.874319][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.883261][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.937889][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 79.693351][ T4234] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.697982][ T2239] Bluetooth: hci4: command 0x0419 tx timeout [ 79.712685][ T2239] Bluetooth: hci2: command 0x0419 tx timeout [ 79.720465][ T2239] Bluetooth: hci1: command 0x0419 tx timeout [ 79.724621][ T4234] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.727425][ T2239] Bluetooth: hci3: command 0x0419 tx timeout [ 79.746896][ T2239] Bluetooth: hci0: command 0x0419 tx timeout [ 79.790391][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.809985][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.849541][ T4172] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.867649][ T4172] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.882291][ T4172] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.896203][ T4172] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.915452][ T4234] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 79.942588][ T4234] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 80.013743][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.037754][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.049537][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.063311][ T4260] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 80.072041][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.150832][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.168691][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.183481][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.196138][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.217306][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.232153][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.246127][ T4173] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.264810][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 80.286291][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 80.308306][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 80.319610][ T4268] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8'. [ 80.330183][ T4268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8'. [ 80.362587][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.382125][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.418310][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.430452][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.441084][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.452354][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.464164][ T4173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.475533][ T4173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.488949][ T4173] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.529949][ T4173] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.542932][ T4173] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.556229][ T4173] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.565624][ T4173] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.598971][ T4234] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 80.615855][ T4234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 80.667771][ T1261] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.739289][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 80.750073][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 80.761043][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #288!!! [ 80.770362][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #28a!!! [ 80.779709][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #28a!!! [ 80.789206][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #28a!!! [ 80.816521][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!! [ 80.935053][ T1261] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.251636][ T4234] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.310712][ T1261] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.437268][ T1261] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.454640][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #308!!! [ 81.464983][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #30a!!! [ 81.723041][ T4289] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.758548][ T4234] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.795498][ T4290] xt_limit: Overflow, try lower: 330673899/4200216962 [ 81.826560][ T4289] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.905458][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 82.215857][ T4289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.397626][ T4289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.806078][ T4289] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 84.911868][ T4313] loop0: detected capacity change from 0 to 32768 [ 84.989212][ T4313] ======================================================= [ 84.989212][ T4313] WARNING: The mand mount option has been deprecated and [ 84.989212][ T4313] and is ignored by this kernel. Remove the mand [ 84.989212][ T4313] option from the mount to silence this warning. [ 84.989212][ T4313] ======================================================= [ 85.066056][ T4311] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 85.073876][ T4311] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 85.618717][ T4313] XFS (loop0): Mounting V5 Filesystem [ 85.700780][ T4311] vhci_hcd vhci_hcd.0: Device attached [ 85.793068][ T1107] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 85.824503][ T4339] fuse: Bad value for 'fd' [ 85.852532][ T4325] vhci_hcd: connection reset by peer [ 85.862415][ T9] vhci_hcd: stop threads [ 85.885966][ T9] vhci_hcd: release socket [ 85.920923][ T9] vhci_hcd: disconnect device [ 85.931357][ T4313] XFS (loop0): Ending clean mount [ 85.960317][ T4313] XFS (loop0): Quotacheck needed: Please wait. [ 86.087671][ T4346] syz.4.22 uses obsolete (PF_INET,SOCK_PACKET) [ 86.139217][ T4313] XFS (loop0): Quotacheck: Done. [ 87.214096][ T4173] XFS (loop0): Unmounting Filesystem [ 87.385681][ T4361] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.393633][ T4361] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.414769][ T4364] loop1: detected capacity change from 0 to 1024 [ 87.462333][ T4363] bridge0: port 3(vlan2) entered blocking state [ 87.478463][ T4363] bridge0: port 3(vlan2) entered disabled state [ 87.496327][ T4363] device vlan2 entered promiscuous mode [ 87.512435][ T4363] device bond0 entered promiscuous mode [ 87.523863][ T4363] device bond_slave_0 entered promiscuous mode [ 87.532086][ T4363] device bond_slave_1 entered promiscuous mode [ 87.648138][ T4364] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 87.659598][ T4364] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.821207][ T4376] loop3: detected capacity change from 0 to 1024 [ 88.100931][ T4379] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 88.463243][ T4379] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 88.618835][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!! [ 88.769199][ T4379] EXT4-fs (loop1): This should not happen!! Data will be lost [ 88.769199][ T4379] [ 88.953781][ T4379] EXT4-fs (loop1): Total free blocks count 0 [ 88.974052][ T4379] EXT4-fs (loop1): Free/Dirty block details [ 89.043176][ T4379] EXT4-fs (loop1): free_blocks=4293918720 [ 89.050881][ T4388] Zero length message leads to an empty skb [ 89.067363][ T4379] EXT4-fs (loop1): dirty_blocks=16 [ 89.073216][ T4379] EXT4-fs (loop1): Block reservation details [ 89.079191][ T4388] netlink: 'syz.4.33': attribute type 4 has an invalid length. [ 89.116683][ T4388] netlink: 152 bytes leftover after parsing attributes in process `syz.4.33'. [ 89.131980][ T4379] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 89.184046][ T4388] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 89.207788][ T4391] fuse: Bad value for 'fd' [ 89.367485][ T4395] tipc: Started in network mode [ 89.390685][ T4395] tipc: Node identity 6, cluster identity 4711 [ 89.424406][ T4395] tipc: Node number set to 6 [ 89.818629][ T4386] loop2: detected capacity change from 0 to 32768 [ 89.878762][ T4400] loop4: detected capacity change from 0 to 512 [ 90.246343][ T4386] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.34 (4386) [ 90.326361][ T4400] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 90.600244][ T4400] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0002] [ 90.617310][ T4400] System zones: 1-12 [ 90.622940][ T4400] EXT4-fs (loop4): orphan cleanup on readonly fs [ 90.664240][ T4386] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 90.679102][ T4386] BTRFS info (device loop2): setting nodatasum [ 90.687526][ T4386] BTRFS info (device loop2): using free space tree [ 90.694398][ T4386] BTRFS info (device loop2): has skinny extents [ 90.714781][ T4400] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.37: invalid indirect mapped block 12 (level 1) [ 90.760502][ T4400] EXT4-fs (loop4): Remounting filesystem read-only [ 90.783930][ T4400] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.37: invalid indirect mapped block 2 (level 2) [ 90.798807][ T4400] EXT4-fs (loop4): Remounting filesystem read-only [ 90.807162][ T4400] EXT4-fs (loop4): 1 truncate cleaned up [ 90.813117][ T4400] EXT4-fs (loop4): mounted filesystem without journal. Opts: noinit_itable,jqfmt=vfsv1,noload,errors=remount-ro,abort. Quota mode: none. [ 91.480739][ T1107] vhci_hcd: vhci_device speed not set [ 91.844855][ T4386] BTRFS info (device loop2): enabling ssd optimizations [ 91.949964][ T7] cfg80211: failed to load regulatory.db [ 91.994895][ T4427] loop0: detected capacity change from 0 to 8192 [ 92.053338][ T26] audit: type=1326 audit(1747446850.704:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 92.192559][ T26] audit: type=1326 audit(1747446850.754:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 92.372681][ T26] audit: type=1326 audit(1747446850.754:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 92.465532][ T4454] process 'syz.3.49' launched '/dev/fd/6' with NULL argv: empty string added [ 92.505867][ T26] audit: type=1326 audit(1747446850.754:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 92.583284][ T26] audit: type=1326 audit(1747446850.754:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 92.731498][ T26] audit: type=1326 audit(1747446850.754:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 92.933227][ T26] audit: type=1326 audit(1747446850.754:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 92.987266][ T26] audit: type=1326 audit(1747446850.764:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 93.074105][ T26] audit: type=1326 audit(1747446850.774:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4446 comm="syz.3.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 94.272915][ T4427] loop0: detected capacity change from 0 to 32768 [ 94.458834][ T4477] overlayfs: failed to clone upperpath [ 94.959414][ T4490] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 95.624107][ T4492] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 96.927651][ T4499] device syzkaller1 entered promiscuous mode [ 96.947870][ T4507] netlink: 12 bytes leftover after parsing attributes in process `syz.3.64'. [ 98.271959][ T4534] team0: No ports can be present during mode change [ 98.311374][ T4534] netlink: 4 bytes leftover after parsing attributes in process `syz.3.73'. [ 99.345518][ T4546] loop4: detected capacity change from 0 to 512 [ 100.050594][ T4546] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 100.351032][ T4546] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.530506][ T4556] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 100.558044][ T4556] CIFS mount error: No usable UNC path provided in device string! [ 100.558044][ T4556] [ 100.578043][ T4556] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 100.646614][ T26] audit: type=1800 audit(1747446859.284:11): pid=4546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.75" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 101.587880][ T26] audit: type=1800 audit(1747446859.324:12): pid=4557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.75" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 101.639192][ T4565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.81'. [ 102.710023][ T4577] netlink: 'syz.1.85': attribute type 11 has an invalid length. [ 102.805691][ T4581] loop1: detected capacity change from 0 to 1024 [ 103.070473][ T4587] netlink: 12 bytes leftover after parsing attributes in process `syz.4.84'. [ 103.213108][ T4582] netlink: 4 bytes leftover after parsing attributes in process `syz.3.86'. [ 103.320794][ T4585] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 103.389244][ T4585] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 103.398292][ T4585] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 103.412152][ T4585] device bridge_slave_0 left promiscuous mode [ 103.419428][ T4585] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.491856][ T4585] device bridge_slave_1 left promiscuous mode [ 103.500580][ T4585] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.579095][ T4585] bond0: (slave bond_slave_0): Releasing backup interface [ 103.821170][ T4585] bond0: (slave bond_slave_1): Releasing backup interface [ 104.047392][ T4585] team0: Port device team_slave_0 removed [ 104.063173][ T4585] team0: Port device team_slave_1 removed [ 104.071362][ T4585] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.083041][ T4585] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.165983][ T4585] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.200178][ T4585] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.231903][ T4588] netlink: 'syz.2.87': attribute type 10 has an invalid length. [ 104.272501][ T4588] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.314219][ T4596] loop4: detected capacity change from 0 to 4096 [ 104.323117][ T4588] team0: Port device bond0 added [ 104.350703][ T4589] netlink: 4 bytes leftover after parsing attributes in process `syz.2.87'. [ 104.368561][ T4596] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 104.449952][ T4600] EXT4-fs (loop4): shut down requested (1) [ 104.461343][ T26] audit: type=1326 audit(1747446863.054:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4595 comm="syz.4.90" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f93d11e2969 code=0x0 [ 105.200113][ T4589] team0 (unregistering): Port device bond0 removed [ 105.486545][ T4614] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 105.534948][ T4614] loop0: detected capacity change from 0 to 1024 [ 105.614512][ T4614] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,,errors=continue. Quota mode: none. [ 105.654070][ T26] audit: type=1800 audit(1747446864.304:14): pid=4614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.95" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 105.678967][ T4614] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.486658][ T4284] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 106.857287][ T4284] usb 3-1: New USB device found, idVendor=1b80, idProduct=e396, bcdDevice=a7.b1 [ 106.873877][ T4284] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.892545][ T4645] netlink: 4 bytes leftover after parsing attributes in process `syz.4.107'. [ 106.897437][ T4284] usb 3-1: config 0 descriptor?? [ 107.009176][ T4284] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 107.043628][ T4284] dvb_usb_af9015: probe of 3-1:0.0 failed with error -22 [ 108.041455][ T4659] 9pnet: Insufficient options for proto=fd [ 108.187075][ T4661] loop0: detected capacity change from 0 to 1024 [ 108.205532][ T4630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.99'. [ 108.218049][ T4661] hfsplus: unable to parse mount options [ 108.222543][ T4630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.99'. [ 108.266040][ T4630] device syz_tun entered promiscuous mode [ 108.283054][ T4630] device batadv_slave_1 entered promiscuous mode [ 108.303120][ T4657] netlink: 28 bytes leftover after parsing attributes in process `syz.2.99'. [ 108.318648][ T4657] netlink: 28 bytes leftover after parsing attributes in process `syz.2.99'. [ 108.396269][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready [ 108.486784][ T4670] netlink: 4 bytes leftover after parsing attributes in process `syz.3.114'. [ 108.503227][ T4458] usb 3-1: USB disconnect, device number 2 [ 112.304078][ T4707] loop0: detected capacity change from 0 to 32768 [ 112.324239][ T4707] XFS: noikeep mount option is deprecated. [ 112.387344][ T4707] XFS (loop0): Mounting V5 Filesystem [ 112.641368][ T4707] XFS (loop0): Ending clean mount [ 112.661849][ T4730] loop1: detected capacity change from 0 to 256 [ 112.684826][ T4707] XFS (loop0): Quotacheck needed: Please wait. [ 112.775152][ T4707] XFS (loop0): Quotacheck: Done. [ 112.794795][ T4716] loop4: detected capacity change from 0 to 32768 [ 112.992817][ T4730] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 113.256066][ T4730] exFAT-fs (loop1): hint_cluster is invalid (17) [ 113.346664][ T21] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 113.397633][ T4730] exFAT-fs (loop1): error, broken FAT chain. [ 113.415673][ T4730] exFAT-fs (loop1): Filesystem has been set read-only [ 113.448269][ T4739] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 113.449256][ T4730] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 8, err : -5) [ 113.454925][ T4739] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 113.503672][ T4739] vhci_hcd vhci_hcd.0: Device attached [ 113.513587][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.551177][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 8, err : -5) [ 113.561749][ T4173] XFS (loop0): Unmounting Filesystem [ 113.637029][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.645842][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 8, err : -5) [ 113.660146][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.680684][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 9, err : -5) [ 113.713146][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.736818][ T21] usb 5-1: config 0 has an invalid interface number: 219 but max is 0 [ 113.739519][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 10, err : -5) [ 113.745913][ T21] usb 5-1: config 0 has no interface number 0 [ 113.763461][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.789714][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 11, err : -5) [ 113.800277][ T13] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 113.815610][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.839901][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 12, err : -5) [ 113.854927][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.864334][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 13, err : -5) [ 113.877519][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.884024][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 14, err : -5) [ 113.907141][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.916844][ T4729] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805d4f8e60 iblock : 15, err : -5) [ 113.936741][ T4458] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 113.947027][ T21] usb 5-1: New USB device found, idVendor=0ab4, idProduct=0011, bcdDevice=fe.66 [ 113.957577][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 113.977184][ T21] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.985500][ T21] usb 5-1: Product: syz [ 113.994666][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.006692][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.016874][ T21] usb 5-1: Manufacturer: syz [ 114.021528][ T21] usb 5-1: SerialNumber: syz [ 114.036670][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.043132][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.050473][ T21] usb 5-1: config 0 descriptor?? [ 114.086553][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.087701][ T21] esd_usb2 5-1:0.219: sending version message failed [ 114.092985][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.110535][ T21] esd_usb2: probe of 5-1:0.219 failed with error -22 [ 114.120377][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.143206][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.152574][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.180513][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.186692][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.193251][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.199739][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.206195][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.212514][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.220033][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.226062][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.232307][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.238838][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.245244][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.269686][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.276220][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.296762][ T4458] usb 3-1: config 0 has no interfaces? [ 114.306558][ T4458] usb 3-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 114.322352][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.346156][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.352711][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.359267][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.365439][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.371937][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.378278][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.384735][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.392517][ T4458] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.394934][ T4749] netlink: 60 bytes leftover after parsing attributes in process `syz.3.137'. [ 114.412482][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.418606][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.425378][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 114.433532][ T4284] usb 5-1: USB disconnect, device number 2 [ 114.471130][ T4749] unsupported nlmsg_type 40 [ 114.920938][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.298638][ T4458] usb 3-1: config 0 descriptor?? [ 115.313340][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.321320][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.328037][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.334057][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.341494][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.349072][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.355528][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.361799][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.388810][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.395162][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.424511][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.431354][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.437690][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.444026][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.451170][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.458971][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.465519][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.472240][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.482191][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.489750][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.496688][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.503091][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.509687][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.509916][ T4753] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 115.515882][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.536654][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.542850][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.549169][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.557338][ T4729] exFAT-fs (loop1): error, broken FAT chain. [ 115.647496][ T4458] usb 3-1: USB disconnect, device number 3 [ 115.657321][ T4740] vhci_hcd: connection closed [ 115.660821][ T4379] vhci_hcd: stop threads [ 115.691984][ T4379] vhci_hcd: release socket [ 115.715206][ T4379] vhci_hcd: disconnect device [ 117.133478][ T4766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.144'. [ 117.445276][ T4781] loop0: detected capacity change from 0 to 1024 [ 118.572393][ T4781] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5 [ 118.572393][ T4781] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 118.572393][ T4781] [ 118.668287][ T4781] EXT4-fs (loop0): mounted filesystem without journal. Opts: noacl,,errors=continue. Quota mode: writeback. [ 118.821139][ T4801] capability: warning: `syz.1.154' uses 32-bit capabilities (legacy support in use) [ 119.125307][ T4810] loop4: detected capacity change from 0 to 2048 [ 119.146666][ T4458] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 119.269518][ T4265] loop4: p1 < > p3 [ 119.307308][ T4265] loop4: p3 size 134217728 extends beyond EOD, truncated [ 120.145281][ T4810] loop4: p1 < > p3 [ 120.152207][ T4810] loop4: p3 size 134217728 extends beyond EOD, truncated [ 120.359210][ T4458] usb 2-1: config 9 has an invalid interface number: 32 but max is 0 [ 120.373646][ T4458] usb 2-1: config 9 has no interface number 0 [ 120.388729][ T4458] usb 2-1: config 9 interface 32 altsetting 9 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 120.533747][ T4458] usb 2-1: config 9 interface 32 altsetting 9 bulk endpoint 0x2 has invalid maxpacket 1024 [ 120.544986][ T4458] usb 2-1: config 9 interface 32 has no altsetting 0 [ 120.599227][ T4265] udevd[4265]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 121.077410][ T4458] usb 2-1: New USB device found, idVendor=0421, idProduct=01d0, bcdDevice=44.b3 [ 121.402799][ T13] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 121.514616][ T4458] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.522952][ T4458] usb 2-1: Product: syz [ 121.527208][ T4458] usb 2-1: Manufacturer: syz [ 121.531895][ T4458] usb 2-1: SerialNumber: syz [ 121.557358][ T4801] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 121.558815][ T4359] udevd[4359]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 121.584094][ T4179] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 121.595060][ T4841] loop4: detected capacity change from 0 to 1024 [ 121.627011][ T4179] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 121.646761][ T13] usb 3-1: Using ep0 maxpacket: 16 [ 121.786688][ T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.802998][ T4841] EXT4-fs (loop4): Mount option "nodioread_nolock" incompatible with ext2 [ 121.819693][ T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.832082][ T13] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 121.845796][ T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.896114][ T4846] netlink: 4 bytes leftover after parsing attributes in process `syz.0.165'. [ 121.954274][ T4846] device  entered promiscuous mode [ 122.521737][ T13] usb 3-1: config 0 descriptor?? [ 122.605130][ T4458] usb 2-1: USB disconnect, device number 2 [ 122.616722][ T4848] loop1: detected capacity change from 0 to 64 [ 122.697670][ T4359] udevd[4359]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 123.228600][ T13] hid-multitouch 0003:1FD2:6007.0002: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0 [ 123.314366][ T4855] udevd[4855]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 123.411872][ T4862] batman_adv: Cannot find parent device [ 123.424372][ T4845] fido_id[4845]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 123.429922][ T13] usb 3-1: USB disconnect, device number 4 [ 123.451891][ T4862] batman_adv: batadv0: Adding interface: ip6gretap1 [ 123.460316][ T4862] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.573992][ T4862] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active [ 123.665824][ T4866] overlayfs: upper fs needs to support d_type. [ 123.682850][ T4866] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 123.691127][ T4866] overlayfs: failed to set xattr on upper [ 123.697655][ T4866] overlayfs: ...falling back to index=off,metacopy=off. [ 123.966620][ T4863] netlink: 4 bytes leftover after parsing attributes in process `syz.3.170'. [ 124.022111][ T4864] fido_id[4864]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 124.048554][ T4171] Trying to free block not in datazone [ 124.729121][ T4875] loop1: detected capacity change from 0 to 2048 [ 124.814162][ T4875] loop1: p1 < > p3 [ 124.847613][ T4875] loop1: p3 size 134217728 extends beyond EOD, truncated [ 126.550115][ T4897] netlink: 24 bytes leftover after parsing attributes in process `syz.4.181'. [ 126.573601][ T4896] loop0: detected capacity change from 0 to 128 [ 126.661697][ T4896] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 126.955635][ T26] audit: type=1326 audit(1747446885.604:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.0.178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2f1c052969 code=0x0 [ 127.457034][ T4921] input: syz1 as /devices/virtual/input/input5 [ 127.592274][ T4919] overlayfs: failed to clone upperpath [ 131.396500][ T4977] loop2: detected capacity change from 0 to 512 [ 131.591367][ T4977] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #2: comm syz.2.205: corrupted xattr block 255 [ 131.617585][ T4977] EXT4-fs (loop2): Remounting filesystem read-only [ 131.725963][ T4977] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 131.772514][ T4977] EXT4-fs (loop2): mounted filesystem without journal. Opts: data_err=abort,nolazytime,errors=remount-ro,nombcache,auto_da_alloc,grpjquota=.nouid32,barrier=0x0000000000000007,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 132.032404][ T4977] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #2: comm syz.2.205: corrupted xattr block 255 [ 132.375971][ T4977] EXT4-fs (loop2): Remounting filesystem read-only [ 133.033196][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.045157][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.552889][ T4982] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 255: padding at end of block bitmap is not set [ 133.599873][ T4982] EXT4-fs (loop2): Remounting filesystem read-only [ 134.448874][ T4998] serio: Serial port ptm0 [ 135.373213][ T4939] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.457538][ T4939] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.675502][ T4939] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.685925][ T4939] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.702839][ T4939] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.712443][ T4939] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.985209][ T4939] syz.3.195 (4939) used greatest stack depth: 19744 bytes left [ 137.343462][ T5026] loop2: detected capacity change from 0 to 1764 [ 137.363750][ T5032] netlink: 60 bytes leftover after parsing attributes in process `syz.3.218'. [ 138.406728][ T5046] device netdevsim0 entered promiscuous mode [ 140.576492][ C1] sched: RT throttling activated [ 140.595555][ T5072] tipc: Started in network mode [ 140.601490][ T5072] tipc: Node identity 361c68dc7e93, cluster identity 4711 [ 140.617365][ T5072] tipc: Enabled bearer , priority 0 [ 140.792739][ T5072] syzkaller0: MTU too low for tipc bearer [ 140.840638][ T5072] tipc: Disabling bearer [ 140.852668][ T5078] netlink: 156 bytes leftover after parsing attributes in process `syz.0.235'. [ 140.905417][ T26] audit: type=1326 audit(1747446899.554:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.0.235" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2f1c052969 code=0x0 [ 141.152304][ T5088] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.160363][ T5088] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.204591][ T5088] device bridge_slave_1 left promiscuous mode [ 141.225937][ T5088] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.243905][ T5090] loop4: detected capacity change from 0 to 736 [ 141.247372][ T5088] device bridge_slave_0 left promiscuous mode [ 141.261234][ T5088] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.584893][ T5099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.240'. [ 141.995975][ T5112] loop1: detected capacity change from 0 to 1024 [ 142.061723][ T5112] EXT4-fs (loop1): Mount option "noacl" will be removed by 3.5 [ 142.061723][ T5112] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 142.061723][ T5112] [ 142.094224][ T5117] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 142.133199][ T5112] EXT4-fs (loop1): mounted filesystem without journal. Opts: noacl,,errors=continue. Quota mode: writeback. [ 143.238113][ T5136] capability: warning: `syz.2.250' uses deprecated v2 capabilities in a way that may be insecure [ 147.570615][ T5172] overlayfs: conflicting lowerdir path [ 148.623329][ T5169] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 150.465636][ T5195] netlink: 52 bytes leftover after parsing attributes in process `syz.3.264'. [ 153.393623][ T26] audit: type=1804 audit(1747446912.044:17): pid=5217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.272" name="file1" dev="ramfs" ino=36044 res=1 errno=0 [ 153.716595][ T4179] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 156.129859][ T4179] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 156.142122][ T4179] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.150282][ T4179] usb 3-1: Product: syz [ 156.155753][ T4179] usb 3-1: Manufacturer: syz [ 156.160588][ T4179] usb 3-1: SerialNumber: syz [ 156.180583][ T4179] usb 3-1: config 0 descriptor?? [ 156.310829][ T26] audit: type=1326 audit(1747446914.964:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.347460][ T26] audit: type=1326 audit(1747446914.964:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.400129][ T26] audit: type=1326 audit(1747446914.994:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.459495][ T26] audit: type=1326 audit(1747446915.004:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.488706][ T26] audit: type=1326 audit(1747446915.044:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.528338][ T26] audit: type=1326 audit(1747446915.044:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.600333][ T4179] dvb_usb_rtl28xxu 3-1:0.0: chip type detection failed -71 [ 156.608078][ T4179] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71 [ 156.619927][ T4179] usb 3-1: USB disconnect, device number 5 [ 156.630846][ T26] audit: type=1326 audit(1747446915.044:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.678912][ T26] audit: type=1326 audit(1747446915.044:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 156.901536][ T26] audit: type=1326 audit(1747446915.044:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.4.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 157.820462][ T5269] device pim6reg1 entered promiscuous mode [ 159.288905][ T5275] overlayfs: failed to clone upperpath [ 160.299182][ T5286] loop1: detected capacity change from 0 to 512 [ 160.496854][ T5286] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 160.568215][ T5295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.299'. [ 160.581473][ T5286] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 160.646669][ T5302] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 160.646750][ T5286] EXT4-fs (loop1): 1 truncate cleaned up [ 160.818970][ T5286] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,nolazytime,noblock_validity,,errors=continue. Quota mode: none. [ 160.883548][ T5299] netlink: 'syz.0.301': attribute type 2 has an invalid length. [ 160.981437][ T5299] netlink: 'syz.0.301': attribute type 2 has an invalid length. [ 161.889050][ T5318] loop2: detected capacity change from 0 to 1024 [ 161.907083][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 161.907098][ T26] audit: type=1326 audit(1747446920.564:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 161.936146][ T26] audit: type=1326 audit(1747446920.584:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 162.017789][ T5321] netlink: 52 bytes leftover after parsing attributes in process `syz.4.304'. [ 162.046000][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 162.054820][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 162.072513][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 162.081455][ T5321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 162.136193][ T5321] device netdevsim0 left promiscuous mode [ 162.617649][ T26] audit: type=1326 audit(1747446920.584:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 162.774429][ T26] audit: type=1326 audit(1747446920.584:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 162.800710][ T26] audit: type=1326 audit(1747446920.584:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 162.831229][ T26] audit: type=1326 audit(1747446920.584:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 162.862579][ T26] audit: type=1326 audit(1747446920.584:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 162.913828][ T26] audit: type=1326 audit(1747446920.594:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 164.616392][ T26] audit: type=1326 audit(1747446921.294:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 164.653406][ T26] audit: type=1326 audit(1747446921.294:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.3.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8141846969 code=0x7ffc0000 [ 165.004188][ T5340] netlink: 24 bytes leftover after parsing attributes in process `syz.2.312'. [ 165.181979][ T4281] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.546238][ T4281] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.128237][ T5349] device netdevsim0 entered promiscuous mode [ 166.170942][ T5349] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 166.320511][ T4281] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.485659][ T4281] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.281486][ T5363] netlink: 'syz.3.324': attribute type 21 has an invalid length. [ 167.289429][ T5363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.324'. [ 167.405518][ T4281] tipc: Left network mode [ 167.442982][ T5367] loop2: detected capacity change from 0 to 512 [ 168.955471][ T5367] EXT4-fs (loop2): 1 orphan inode deleted [ 168.964304][ T5367] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 168.980043][ T5367] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 169.156619][ T13] Bluetooth: hci0: command 0x0409 tx timeout [ 169.374044][ T5402] netlink: 32 bytes leftover after parsing attributes in process `syz.3.330'. [ 169.459064][ T5360] chnl_net:caif_netlink_parms(): no params data found [ 169.741643][ T5360] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.757551][ T5360] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.766767][ T5360] device bridge_slave_0 entered promiscuous mode [ 169.776142][ T5360] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.791133][ T5360] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.803402][ T5360] device bridge_slave_1 entered promiscuous mode [ 169.854929][ T5360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.948586][ T5360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 170.668430][ T5360] team0: Port device team_slave_0 added [ 170.689989][ T5430] netlink: 'syz.2.337': attribute type 1 has an invalid length. [ 170.735073][ T5428] netlink: 'syz.0.335': attribute type 21 has an invalid length. [ 170.744668][ T5428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.335'. [ 170.757822][ T5360] team0: Port device team_slave_1 added [ 170.792135][ T5430] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 170.853852][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 170.861913][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.889150][ T5360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 170.908899][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 170.926342][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.976151][ T5360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.032278][ T5442] loop4: detected capacity change from 0 to 512 [ 171.110777][ T5430] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.119887][ T4381] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 171.142332][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 171.216627][ T4458] Bluetooth: hci0: command 0x041b tx timeout [ 171.375117][ T4383] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 171.957417][ T5442] EXT4-fs (loop4): 1 orphan inode deleted [ 171.963254][ T5442] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 171.992853][ T5360] device hsr_slave_0 entered promiscuous mode [ 172.004667][ T5442] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.188795][ T5360] device hsr_slave_1 entered promiscuous mode [ 172.199179][ T5360] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 172.209151][ T5360] Cannot create hsr debugfs directory [ 172.218153][ T5451] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 172.227476][ T5451] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 172.234984][ T5451] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 173.296828][ T4270] Bluetooth: hci0: command 0x040f tx timeout [ 174.462900][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 174.462916][ T26] audit: type=1804 audit(1747446933.104:46): pid=5476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.344" name="file1" dev="ramfs" ino=36969 res=1 errno=0 [ 175.133559][ T5481] fuse: Bad value for 'fd' [ 176.074014][ T4270] Bluetooth: hci0: command 0x0419 tx timeout [ 176.166942][ T5483] sctp: failed to load transform for md5: -2 [ 178.450131][ T5511] netlink: 24 bytes leftover after parsing attributes in process `syz.4.354'. [ 179.179331][ T4281] device hsr_slave_0 left promiscuous mode [ 179.513267][ T4281] device hsr_slave_1 left promiscuous mode [ 179.525017][ T4281] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 179.918693][ T4281] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.613312][ T5528] loop4: detected capacity change from 0 to 256 [ 180.655173][ T5528] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 180.679182][ T4281] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.709421][ T4281] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 180.740117][ T5528] exFAT-fs (loop4): hint_cluster is invalid (17) [ 180.807978][ T5528] exFAT-fs (loop4): error, broken FAT chain. [ 180.814298][ T5528] exFAT-fs (loop4): Filesystem has been set read-only [ 180.829116][ T5528] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 8, err : -5) [ 180.847774][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 180.854025][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 8, err : -5) [ 180.871580][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 180.879458][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 8, err : -5) [ 180.897199][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 180.903552][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 9, err : -5) [ 180.924714][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 180.932171][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 10, err : -5) [ 180.943666][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 180.952031][ T4281] device veth1_macvtap left promiscuous mode [ 180.961577][ T4281] device veth0_macvtap left promiscuous mode [ 180.971303][ T4281] device veth1_vlan left promiscuous mode [ 180.982418][ T4281] device veth0_vlan left promiscuous mode [ 180.991127][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 11, err : -5) [ 181.005464][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.012132][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 12, err : -5) [ 181.029660][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.036022][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 13, err : -5) [ 181.057910][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.065162][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 14, err : -5) [ 181.103359][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.163040][ T5523] exFAT-fs (loop4): error, failed to bmap (inode : ffff888074378e60 iblock : 15, err : -5) [ 181.163482][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.184014][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.184371][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.184858][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.185083][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.185229][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.185376][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.185608][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.185940][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.186224][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.197546][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.197814][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.198019][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.198240][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.198596][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.198717][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.198920][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.199066][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.199346][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.202126][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.202330][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.202503][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.202656][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.203282][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.203510][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.203710][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.203870][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.204869][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.223045][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.223606][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.223785][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.224016][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.224212][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.224467][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.224788][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.225151][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.225408][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.236657][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.236949][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.237214][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.237525][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.237701][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.237935][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.238055][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.238451][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.238734][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.240776][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.240954][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.241177][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.241400][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.241522][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.241908][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.242081][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.242233][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.242433][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.244683][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.245002][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.245349][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.245605][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.245759][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.246050][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.246372][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 181.272225][ T5523] exFAT-fs (loop4): error, broken FAT chain. [ 183.535358][ T4281] team0 (unregistering): Port device team_slave_1 removed [ 183.554254][ T4281] team0 (unregistering): Port device team_slave_0 removed [ 183.570021][ T4281] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 183.578323][ T5553] netlink: 8 bytes leftover after parsing attributes in process `syz.3.365'. [ 183.599287][ T4281] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 183.709287][ T5555] Cannot find add_set index 0 as target [ 183.991956][ T4281] bond0 (unregistering): Released all slaves [ 184.395955][ T5527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 184.505361][ T5360] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 184.628020][ T5360] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 184.825143][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 185.580475][ T5360] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 185.639920][ T5360] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 185.933311][ T5360] 8021q: adding VLAN 0 to HW filter on device bond0 [ 186.016771][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 186.050332][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 186.088033][ T5360] 8021q: adding VLAN 0 to HW filter on device team0 [ 186.124822][ T5593] kvm: vcpu 0: requested 1792 ns lapic timer period limited to 200000 ns [ 186.198630][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 186.225617][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 186.348194][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.355313][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 186.393975][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 186.871386][ T5606] loop2: detected capacity change from 0 to 1024 [ 187.064902][ T5360] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 187.075503][ T5360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 187.125071][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 187.143364][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 187.179605][ T5606] EXT4-fs (loop2): mounted filesystem without journal. Opts: acl,barrier,barrier=0x0000000000000000,sysvgroups,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none. [ 187.920583][ T5622] xt_CT: You must specify a L4 protocol and not use inversions on it [ 188.610618][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.618018][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.823584][ T5606] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.379: bg 0: block 88: padding at end of block bitmap is not set [ 188.894374][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 188.903526][ T5606] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2825: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 188.947741][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 188.972945][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 189.023835][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 189.062369][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 189.072447][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 189.086150][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 189.319353][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 189.344377][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.106603][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.116908][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.128280][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.023841][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 192.031832][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 192.081000][ T5360] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.388351][ T5674] netlink: 4 bytes leftover after parsing attributes in process `syz.4.390'. [ 194.359932][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.366396][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.490835][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 194.520918][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 194.592481][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 194.646877][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 194.707142][ T5360] device veth0_vlan entered promiscuous mode [ 194.717651][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 194.757671][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 194.795284][ T5360] device veth1_vlan entered promiscuous mode [ 194.892937][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 194.949677][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 194.970291][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 194.979356][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 195.014389][ T5360] device veth0_macvtap entered promiscuous mode [ 195.046658][ T5360] device veth1_macvtap entered promiscuous mode [ 195.519132][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 195.573192][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 195.670022][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.766498][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.966578][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.995178][ T5725] loop2: detected capacity change from 0 to 64 [ 196.576890][ T1107] Bluetooth: hci2: command 0x0406 tx timeout [ 196.582985][ T1107] Bluetooth: hci3: command 0x0406 tx timeout [ 196.590784][ T1107] Bluetooth: hci1: command 0x0406 tx timeout [ 196.597406][ T1107] Bluetooth: hci4: command 0x0406 tx timeout [ 196.645756][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.724110][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.910252][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 196.995411][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 197.250691][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.330388][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.340452][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.354507][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.383150][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.434085][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 197.451441][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 197.499884][ T5360] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.546509][ T5360] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.566369][ T5360] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.160383][ T5749] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 198.185109][ T5360] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.566952][ T4197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 199.685658][ T4197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 199.846223][ T4382] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 200.526906][ T4197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.613613][ T4197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.689751][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 200.737857][ T5772] netlink: 28 bytes leftover after parsing attributes in process `syz.4.413'. [ 200.769333][ T5772] netlink: 16 bytes leftover after parsing attributes in process `syz.4.413'. [ 202.894116][ T5792] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 204.267529][ T5807] overlayfs: failed to clone upperpath [ 206.329470][ T5846] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.430'. [ 206.339020][ T5846] openvswitch: netlink: Key type 2832 is out of range max 29 [ 208.407945][ T5830] loop5: detected capacity change from 0 to 32768 [ 209.194239][ T5830] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.427 (5830) [ 209.332496][ T5830] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 209.389891][ T5830] BTRFS info (device loop5): using free space tree [ 209.412542][ T5830] BTRFS info (device loop5): has skinny extents [ 209.721035][ T5830] BTRFS error (device loop5): open_ctree failed: -12 [ 210.427842][ T5929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.448'. [ 210.852224][ T5936] loop2: detected capacity change from 0 to 4096 [ 211.161836][ T5936] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 211.686588][ T5936] ntfs: (device loop2): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 211.779041][ T5947] netlink: 'syz.5.452': attribute type 20 has an invalid length. [ 211.787049][ T5947] netlink: 16 bytes leftover after parsing attributes in process `syz.5.452'. [ 211.866776][ T5936] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 212.191635][ T5936] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 212.893889][ T5936] ntfs: volume version 3.1. [ 215.283560][ T4174] ntfs: (device loop2): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 218.324412][ T6005] loop5: detected capacity change from 0 to 2048 [ 218.650145][ T6018] delete_channel: no stack [ 219.236814][ T6023] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 221.687230][ T6038] overlayfs: missing 'lowerdir' [ 221.895423][ T6051] netlink: 4 bytes leftover after parsing attributes in process `syz.4.478'. [ 221.973262][ T6051] device bond_slave_0 entered promiscuous mode [ 221.980026][ T6051] device bond_slave_1 entered promiscuous mode [ 221.997040][ T6051] device macvtap1 entered promiscuous mode [ 222.015026][ T6051] device bond0 entered promiscuous mode [ 222.488318][ T6051] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 223.270303][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap1: link becomes ready [ 223.350622][ T4197] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap1: link becomes ready [ 224.388441][ T6074] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 226.598582][ T6113] loop5: detected capacity change from 0 to 16 [ 226.842546][ T6118] device wg2 entered promiscuous mode [ 226.887891][ T6113] erofs: (device loop5): mounted with root inode @ nid 36. [ 226.992092][ T6120] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 227.002136][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 47 @ nid 36 [ 227.011421][ T6120] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 227.020856][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 46 @ nid 36 [ 227.030353][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 44 @ nid 36 [ 227.039879][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 43 @ nid 36 [ 227.049219][ T6120] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 227.058823][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 42 @ nid 36 [ 227.068759][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 41 @ nid 36 [ 227.078570][ T6120] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 227.088126][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 40 @ nid 36 [ 227.097425][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 39 @ nid 36 [ 227.106781][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 38 @ nid 36 [ 227.117233][ T6120] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 227.126821][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 31 @ nid 36 [ 227.136532][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 27 @ nid 36 [ 227.145910][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 26 @ nid 36 [ 227.155293][ T6120] erofs: (device loop5): z_erofs_map_blocks_iter: unknown type 3 @ offset 106495 of nid 36 [ 227.165524][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 25 @ nid 36 [ 227.175289][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 24 @ nid 36 [ 227.185518][ T6120] erofs: (device loop5): z_erofs_extent_lookback: unknown type 3 @ lcn 15 of nid 36 [ 227.195400][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 16 @ nid 36 [ 227.204916][ T6120] erofs: (device loop5): z_erofs_map_blocks_iter: unknown type 3 @ offset 65535 of nid 36 [ 227.215090][ T6120] erofs: (device loop5): z_erofs_readahead: readahead error at page 15 @ nid 36 [ 227.225103][ T6120] attempt to access beyond end of device [ 227.225103][ T6120] loop5: rw=524288, want=848, limit=16 [ 227.236828][ T6120] attempt to access beyond end of device [ 227.236828][ T6120] loop5: rw=524288, want=13478624104, limit=16 [ 227.250879][ T6120] attempt to access beyond end of device [ 227.250879][ T6120] loop5: rw=524288, want=13478624080, limit=16 [ 227.264393][ T6120] attempt to access beyond end of device [ 227.264393][ T6120] loop5: rw=524288, want=32, limit=16 [ 227.290702][ T4186] erofs: (device loop5): z_erofs_lz4_decompress: failed to decompress -29 in[58, 4038] out[2651] [ 228.997373][ T6140] device bridge0 entered promiscuous mode [ 229.157077][ T6140] device vlan0 entered promiscuous mode [ 232.371378][ T26] audit: type=1107 audit(1747446990.522:47): pid=6161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='1' [ 234.073796][ T6211] loop2: detected capacity change from 0 to 128 [ 234.187019][ T6211] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 234.634568][ T6211] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 239.963206][ T6265] loop2: detected capacity change from 0 to 2048 [ 240.186070][ T6265] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 248.630395][ T144] wlan1: Trigger new scan to find an IBSS to join [ 250.948144][ T6365] 9pnet: Insufficient options for proto=fd [ 251.992352][ T6378] Cannot find map_set index 0 as target [ 254.277683][ T144] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 255.796926][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.803297][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 269.747953][ T6528] netlink: 4 bytes leftover after parsing attributes in process `syz.5.589'. [ 269.850539][ T6528] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 270.555110][ T6536] xt_CT: No such helper "snmp_trap" [ 270.984487][ T6528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 271.282337][ T6555] netlink: 8 bytes leftover after parsing attributes in process `syz.0.594'. [ 271.655847][ T6559] xt_TPROXY: Can be used only with -p tcp or -p udp [ 273.928264][ T6583] xt_TPROXY: Can be used only with -p tcp or -p udp [ 278.548245][ T6612] loop2: detected capacity change from 0 to 128 [ 278.721574][ T6612] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 278.737255][ T6612] ext4 filesystem being mounted at /107/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 283.431056][ T6680] overlayfs: failed to clone upperpath [ 288.463778][ T6760] ODEBUG: Out of memory. ODEBUG disabled [ 295.284688][ T4459] Bluetooth: hci0: command 0x0406 tx timeout [ 296.817010][ T6831] overlayfs: failed to clone upperpath [ 297.755695][ T6845] loop5: detected capacity change from 0 to 128 [ 297.829706][ T6845] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 297.876495][ T6845] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 301.309838][ T6901] loop2: detected capacity change from 0 to 128 [ 301.507760][ T6901] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 301.617623][ T6901] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 303.857064][ T4382] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 305.735438][ T6922] loop2: detected capacity change from 0 to 512 [ 305.821938][ T6922] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 305.838609][ T6922] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.870690][ T26] audit: type=1800 audit(1747447064.522:48): pid=6922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.678" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 311.038417][ T6978] loop2: detected capacity change from 0 to 256 [ 311.045089][ T6974] loop5: detected capacity change from 0 to 256 [ 311.140225][ T6978] FAT-fs (loop2): Directory bread(block 64) failed [ 311.152393][ T6974] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 311.224706][ T6978] FAT-fs (loop2): Directory bread(block 65) failed [ 312.325647][ T6978] FAT-fs (loop2): Directory bread(block 66) failed [ 312.357025][ T6978] FAT-fs (loop2): Directory bread(block 67) failed [ 312.394304][ T6961] team0: Port device team_slave_1 removed [ 312.477020][ T6978] FAT-fs (loop2): Directory bread(block 68) failed [ 312.483611][ T6978] FAT-fs (loop2): Directory bread(block 69) failed [ 312.857089][ T6978] FAT-fs (loop2): Directory bread(block 70) failed [ 312.990860][ T6978] FAT-fs (loop2): Directory bread(block 71) failed [ 313.121706][ T6978] FAT-fs (loop2): Directory bread(block 72) failed [ 313.143835][ T6978] FAT-fs (loop2): Directory bread(block 73) failed [ 315.952250][ T7023] fuse: Bad value for 'fd' [ 316.084089][ T7030] binder: 7024:7030 ioctl 4018620d 0 returned -22 [ 317.524631][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.136520][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.370596][ T7056] overlayfs: failed to clone upperpath [ 320.616764][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.715'. [ 320.863953][ T7068] xt_nat: multiple ranges no longer supported [ 323.749379][ T7101] loop2: detected capacity change from 0 to 128 [ 324.008579][ T7108] atomic_op ffff888079cdb998 conn xmit_atomic 0000000000000000 [ 324.042717][ T7101] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 324.953867][ T7101] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 325.085246][ T7113] netlink: 8 bytes leftover after parsing attributes in process `syz.4.732'. [ 325.859101][ T7120] overlayfs: failed to clone upperpath [ 327.063305][ T7127] loop5: detected capacity change from 0 to 128 [ 327.255240][ T7127] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 327.314137][ T7127] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 329.736966][ T7148] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 330.714398][ T4281] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 334.854107][ T7186] netlink: 8 bytes leftover after parsing attributes in process `syz.2.749'. [ 341.166701][ T7221] netlink: 44 bytes leftover after parsing attributes in process `syz.4.762'. [ 342.730515][ T7243] loop5: detected capacity change from 0 to 128 [ 342.795088][ T7244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.767'. [ 342.827683][ T7243] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 342.862686][ T7243] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 344.128569][ T4289] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 349.116985][ T7301] netlink: 40 bytes leftover after parsing attributes in process `syz.5.773'. [ 349.253248][ T7301] loop5: detected capacity change from 0 to 512 [ 349.519512][ T7301] EXT4-fs (loop5): Ignoring removed bh option [ 349.537187][ T7301] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 349.579340][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.3.782'. [ 349.587524][ T7301] EXT4-fs (loop5): 1 truncate cleaned up [ 349.595246][ T7301] EXT4-fs (loop5): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000001,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none. [ 350.175517][ T7316] loop5: detected capacity change from 0 to 128 [ 351.157022][ T7316] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 351.421546][ T7316] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 352.467691][ T7333] loop2: detected capacity change from 0 to 512 [ 352.610279][ T7333] EXT4-fs (loop2): Ignoring removed bh option [ 352.645138][ T7333] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 352.863349][ T7333] EXT4-fs (loop2): 1 truncate cleaned up [ 352.869196][ T7333] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000001,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none. [ 355.072052][ T4234] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 355.451162][ T7357] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 355.470302][ T7355] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 355.479258][ T7355] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 355.558571][ T7357] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 355.906865][ T7374] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 357.909120][ T7393] netlink: 8 bytes leftover after parsing attributes in process `syz.4.808'. [ 358.014398][ T7386] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 359.031976][ T7386] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 360.603215][ T7419] loop5: detected capacity change from 0 to 128 [ 361.235633][ T7419] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 361.290217][ T7419] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 362.838408][ T7094] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 364.399540][ T7473] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.414408][ T7473] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.735800][ T26] audit: type=1804 audit(1747447124.168:49): pid=7465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.828" name="/file0" dev="rootfs" ino=42345 res=1 errno=0 [ 365.795955][ T7482] netlink: 'syz.4.831': attribute type 4 has an invalid length. [ 366.064728][ T7487] loop5: detected capacity change from 0 to 128 [ 366.916294][ T4459] Bluetooth: hci1: command 0x0406 tx timeout [ 367.619345][ T7487] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 367.881436][ T7487] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 368.766282][ T7520] netlink: 8 bytes leftover after parsing attributes in process `syz.2.840'. [ 369.298226][ T7514] netlink: 8 bytes leftover after parsing attributes in process `syz.4.839'. [ 373.738451][ T7547] loop5: detected capacity change from 0 to 128 [ 373.912667][ T7547] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 374.126774][ T7547] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 374.303820][ T7560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.854'. [ 375.406643][ T7565] netlink: 8 bytes leftover after parsing attributes in process `syz.2.853'. [ 375.799316][ T1261] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 379.589070][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.589255][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.711187][ T7603] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 381.750895][ T7603] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 384.527238][ T7603] siw: device registration error -19 [ 384.584784][ T7609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.867'. [ 384.678344][ T7616] loop2: detected capacity change from 0 to 128 [ 386.448670][ T7627] tipc: Started in network mode [ 386.453667][ T7627] tipc: Node identity fffffffb, cluster identity 4711 [ 386.460571][ T7627] tipc: Node number set to 4294967291 [ 386.944467][ T7616] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 387.034445][ T7616] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 387.870001][ T154] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 392.112745][ T7669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.882'. [ 392.900931][ T7674] overlayfs: missing 'lowerdir' [ 394.037398][ T7677] lo speed is unknown, defaulting to 1000 [ 394.044940][ T7677] lo speed is unknown, defaulting to 1000 [ 394.062943][ T7677] lo speed is unknown, defaulting to 1000 [ 394.308112][ T7677] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 394.593310][ T7677] lo speed is unknown, defaulting to 1000 [ 394.600938][ T7677] lo speed is unknown, defaulting to 1000 [ 394.607868][ T7677] lo speed is unknown, defaulting to 1000 [ 394.615431][ T7677] lo speed is unknown, defaulting to 1000 [ 394.622309][ T7677] lo speed is unknown, defaulting to 1000 [ 394.802098][ T26] audit: type=1326 audit(1747447153.458:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7681 comm="syz.4.887" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f93d11e2969 code=0x0 [ 397.064410][ T7707] overlayfs: failed to clone upperpath [ 398.709340][ T7720] netlink: 96 bytes leftover after parsing attributes in process `syz.2.892'. [ 400.484263][ T7734] netlink: 'syz.2.899': attribute type 10 has an invalid length. [ 401.475899][ T7748] overlayfs: failed to clone upperpath [ 402.288062][ T7734] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 402.809260][ T7766] loop5: detected capacity change from 0 to 128 [ 403.031950][ T7766] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 403.068761][ T7766] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 405.107899][ T7734] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 405.119590][ T7094] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 406.561028][ T7801] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 406.784006][ T7804] loop2: detected capacity change from 0 to 128 [ 406.799367][ T7804] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 406.844500][ T7804] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 408.773895][ T7827] 9pnet_virtio: no channels available for device syz [ 409.599959][ T7831] loop2: detected capacity change from 0 to 128 [ 409.682796][ T7832] tmpfs: Unknown parameter 'usrquota' [ 409.698806][ T7831] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 411.452179][ T7838] tipc: New replicast peer: 0.0.0.0 [ 411.458611][ T7838] tipc: Enabled bearer , priority 10 [ 411.495726][ T7831] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 412.257457][ T4382] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 412.776282][ T7859] netlink: 'syz.2.928': attribute type 21 has an invalid length. [ 412.899438][ T7859] loop2: detected capacity change from 0 to 512 [ 412.941901][ T7865] loop5: detected capacity change from 0 to 128 [ 413.019900][ T7865] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 413.101515][ T7859] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,sysvgroups,minixdf,. Quota mode: writeback. [ 413.192371][ T7865] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 413.321235][ T7859] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 413.360931][ T7868] batman_adv: batadv0: adding TT local entry 00:00:00:00:00:00 to non-existent VLAN 2048 [ 413.466659][ T7871] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 413.781137][ T26] audit: type=1800 audit(1747447172.438:51): pid=7859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.928" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 415.710471][ T7881] sctp: failed to load transform for md5: -2 [ 416.041034][ T7877] sctp: failed to load transform for md5: -2 [ 416.730425][ T7913] overlayfs: failed to clone upperpath [ 417.628903][ T7920] loop5: detected capacity change from 0 to 128 [ 417.642921][ T7920] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 417.795978][ T7920] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 422.609779][ T7945] loop5: detected capacity change from 0 to 128 [ 423.877904][ T7945] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 424.007738][ T7945] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 424.961361][ T26] audit: type=1804 audit(1747447183.618:52): pid=7964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.959" name="/file0" dev="rootfs" ino=42345 res=1 errno=0 [ 425.869327][ T7980] netlink: 16 bytes leftover after parsing attributes in process `syz.2.962'. [ 429.048404][ T8003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.969'. [ 429.265016][ T8008] loop2: detected capacity change from 0 to 128 [ 429.327905][ T8008] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 429.546700][ T8008] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 430.117624][ T7094] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 431.144283][ T8023] loop2: detected capacity change from 0 to 1024 [ 432.636322][ T8023] EXT4-fs (loop2): Ignoring removed orlov option [ 432.642946][ T8023] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 433.248845][ T8023] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 436.569812][ T8051] netlink: 8 bytes leftover after parsing attributes in process `syz.5.981'. [ 439.166611][ T8077] device macsec0 entered promiscuous mode [ 440.469070][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.475611][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.710754][ T8090] loop5: detected capacity change from 0 to 512 [ 440.778789][ T8089] netlink: 8 bytes leftover after parsing attributes in process `syz.2.993'. [ 440.855280][ T8090] EXT4-fs (loop5): inodes count not valid: 32769 vs 32 [ 441.308787][ T8100] 9pnet: p9_errstr2errno: server reported unknown error @ [ 445.588788][ T8119] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1000'. [ 447.264438][ T26] audit: type=1326 audit(1747447205.918:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.0.1001" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2f1c052969 code=0x0 [ 448.775849][ T8137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1005'. [ 448.792690][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1007'. [ 449.416741][ T8156] x_tables: ip_tables: osf match: only valid for protocol 6 [ 454.975490][ T8198] IPVS: set_ctl: invalid protocol: 22 0.0.0.0:20000 [ 456.834529][ T8209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1020'. [ 459.866045][ T8246] overlayfs: failed to clone upperpath [ 463.734926][ T8267] block device autoloading is deprecated. It will be removed in Linux 5.19 [ 468.119591][ T8314] loop5: detected capacity change from 0 to 512 [ 468.195046][ T8314] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 469.265638][ T8314] EXT4-fs (loop5): 1 truncate cleaned up [ 469.466607][ T8314] EXT4-fs (loop5): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 471.029166][ T8352] ptrace attach of "./syz-executor exec"[5360] was attempted by ""[8352] [ 473.817120][ T8366] overlayfs: missing 'lowerdir' [ 475.114963][ T8383] overlayfs: failed to clone upperpath [ 477.020371][ T26] audit: type=1326 audit(1747447235.678:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.086941][ T26] audit: type=1326 audit(1747447235.698:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.239497][ T26] audit: type=1326 audit(1747447235.708:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.305035][ T26] audit: type=1326 audit(1747447235.708:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.802566][ T26] audit: type=1326 audit(1747447235.708:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.830434][ T26] audit: type=1326 audit(1747447235.708:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.856925][ T26] audit: type=1326 audit(1747447235.708:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.905008][ T26] audit: type=1326 audit(1747447235.708:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 477.938727][ T26] audit: type=1326 audit(1747447235.708:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 478.059967][ T26] audit: type=1326 audit(1747447235.708:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.2.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 478.251329][ T8438] fuse: Bad value for 'fd' [ 479.280905][ T8454] x_tables: ip_tables: TCPMSS target: only valid for protocol 6 [ 482.430720][ T8466] block device autoloading is deprecated. It will be removed in Linux 5.19 [ 482.674866][ T8471] loop5: detected capacity change from 0 to 128 [ 484.773952][ T8471] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities [ 484.789208][ T8488] netlink: 'syz.3.1081': attribute type 1 has an invalid length. [ 484.853933][ T8488] 8021q: adding VLAN 0 to HW filter on device bond1 [ 485.786509][ T8501] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1084'. [ 488.120361][ T8516] tipc: Started in network mode [ 488.125294][ T8516] tipc: Node identity 2007ff, cluster identity 4711 [ 488.132014][ T8516] tipc: Node number set to 2099199 [ 489.589558][ T8509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1088'. [ 489.664300][ T8524] loop5: detected capacity change from 0 to 128 [ 489.818170][ T8513] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 490.579356][ T8524] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 490.611322][ T8524] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 490.861923][ T8535] netlink: 'syz.4.1092': attribute type 1 has an invalid length. [ 491.195924][ T8538] xt_TCPMSS: Only works on TCP SYN packets [ 491.981261][ T8542] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1096'. [ 492.346351][ T2280] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 492.355499][ T2280] Bluetooth: hci0: Injecting HCI hardware error event [ 492.365876][ T4186] Bluetooth: hci0: hardware error 0x00 [ 492.783755][ T8557] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1100'. [ 495.129158][ T7094] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 495.410582][ T8588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1110'. [ 495.450235][ T8589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1108'. [ 495.460492][ T8589] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1108'. [ 499.391386][ T8629] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1121'. [ 501.539594][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.545945][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.965919][ T8645] loop5: detected capacity change from 0 to 1024 [ 503.308396][ T7094] hfsplus: b-tree write err: -5, ino 4 [ 503.580626][ T8649] device veth1_macvtap left promiscuous mode [ 503.586706][ T8649] device macsec0 entered promiscuous mode [ 503.598332][ T8649] device veth1_macvtap entered promiscuous mode [ 503.604768][ T8649] device macsec0 left promiscuous mode [ 503.615660][ T4186] Bluetooth: hci1: unknown advertising packet type: 0x63 [ 503.615753][ T4186] Bluetooth: hci1: Dropping invalid advertising data [ 503.677737][ T4186] Bluetooth: hci1: Malicious advertising data. [ 507.639302][ T8680] loop5: detected capacity change from 0 to 4096 [ 507.773280][ T8680] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512) [ 508.809182][ T8688] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1139'. [ 510.014977][ T8707] xt_CT: You must specify a L4 protocol and not use inversions on it [ 510.071626][ T8704] loop5: detected capacity change from 0 to 128 [ 510.450066][ T8704] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 510.766873][ T8704] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 513.217797][ T4289] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 513.404833][ T8744] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1153'. [ 513.963902][ T8749] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1155'. [ 514.869437][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 514.869453][ T26] audit: type=1326 audit(1747447273.528:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 514.919968][ T26] audit: type=1326 audit(1747447273.538:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 515.143734][ T26] audit: type=1326 audit(1747447273.538:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 515.195325][ T26] audit: type=1326 audit(1747447273.538:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 516.512960][ T26] audit: type=1326 audit(1747447273.538:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 516.643568][ T26] audit: type=1326 audit(1747447273.538:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 516.671296][ T26] audit: type=1326 audit(1747447273.538:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 516.706581][ T26] audit: type=1326 audit(1747447273.538:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f96d663b1d7 code=0x7ffc0000 [ 516.738469][ T8780] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1164'. [ 516.776092][ T26] audit: type=1326 audit(1747447273.538:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 517.756644][ T26] audit: type=1326 audit(1747447273.538:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d663c969 code=0x7ffc0000 [ 517.976936][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1167'. [ 518.046285][ T8793] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1168'. [ 518.162628][ T8798] ptrace attach of "./syz-executor exec"[4173] was attempted by "./syz-executor exec"[8798] [ 518.190211][ T8798] netlink: 'syz.0.1166': attribute type 62 has an invalid length. [ 520.334653][ T8824] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1175'. [ 522.206875][ T8838] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1181'. [ 522.267426][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1182'. [ 523.024660][ T8853] loop5: detected capacity change from 0 to 64 [ 524.065283][ T8862] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1188'. [ 525.415834][ T8887] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1195'. [ 525.618661][ T8880] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1194'. [ 525.823601][ T8894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1200'. [ 525.866151][ T8893] overlayfs: failed to clone upperpath [ 527.057526][ T8912] loop5: detected capacity change from 0 to 64 [ 527.080043][ T8912] hfs: unable to parse mount options [ 529.321157][ T8923] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1209'. [ 529.694183][ T8931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1211'. [ 529.751906][ T8933] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1212'. [ 531.036838][ T26] kauditd_printk_skb: 24 callbacks suppressed [ 531.036854][ T26] audit: type=1326 audit(1747447289.698:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 531.086728][ T8958] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1220'. [ 531.146492][ T26] audit: type=1326 audit(1747447289.698:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 532.104098][ T26] audit: type=1326 audit(1747447289.728:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 532.448285][ T8971] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.457289][ T8971] bridge0: port 2(bridge_slave_1) entered disabled state [ 534.022526][ T26] audit: type=1326 audit(1747447289.728:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 534.045570][ T26] audit: type=1326 audit(1747447289.728:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 534.078666][ T26] audit: type=1326 audit(1747447289.728:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f93d11e12d0 code=0x7ffc0000 [ 534.132167][ T26] audit: type=1326 audit(1747447289.728:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 534.165044][ T26] audit: type=1326 audit(1747447289.728:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 534.380533][ T26] audit: type=1326 audit(1747447289.728:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 534.416855][ T26] audit: type=1326 audit(1747447289.728:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 534.438420][ T8976] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1226'. [ 537.410270][ T26] audit: type=1326 audit(1747447289.728:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 537.571175][ T26] audit: type=1326 audit(1747447289.738:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 537.583372][ T8993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1229'. [ 537.598510][ T26] audit: type=1326 audit(1747447289.738:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 537.644349][ T26] audit: type=1326 audit(1747447289.738:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 537.966415][ T26] audit: type=1326 audit(1747447289.738:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 538.108361][ T26] audit: type=1326 audit(1747447289.738:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 538.132092][ T26] audit: type=1326 audit(1747447289.738:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 538.156264][ T26] audit: type=1326 audit(1747447289.758:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 538.157441][ T9005] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1233'. [ 538.226378][ T26] audit: type=1326 audit(1747447289.758:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 538.282379][ T26] audit: type=1326 audit(1747447289.758:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.4.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93d11e2969 code=0x7ffc0000 [ 541.351196][ T9048] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1243'. [ 541.984869][ T9050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1245'. [ 542.144036][ T9058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1248'. [ 543.060698][ T9068] loop5: detected capacity change from 0 to 128 [ 543.158645][ T9068] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 543.273864][ T9068] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 543.378102][ T9075] netlink: 'syz.4.1251': attribute type 21 has an invalid length. [ 543.386531][ T9075] netlink: 'syz.4.1251': attribute type 1 has an invalid length. [ 544.452702][ T9082] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1254'. [ 544.743399][ T9090] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1258'. [ 544.929261][ T9093] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1259'. [ 547.249654][ T9115] overlayfs: failed to clone upperpath [ 549.657409][ T9131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1268'. [ 549.761589][ T9134] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1269'. [ 550.180117][ T9138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1271'. [ 551.443947][ T9153] overlayfs: failed to clone upperpath [ 554.277279][ T9166] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1279'. [ 554.339309][ T9178] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1280'. [ 554.464135][ T9182] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1282'. [ 556.200426][ T9190] loop5: detected capacity change from 0 to 128 [ 556.401806][ T9190] FAT-fs (loop5): Unrecognized mount option "shortname=win9_I_Zx5" or missing value [ 560.150561][ T9219] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1294'. [ 560.224358][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1292'. [ 560.765256][ T9224] overlayfs: failed to clone upperpath [ 560.817188][ T9226] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1295'. [ 563.094381][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.128885][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.034181][ T9263] xt_CT: You must specify a L4 protocol and not use inversions on it [ 565.055333][ T9268] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1307'. [ 565.122836][ T9270] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'. [ 565.241731][ T9272] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1309'. [ 568.436472][ T9305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1321'. [ 568.527982][ T9303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1320'. [ 569.755658][ T9309] ALSA: mixer_oss: invalid OSS volume '' [ 570.397608][ T9330] 9pnet: Insufficient options for proto=fd [ 572.026720][ T9346] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1332'. [ 572.756990][ T9350] loop5: detected capacity change from 0 to 1024 [ 572.916033][ T9350] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 573.171221][ T9359] netlink: 'syz.5.1333': attribute type 10 has an invalid length. [ 573.424073][ T9359] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 573.485262][ T9359] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 573.502526][ T9360] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1335'. [ 574.719758][ T9387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1342'. [ 574.934659][ T9386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1344'. [ 577.076801][ T9403] tipc: Started in network mode [ 577.082563][ T9403] tipc: Node identity fffffffb, cluster identity 4711 [ 577.089604][ T9403] tipc: Node number set to 4294967291 [ 577.560090][ T9409] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1350'. [ 579.243669][ T9422] mmap: syz.4.1354 (9422) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 580.442079][ T9430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1357'. [ 580.915633][ T9428] IPv6: Can't replace route, no match found [ 583.739128][ T9460] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1365'. [ 585.693770][ T9476] overlayfs: missing 'lowerdir' [ 587.483127][ T9492] fuse: Bad value for 'fd' [ 589.733644][ T9507] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1377'. [ 591.069158][ T9531] loop5: detected capacity change from 0 to 128 [ 591.137765][ T9531] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 591.200762][ T9531] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 592.829116][ T4283] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 598.000586][ T9570] overlayfs: failed to clone upperpath [ 598.606955][ T9578] tmpfs: Unknown parameter 'usrquota' [ 603.785349][ T9625] tmpfs: Unknown parameter 'usrquota' [ 613.439096][ T9675] loop5: detected capacity change from 0 to 8 [ 613.491177][ T9672] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1425'. [ 613.519082][ T9675] SQUASHFS error: xz decompression failed, data probably corrupt [ 614.722639][ T9675] SQUASHFS error: Failed to read block 0x108: -5 [ 614.786361][ T9675] SQUASHFS error: Unable to read metadata cache entry [106] [ 614.826663][ T9675] SQUASHFS error: Unable to read inode 0x11f [ 616.257240][ T9693] loop5: detected capacity change from 0 to 128 [ 616.890682][ T9693] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 617.187201][ T9693] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 619.129498][ T9723] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1440'. [ 621.088090][ T4281] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 621.735356][ T9743] loop5: detected capacity change from 0 to 256 [ 622.011798][ T9743] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 622.013150][ T9743] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 622.225948][ T26] kauditd_printk_skb: 19 callbacks suppressed [ 622.226058][ T26] audit: type=1800 audit(1747447380.778:140): pid=9743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1443" name="file2" dev="loop5" ino=1048628 res=0 errno=0 [ 623.675288][ T9766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1451'. [ 625.090407][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.096797][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.169178][ T9785] loop5: detected capacity change from 0 to 8 [ 627.268152][ T9785] SQUASHFS error: xz decompression failed, data probably corrupt [ 627.275970][ T9785] SQUASHFS error: Failed to read block 0x108: -5 [ 627.313323][ T9785] SQUASHFS error: Unable to read metadata cache entry [106] [ 627.343615][ T9785] SQUASHFS error: Unable to read inode 0x11f [ 628.441521][ T9795] loop5: detected capacity change from 0 to 512 [ 628.481160][ T9797] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1461'. [ 628.611155][ T9795] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 628.833905][ T9795] EXT4-fs (loop5): 1 truncate cleaned up [ 628.902754][ T9795] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 630.795588][ T9818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1465'. [ 632.397633][ T9835] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1472'. [ 632.931752][ T9845] binder: 9840:9845 ioctl c0306201 0 returned -14 [ 633.795357][ T9849] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1477'. [ 633.834932][ T9853] loop5: detected capacity change from 0 to 512 [ 633.838609][ T9851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1478'. [ 633.891573][ T9853] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 633.959807][ T9853] EXT4-fs (loop5): 1 truncate cleaned up [ 633.993228][ T9853] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 636.634923][ T9875] loop5: detected capacity change from 0 to 128 [ 636.653172][ T9876] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1485'. [ 636.720675][ T9875] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 636.751476][ T9875] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 637.865349][ T9890] 9pnet: p9_errstr2errno: server reported unknown error @ [ 638.615382][ T9897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 638.666048][ T9898] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1491'. [ 638.981721][ T9906] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1504'. [ 640.763073][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1496'. [ 640.830945][ T9921] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1506'. [ 643.407740][ T9945] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1503'. [ 645.282403][ T9965] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1512'. [ 645.411679][ T9967] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1513'. [ 649.121026][ T9987] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1518'. [ 649.671308][ T9999] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1524'. [ 649.771247][T10001] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1525'. [ 652.228962][ C0] ------------[ cut here ]------------ [ 652.234565][ C0] WARNING: CPU: 0 PID: 10013 at net/mac80211/tx.c:4851 __ieee80211_beacon_get+0x172c/0x1f80 [ 652.244771][ C0] Modules linked in: [ 652.248733][ C0] CPU: 0 PID: 10013 Comm: syz.5.1527 Not tainted 5.15.182-syzkaller #0 [ 652.257034][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 652.267289][ C0] RIP: 0010:__ieee80211_beacon_get+0x172c/0x1f80 [ 652.273665][ C0] Code: f8 0f 0b e9 f1 fa ff ff e8 91 50 42 f8 0f 0b 4c 8b 74 24 08 e9 36 fe ff ff e8 80 50 42 f8 0f 0b e9 3c ef ff ff e8 74 50 42 f8 <0f> 0b e9 b8 f2 ff ff e8 58 bf 6b 00 44 89 e1 80 e1 07 80 c1 03 38 [ 652.293468][ C0] RSP: 0018:ffffc900000078c0 EFLAGS: 00010246 [ 652.299611][ C0] RAX: ffffffff89356d9c RBX: ffff88807ecfcc80 RCX: ffff88807c9c3b80 [ 652.307643][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 652.316045][ C0] RBP: ffffc90000007ae8 R08: ffff88807c9c3b80 R09: 0000000000000003 [ 652.324178][ C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff8880273a2600 [ 652.332253][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff92000000f28 [ 652.340332][ C0] FS: 00007f69e97286c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 652.349458][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 652.356076][ C0] CR2: 00007f69e9707d58 CR3: 000000007a10c000 CR4: 00000000003506f0 [ 652.364117][ C0] Call Trace: [ 652.367449][ C0] [ 652.370341][ C0] ? ieee80211_beacon_get_template+0x30/0x30 [ 652.376378][ C0] ? verify_lock_unused+0x140/0x140 [ 652.381618][ C0] ? __lock_acquire+0x13ad/0x7c60 [ 652.386728][ C0] ieee80211_beacon_get_tim+0x48/0x840 [ 652.392226][ C0] mac80211_hwsim_beacon_tx+0xf4/0x920 [ 652.397815][ C0] __iterate_interfaces+0x243/0x500 [ 652.403051][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 652.409392][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 652.415758][ C0] ieee80211_iterate_active_interfaces_atomic+0xb3/0x140 [ 652.422880][ C0] mac80211_hwsim_beacon+0x9b/0x180 [ 652.428153][ C0] __hrtimer_run_queues+0x53d/0xc40 [ 652.433389][ C0] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 652.439441][ C0] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 652.445636][ C0] ? hw_scan_work+0xeb0/0xeb0 [ 652.450408][ C0] ? hrtimer_interrupt+0x8d0/0x8d0 [ 652.455582][ C0] hrtimer_run_softirq+0x176/0x240 [ 652.461074][ C0] handle_softirqs+0x328/0x820 [ 652.465882][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 652.470792][ C0] ? do_softirq+0x200/0x200 [ 652.475329][ C0] ? irqtime_account_irq+0xb2/0x1b0 [ 652.480590][ C0] __irq_exit_rcu+0x12f/0x220 [ 652.485293][ C0] ? irq_exit_rcu+0x20/0x20 [ 652.489867][ C0] irq_exit_rcu+0x5/0x20 [ 652.494142][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 652.499829][ C0] [ 652.502780][ C0] [ 652.505726][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 652.511933][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100 [ 652.518493][ C0] Code: 74 05 e8 ee 4f d3 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 c6 cf a6 f7 65 8b 05 67 e3 57 76 85 c0 74 3c 48 c7 04 24 0e 36 [ 652.538253][ C0] RSP: 0018:ffffc90002e4f5e0 EFLAGS: 00000206 [ 652.544368][ C0] RAX: 973f4dc94bf71500 RBX: 0000000000000a02 RCX: 973f4dc94bf71500 [ 652.552392][ C0] RDX: dffffc0000000000 RSI: ffffffff8a0b0fc0 RDI: 0000000000000001 [ 652.560427][ C0] RBP: ffffc90002e4f678 R08: dffffc0000000000 R09: fffffbfff1ff342f [ 652.568450][ C0] R10: fffffbfff1ff342f R11: 1ffffffff1ff342e R12: dffffc0000000000 [ 652.576468][ C0] R13: 1ffff11005936044 R14: ffff88802c9b01c8 R15: 1ffff920005c9ebc [ 652.584487][ C0] ? _raw_spin_unlock+0x40/0x40 [ 652.589585][ C0] __skb_try_recv_datagram+0x179/0x4d0 [ 652.595079][ C0] ? sock_load_diag_module+0x130/0x130 [ 652.600690][ C0] __unix_dgram_recvmsg+0x2d3/0xd50 [ 652.605940][ C0] ? unix_unhash+0x10/0x10 [ 652.610412][ C0] ? unix_dgram_sendmsg+0x1890/0x1890 [ 652.615809][ C0] ? mark_lock+0x94/0x320 [ 652.620193][ C0] ? unix_dgram_recvmsg+0xb2/0xd0 [ 652.625281][ C0] ? unix_dgram_sendmsg+0x1890/0x1890 [ 652.630713][ C0] ____sys_recvmsg+0x291/0x580 [ 652.635594][ C0] ? __sys_recvmsg_sock+0x40/0x40 [ 652.640690][ C0] ? import_iovec+0x6f/0xa0 [ 652.645225][ C0] ___sys_recvmsg+0x1af/0x4f0 [ 652.649962][ C0] ? __sys_recvmsg+0x250/0x250 [ 652.654772][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 652.659866][ C0] ? __might_fault+0xb3/0x110 [ 652.664599][ C0] do_recvmmsg+0x344/0x7a0 [ 652.669076][ C0] ? __sys_recvmmsg+0x280/0x280 [ 652.673966][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 652.679323][ C0] __x64_sys_recvmmsg+0x18d/0x240 [ 652.684381][ C0] ? do_recvmmsg+0x7a0/0x7a0 [ 652.689024][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 652.694336][ C0] do_syscall_64+0x4c/0xa0 [ 652.698816][ C0] ? clear_bhb_loop+0x15/0x70 [ 652.703526][ C0] ? clear_bhb_loop+0x15/0x70 [ 652.708273][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 652.714196][ C0] RIP: 0033:0x7f69eb8e1969 [ 652.718671][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.738327][ C0] RSP: 002b:00007f69e9728038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 652.746794][ C0] RAX: ffffffffffffffda RBX: 00007f69ebb09080 RCX: 00007f69eb8e1969 [ 652.754785][ C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 652.762801][ C0] RBP: 00007f69eb963ab1 R08: 0000000000000000 R09: 0000000000000000 [ 652.770813][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 652.778833][ C0] R13: 0000000000000001 R14: 00007f69ebb09080 R15: 00007ffe7b94f3c8 [ 652.786864][ C0] [ 652.789913][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 652.797480][ C0] CPU: 0 PID: 10013 Comm: syz.5.1527 Not tainted 5.15.182-syzkaller #0 [ 652.805741][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 652.816091][ C0] Call Trace: [ 652.819388][ C0] [ 652.822249][ C0] dump_stack_lvl+0x168/0x230 [ 652.826960][ C0] ? show_regs_print_info+0x20/0x20 [ 652.832294][ C0] ? load_image+0x3b0/0x3b0 [ 652.836828][ C0] panic+0x2c9/0x7f0 [ 652.840752][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 652.845292][ C0] ? __ieee80211_beacon_get+0x172c/0x1f80 [ 652.851040][ C0] __warn+0x248/0x2b0 [ 652.855136][ C0] ? __ieee80211_beacon_get+0x172c/0x1f80 [ 652.860878][ C0] report_bug+0x1b7/0x2e0 [ 652.865241][ C0] handle_bug+0x3a/0x70 [ 652.869416][ C0] exc_invalid_op+0x16/0x40 [ 652.873949][ C0] asm_exc_invalid_op+0x16/0x20 [ 652.878817][ C0] RIP: 0010:__ieee80211_beacon_get+0x172c/0x1f80 [ 652.885168][ C0] Code: f8 0f 0b e9 f1 fa ff ff e8 91 50 42 f8 0f 0b 4c 8b 74 24 08 e9 36 fe ff ff e8 80 50 42 f8 0f 0b e9 3c ef ff ff e8 74 50 42 f8 <0f> 0b e9 b8 f2 ff ff e8 58 bf 6b 00 44 89 e1 80 e1 07 80 c1 03 38 [ 652.904881][ C0] RSP: 0018:ffffc900000078c0 EFLAGS: 00010246 [ 652.911058][ C0] RAX: ffffffff89356d9c RBX: ffff88807ecfcc80 RCX: ffff88807c9c3b80 [ 652.919084][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 652.927070][ C0] RBP: ffffc90000007ae8 R08: ffff88807c9c3b80 R09: 0000000000000003 [ 652.935069][ C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff8880273a2600 [ 652.943055][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff92000000f28 [ 652.951058][ C0] ? __ieee80211_beacon_get+0x172c/0x1f80 [ 652.956830][ C0] ? ieee80211_beacon_get_template+0x30/0x30 [ 652.962838][ C0] ? verify_lock_unused+0x140/0x140 [ 652.968065][ C0] ? __lock_acquire+0x13ad/0x7c60 [ 652.973135][ C0] ieee80211_beacon_get_tim+0x48/0x840 [ 652.978634][ C0] mac80211_hwsim_beacon_tx+0xf4/0x920 [ 652.984119][ C0] __iterate_interfaces+0x243/0x500 [ 652.989335][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 652.995618][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 653.001886][ C0] ieee80211_iterate_active_interfaces_atomic+0xb3/0x140 [ 653.008938][ C0] mac80211_hwsim_beacon+0x9b/0x180 [ 653.014187][ C0] __hrtimer_run_queues+0x53d/0xc40 [ 653.019414][ C0] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 653.025411][ C0] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 653.031416][ C0] ? hw_scan_work+0xeb0/0xeb0 [ 653.036124][ C0] ? hrtimer_interrupt+0x8d0/0x8d0 [ 653.041263][ C0] hrtimer_run_softirq+0x176/0x240 [ 653.046407][ C0] handle_softirqs+0x328/0x820 [ 653.051311][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 653.056182][ C0] ? do_softirq+0x200/0x200 [ 653.060705][ C0] ? irqtime_account_irq+0xb2/0x1b0 [ 653.065922][ C0] __irq_exit_rcu+0x12f/0x220 [ 653.070701][ C0] ? irq_exit_rcu+0x20/0x20 [ 653.075231][ C0] irq_exit_rcu+0x5/0x20 [ 653.079491][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 653.085154][ C0] [ 653.088096][ C0] [ 653.091040][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 653.097134][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100 [ 653.103764][ C0] Code: 74 05 e8 ee 4f d3 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 c6 cf a6 f7 65 8b 05 67 e3 57 76 85 c0 74 3c 48 c7 04 24 0e 36 [ 653.123581][ C0] RSP: 0018:ffffc90002e4f5e0 EFLAGS: 00000206 [ 653.129675][ C0] RAX: 973f4dc94bf71500 RBX: 0000000000000a02 RCX: 973f4dc94bf71500 [ 653.137674][ C0] RDX: dffffc0000000000 RSI: ffffffff8a0b0fc0 RDI: 0000000000000001 [ 653.145662][ C0] RBP: ffffc90002e4f678 R08: dffffc0000000000 R09: fffffbfff1ff342f [ 653.153648][ C0] R10: fffffbfff1ff342f R11: 1ffffffff1ff342e R12: dffffc0000000000 [ 653.161636][ C0] R13: 1ffff11005936044 R14: ffff88802c9b01c8 R15: 1ffff920005c9ebc [ 653.169649][ C0] ? _raw_spin_unlock+0x40/0x40 [ 653.174546][ C0] __skb_try_recv_datagram+0x179/0x4d0 [ 653.180039][ C0] ? sock_load_diag_module+0x130/0x130 [ 653.185541][ C0] __unix_dgram_recvmsg+0x2d3/0xd50 [ 653.190873][ C0] ? unix_unhash+0x10/0x10 [ 653.195345][ C0] ? unix_dgram_sendmsg+0x1890/0x1890 [ 653.200753][ C0] ? mark_lock+0x94/0x320 [ 653.205117][ C0] ? unix_dgram_recvmsg+0xb2/0xd0 [ 653.210172][ C0] ? unix_dgram_sendmsg+0x1890/0x1890 [ 653.215585][ C0] ____sys_recvmsg+0x291/0x580 [ 653.220493][ C0] ? __sys_recvmsg_sock+0x40/0x40 [ 653.225649][ C0] ? import_iovec+0x6f/0xa0 [ 653.230189][ C0] ___sys_recvmsg+0x1af/0x4f0 [ 653.234996][ C0] ? __sys_recvmsg+0x250/0x250 [ 653.239818][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 653.245082][ C0] ? __might_fault+0xb3/0x110 [ 653.249794][ C0] do_recvmmsg+0x344/0x7a0 [ 653.255205][ C0] ? __sys_recvmmsg+0x280/0x280 [ 653.260223][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 653.265289][ C0] __x64_sys_recvmmsg+0x18d/0x240 [ 653.270348][ C0] ? do_recvmmsg+0x7a0/0x7a0 [ 653.274961][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 653.280184][ C0] do_syscall_64+0x4c/0xa0 [ 653.284622][ C0] ? clear_bhb_loop+0x15/0x70 [ 653.289322][ C0] ? clear_bhb_loop+0x15/0x70 [ 653.294046][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 653.299959][ C0] RIP: 0033:0x7f69eb8e1969 [ 653.304396][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.324017][ C0] RSP: 002b:00007f69e9728038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 653.332554][ C0] RAX: ffffffffffffffda RBX: 00007f69ebb09080 RCX: 00007f69eb8e1969 [ 653.340552][ C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 653.348545][ C0] RBP: 00007f69eb963ab1 R08: 0000000000000000 R09: 0000000000000000 [ 653.356532][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 653.364520][ C0] R13: 0000000000000001 R14: 00007f69ebb09080 R15: 00007ffe7b94f3c8 [ 653.372528][ C0] [ 653.375981][ C0] Kernel Offset: disabled [ 653.380320][ C0] Rebooting in 86400 seconds..